|
var-200701-0396
|
Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in (1) SWUTMP or (2) SUCATALOG filenames, or using the (3) application/x-apple.sucatalog+xml MIME type. (1) SWUTMP File name format string specifier (2) SUCATALOG File name format string specifier (3) application/x-apple.sucatalog+xml MIME Using types. Apple Software Update is prone to a format-string vulnerability.
This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function.
A successful attack may crash the application or possibly lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the user running the application. Apple Software Update is used to distribute patches to end users via the HTTP protocol.
----------------------------------------------------------------------
To improve our services to our customers, we have made a number of
additions to the Secunia Advisories and have started translating the
advisories to German.
The improvements will help our customers to get a better
understanding of how we reached our conclusions, how it was rated,
our thoughts on exploitation, attack vectors, and scenarios.
This includes:
* Reason for rating
* Extended description
* Extended solution
* Exploit code or links to exploit code
* Deep links
Read the full description:
http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information:
http://corporate.secunia.com/how_to_buy/15/?r=l
----------------------------------------------------------------------
TITLE:
Mac OS X Mach-O Universal Binary Memory Corruption
SECUNIA ADVISORY ID:
SA23088
VERIFY ADVISORY:
http://secunia.com/advisories/23088/
CRITICAL:
Less critical
IMPACT:
DoS, System access
WHERE:
Local system
OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/
DESCRIPTION:
LMH has reported a vulnerability in Mac OS X, which can be exploited
by malicious, local users to cause a DoS (Denial of Service) or
potentially gain escalated privileges.
The vulnerability is caused due to an error in the fatfile_getarch2()
function. This can be exploited to cause an integer overflow and may
potentially allow execution of arbitrary code with kernel privileges
via a specially crafted Mach-O Universal binary.
The vulnerability is reported in a fully patched Mac OS X
(2006-11-26). Other versions may also be affected.
SOLUTION:
Grant only trusted users access to affected systems.
PROVIDED AND/OR DISCOVERED BY:
LMH
ORIGINAL ADVISORY:
http://projects.info-pull.com/mokb/MOKB-26-11-2006.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-200602-0446
|
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. Apple Safari WebKit component is vulnerable to buffer overflow. Mac OS X of Web browser Safari Contains an arbitrary code execution vulnerability in its default configuration. Safari Now, in the default settings, Resource forks Refer to the file type defined in .If the file type is image / video / compressed file, "Safe" file Will be processed automatically. This allows for crafted files "Safe" file There is a possibility that arbitrary code execution may be executed as a result. Exploit code that exploits this vulnerability has already been published.A remote third party could execute arbitrary code with the privileges of the logged-in user. If a user is logged in with an account with administrator privileges, the resulting vulnerable system could be completely controlled. Commands would be executed in the context of the user opening the archive file.
Attackers can reportedly use Safari and Apple Mail as exploitation vectors for this vulnerability.
Mac OS X 10.4.5 is reported to be vulnerable. Earlier versions may also be affected. Apple Safari is a web browser bundled with the Apple operating system. There is an issue in Safari's handling of automatic opening of downloaded files.
TITLE:
Mac OS X KHTMLParser Denial of Service Weakness
SECUNIA ADVISORY ID:
SA18220
VERIFY ADVISORY:
http://secunia.com/advisories/18220/
CRITICAL:
Not critical
IMPACT:
DoS
WHERE:
>From remote
OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/
DESCRIPTION:
Tom Ferris has discovered a weakness in Mac OS X, which can be
exploited by malicious people to cause a DoS (Denial of Service).
The weakness is caused due to an error in the KHTMLParser when
parsing certain malformed HTML documents. This can be exploited to
crash an application that uses the parser via a specially crafted
HTML file. In certain cases, this may cause the system to become
unresponsive. Other applications that use the
parser may also be affected.
SOLUTION:
Do not open or follow links to HTML files from non-trusted sources.
PROVIDED AND/OR DISCOVERED BY:
Tom Ferris
ORIGINAL ADVISORY:
http://security-protocols.com/advisory/sp-x22-advisory.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-200511-0019
|
The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. Check Point Firewall-1 and VPN-1 are prone to denial of service attacks due to unspecified vulnerabilities in the IPSec implementation. The vulnerabilities may be triggered by malformed IKE traffic. Check Point is a network security product manufacturer.
TITLE:
Symantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of
Service
SECUNIA ADVISORY ID:
SA17684
VERIFY ADVISORY:
http://secunia.com/advisories/17684/
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
>From remote
OPERATING SYSTEM:
Symantec Gateway Security 400 Series
http://secunia.com/product/6175/
Symantec Gateway Security 300 Series
http://secunia.com/product/6176/
Symantec Gateway Security 3.x
http://secunia.com/product/6177/
Symantec Gateway Security 2.x
http://secunia.com/product/3104/
Symantec Gateway Security 1.x
http://secunia.com/product/876/
Symantec Firewall/VPN Appliance 100/200/200R
http://secunia.com/product/552/
SOFTWARE:
Symantec Enterprise Firewall (SEF) 8.x
http://secunia.com/product/3587/
DESCRIPTION:
Symantec has acknowledged a vulnerability in various Symantec
products, which can be exploited by malicious people to cause a DoS
(Denial of Service).
For more information:
SA17553
Successful exploitation causes a DoS of the dynamic VPN services.
The vulnerability has been reported in the following products.
* Symantec Enterprise Firewall version 8.0 (Windows)
* Symantec Enterprise Firewall version 8.0 (Solaris)
* Symantec Gateway Security 5000 Series version 3.0
* Symantec Gateway Security 5400 version 2.0.1
* Symantec Gateway Security 5310 version 1.0
* Symantec Gateway Security 5200/5300 version 1.0
* Symantec Gateway Security 5100
* Symantec Gateway Security 400 version 2.0
* Symantec Gateway Security 300 version 2.0
* Symantec Firewall /VPN Appliance 200/200R
* Symantec Firewall /VPN Appliance 100
SOLUTION:
Apply hotfixes.
Symantec Enterprise Firewall version 8.0 (Windows):
Apply SEF8.0-20051114-00.
http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html
Symantec Enterprise Firewall version 8.0 (Solaris):
Apply SEF8.0-20051114-00.
http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html
Symantec Gateway Security 5000 Series version 3.0:
Apply SGS3.0-2005114-02.
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html
Symantec Gateway Security 5400 version 2.0.1:
Apply SGS2.0.1-20051114-00.
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html
Symantec Gateway Security 5310 version 1.0:
Apply SG7004-20051114-00.
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html
Symantec Gateway Security 5200/5300 version 1.0:
Apply SG7004-20051114-00.
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html
Symantec Gateway Security 5100:
Apply SG7004-20051114-00.
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html
Symantec Gateway Security 400 version 2.0:
Update to build 1103.
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html
Symantec Gateway Security 300 version 2.0:
Update to build 1103.
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html
Symantec Firewall /VPN Appliance 200/200R:
Update to build 1.8F.
http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html
Symantec Firewall /VPN Appliance 100:
Update to build 1.8F.
http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html
ORIGINAL ADVISORY:
Symantec:
http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html
OTHER REFERENCES:
SA17553:
http://secunia.com/advisories/17553/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-202109-1368
|
A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. APPLE-SA-2021-07-21-7 Safari 14.1.2. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7
iOS 14.7 and iPadOS 14.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212601.
iOS 14.7 released July 19, 2021; iPadOS 14.7 released July 21, 2021
ActionKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A shortcut may be able to bypass Internet permission
requirements
Description: An input validation issue was addressed with improved
input validation.
CVE-2021-30763: Zachary Keffaber (@QuickUpdate5)
Audio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30781: tr3e
AVEVideoEncoder
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-30748: George Nosenko
CoreAudio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-30775: JunDong Xie of Ant Security Light-Year Lab
CoreAudio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Playing a malicious audio file may lead to an unexpected
application termination
Description: A logic issue was addressed with improved validation.
CVE-2021-30776: JunDong Xie of Ant Security Light-Year Lab
CoreGraphics
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A race condition was addressed with improved state
handling.
CVE-2021-30786: ryuzaki
CoreText
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-30789: Mickey Jin (@patch1t) of Trend Micro, Sunglin of
Knownsec 404 team
Crash Reporter
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to gain root privileges
Description: A logic issue was addressed with improved validation.
CVE-2021-30774: Yizhuo Wang of Group of Software Security In
Progress (G.O.S.S.I.P) at Shanghai Jiao Tong University
CVMS
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to gain root privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-30780: Tim Michaud(@TimGMichaud) of Zoom Video
Communications
dyld
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved validation.
CVE-2021-30768: Linus Henze (pinauten.de)
Find My
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to access Find My data
Description: A permissions issue was addressed with improved
validation.
CVE-2021-30804: Csaba Fitzl (@theevilbit) of Offensive Security
FontParser
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An integer overflow was addressed through improved input
validation.
CVE-2021-30760: Sunglin of Knownsec 404 team
FontParser
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted tiff file may lead to a
denial-of-service or potentially disclose memory contents
Description: This issue was addressed with improved checks.
CVE-2021-30788: tr3e working with Trend Micro Zero Day Initiative
FontParser
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A stack overflow was addressed with improved input
validation.
CVE-2021-30759: hjy79425575 working with Trend Micro Zero Day
Initiative
Identity Service
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to bypass code signing
checks
Description: An issue in code signature validation was addressed with
improved checks.
CVE-2021-30773: Linus Henze (pinauten.de)
Image Processing
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30802: Matthew Denton of Google Chrome Security
ImageIO
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-30779: Jzhu, Ye Zhang(@co0py_Cat) of Baidu Security
ImageIO
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2021-30785: CFF of Topsec Alpha Team, Mickey Jin (@patch1t) of
Trend Micro
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: A logic issue was addressed with improved state
management.
CVE-2021-30769: Linus Henze (pinauten.de)
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An attacker that has already achieved kernel code execution
may be able to bypass kernel memory mitigations
Description: A logic issue was addressed with improved validation.
CVE-2021-30770: Linus Henze (pinauten.de)
libxml2
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: This issue was addressed with improved checks.
CVE-2021-3518
Measure
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Multiple issues in libwebp
Description: Multiple issues were addressed by updating to version
1.2.0.
CVE-2018-25010
CVE-2018-25011
CVE-2018-25014
CVE-2020-36328
CVE-2020-36329
CVE-2020-36330
CVE-2020-36331
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A logic issue was addressed with improved validation.
CVE-2021-30796: Mickey Jin (@patch1t) of Trend Micro
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-30792: Anonymous working with Trend Micro Zero Day
Initiative
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted file may disclose user
information
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30791: Anonymous working with Trend Micro Zero Day
Initiative
TCC
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to bypass certain Privacy
preferences
Description: A logic issue was addressed with improved state
management.
CVE-2021-30798: Mickey Jin (@patch1t) of Trend Micro
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-30758: Christoph Guttandin of Media Codings
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30795: Sergei Glazunov of Google Project Zero
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to code
execution
Description: This issue was addressed with improved checks.
CVE-2021-30797: Ivan Fratric of Google Project Zero
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2021-30799: Sergei Glazunov of Google Project Zero
Wi-Fi
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Joining a malicious Wi-Fi network may result in a denial of
service or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30800: vm_call, Nozhdar Abdulkhaleq Shukri
Additional recognition
Assets
We would like to acknowledge Cees Elzinga for their assistance.
CoreText
We would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for
their assistance.
Safari
We would like to acknowledge an anonymous researcher for their
assistance.
Sandbox
We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive
Security for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About
* The version after applying this update will be "14.7"
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmD4r8YACgkQZcsbuWJ6
jjB5LBAAkEy25fNpo8rg42bsyJwWsSQQxPN79JFxQ6L8tqdsM+MZk86dUKtsRQ47
mxarMf4uBwiIOtrGSCGHLIxXAzLqPY47NDhO+ls0dVxGMETkoR/287AeLnw2ITh3
DM0H/pco4hRhPh8neYTMjNPMAgkepx+r7IqbaHWapn42nRC4/2VkEtVGltVDLs3L
K0UQP0cjy2w9KvRF33H3uKNCaCTJrVkDBLKWC7rPPpomwp3bfmbQHjs0ixV5Y8l5
3MfNmCuhIt34zAjVELvbE/PUXgkmsECbXHNZOct7ZLAbceneVKtSmynDtoEN0ajM
JiJ6j+FCtdfB3xHk3cHqB6sQZm7fDxdK3z91MZvSZwwmdhJeHD/TxcItRlHNOYA1
FSi0Q954DpIqz3Fs4DGE7Vwz0g5+o5qup8cnw9oLXBdqZwWANuLsQlHlioPbcDhl
r1DmwtghmDYFUeSMnzHu/iuRepEju+BRMS3ybCm5j+I3kyvAV8pyvqNNRLfJn+w+
Wl/lwXTtXbgsNPR7WJCBJffxB0gOGZaIG1blSGCY89t2if0vD95R5sRsrnaxuqWc
qmtRdBfbmjxk/G+6t1sd4wFglTNovHiLIHXh17cwdIWMB35yFs7VA35833/rF4Oo
jOF1D12o58uAewxAsK+cTixe7I9U5Awkad2Jz19V3qHnRWGqtVg\x8e1h
-----END PGP SIGNATURE-----
.
CVE-2021-30786: ryuzaki
CoreServices
Available for: macOS Big Sur
Impact: A malicious application may be able to gain root privileges
Description: This issue was addressed with improved checks.
CVE-2021-30766: Liu Long of Ant Security Light-Year Lab
CVE-2021-30765: Liu Long of Ant Security Light-Year Lab
IOKit
Available for: macOS Big Sur
Impact: A local attacker may be able to execute code on the Apple T2
Security Chip
Description: Multiple issues were addressed with improved logic.
CVE-2021-30793: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong
Lab
Kext Management
Available for: macOS Big Sur
Impact: A malicious application may be able to bypass Privacy
preferences
Description: This issue was addressed with improved entitlements. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: GNOME security, bug fix, and enhancement update
Advisory ID: RHSA-2021:4381-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:4381
Issue date: 2021-11-09
CVE Names: CVE-2020-13558 CVE-2020-24870 CVE-2020-27918
CVE-2020-29623 CVE-2020-36241 CVE-2021-1765
CVE-2021-1788 CVE-2021-1789 CVE-2021-1799
CVE-2021-1801 CVE-2021-1844 CVE-2021-1870
CVE-2021-1871 CVE-2021-21775 CVE-2021-21779
CVE-2021-21806 CVE-2021-28650 CVE-2021-30663
CVE-2021-30665 CVE-2021-30682 CVE-2021-30689
CVE-2021-30720 CVE-2021-30734 CVE-2021-30744
CVE-2021-30749 CVE-2021-30758 CVE-2021-30795
CVE-2021-30797 CVE-2021-30799
====================================================================
1. Summary:
An update for GNOME is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
GNOME is the default desktop environment of Red Hat Enterprise Linux.
The following packages have been upgraded to a later upstream version: gdm
(40.0), webkit2gtk3 (2.32.3).
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.5 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
GDM must be restarted for this update to take effect. The GNOME session
must be restarted (log out, then log back in) for this update to take
effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1651378 - [RFE] Provide a mechanism for persistently showing the security level of a machine at login time
1770302 - disable show text in GDM login/lock screen (patched in RHEL 7.8)
1791478 - Cannot completely disable odrs (Gnome Ratings) from the Software application in Gnome Desktop
1813727 - Files copied from NFS4 to Desktop can't be opened
1854679 - [RFE] Disable left edge gesture
1873297 - Gnome-software coredumps when run as root in terminal
1873488 - GTK3 prints errors with overlay scrollbar disabled
1888404 - Updates page hides ongoing updates on refresh
1894613 - [RFE] Re-inclusion of workspace renaming in GNOME 3.
1897932 - JS ERROR: Error: Extension point conflict: there is already a status indicator for role ...
1904139 - Automatic Logout Feature not working
1905000 - Desktop refresh broken after unlock
1909300 - gdm isn't killing the login screen on login after all, should rebase to latest release
1914925 - RFE: add patch to set grub boot_success flag on shutdown/reboot
1924725 - [Wayland] Double-touch desktop icons fails sometimes
1925640 - CVE-2020-36241 gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory
1928794 - CVE-2020-24870 LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp
1928886 - CVE-2020-13558 webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution
1935261 - [RFE] Enable connecting to WiFI and VPN connections at the GDM login
1937416 - Rebase WebKitGTK to 2.32
1937866 - Unable to disable onscreen keyboard in touch screen machine [rhel-8.5.0]
1938937 - Mutter: mouse click doesn't work when using 10-bit graphic monitor [rhel-8.5.0]
1940026 - CVE-2021-28650 gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix)
1944323 - CVE-2020-27918 webkitgtk: Use-after-free leading to arbitrary code execution
1944329 - CVE-2020-29623 webkitgtk: User may be unable to fully delete browsing history
1944333 - CVE-2021-1765 webkitgtk: IFrame sandboxing policy violation
1944337 - CVE-2021-1789 webkitgtk: Type confusion issue leading to arbitrary code execution
1944340 - CVE-2021-1799 webkitgtk: Access to restricted ports on arbitrary servers via port redirection
1944343 - CVE-2021-1801 webkitgtk: IFrame sandboxing policy violation
1944350 - CVE-2021-1870 webkitgtk: Logic issue leading to arbitrary code execution
1944859 - CVE-2021-1788 webkitgtk: Use-after-free leading to arbitrary code execution
1944862 - CVE-2021-1844 webkitgtk: Memory corruption issue leading to arbitrary code execution
1944867 - CVE-2021-1871 webkitgtk: Logic issue leading to arbitrary code execution
1949176 - GNOME Shell on Wayland does not generate xauth data, needed for X forwarding over SSH
1951086 - Disable the Facebook provider
1952136 - Disable the Foursquare provider
1955754 - gnome-session kiosk-session support still isn't up to muster
1957705 - RFE: make gnome-calculator internet access attemps configurable system-wide
1960705 - Vino nonfunctional in FIPS mode
1962049 - [Hyper-V][RHEL8.5]gdm: Guest with 1 vcpu start GUI failed on Hyper-V
1971507 - gnome-shell JS ERROR Error calling onComplete: TypeError this._dialog.actor is undefined _hideLockScreenComplete updateTweens
1971534 - gnome-shell[2343]: gsignal.c:2642: instance '0x5583c61f9280' has no handler with id '23831'
1972545 - flatpak: Prefer runtime from the same origin as the application
1978287 - gnome-shell to include / Documented - PolicyKit-authentication-agent
1978505 - Gnome Software development package is missing important header files.
1978612 - pt_BR translations for "Register System" panel
1980441 - CVE-2021-21806 webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution
1980661 - "Screen Lock disabled" notification appears on first login after disabling gdm and notification pop-up. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
LibRaw-0.19.5-3.el8.src.rpm
accountsservice-0.6.55-2.el8.src.rpm
gdm-40.0-15.el8.src.rpm
gnome-autoar-0.2.3-2.el8.src.rpm
gnome-calculator-3.28.2-2.el8.src.rpm
gnome-control-center-3.28.2-28.el8.src.rpm
gnome-online-accounts-3.28.2-3.el8.src.rpm
gnome-session-3.28.1-13.el8.src.rpm
gnome-settings-daemon-3.32.0-16.el8.src.rpm
gnome-shell-3.32.2-40.el8.src.rpm
gnome-shell-extensions-3.32.1-20.el8.src.rpm
gnome-software-3.36.1-10.el8.src.rpm
gtk3-3.22.30-8.el8.src.rpm
mutter-3.32.2-60.el8.src.rpm
vino-3.22.0-11.el8.src.rpm
webkit2gtk3-2.32.3-2.el8.src.rpm
aarch64:
accountsservice-0.6.55-2.el8.aarch64.rpm
accountsservice-debuginfo-0.6.55-2.el8.aarch64.rpm
accountsservice-debugsource-0.6.55-2.el8.aarch64.rpm
accountsservice-libs-0.6.55-2.el8.aarch64.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.aarch64.rpm
gdm-40.0-15.el8.aarch64.rpm
gdm-debuginfo-40.0-15.el8.aarch64.rpm
gdm-debugsource-40.0-15.el8.aarch64.rpm
gnome-autoar-0.2.3-2.el8.aarch64.rpm
gnome-autoar-debuginfo-0.2.3-2.el8.aarch64.rpm
gnome-autoar-debugsource-0.2.3-2.el8.aarch64.rpm
gnome-calculator-3.28.2-2.el8.aarch64.rpm
gnome-calculator-debuginfo-3.28.2-2.el8.aarch64.rpm
gnome-calculator-debugsource-3.28.2-2.el8.aarch64.rpm
gnome-control-center-3.28.2-28.el8.aarch64.rpm
gnome-control-center-debuginfo-3.28.2-28.el8.aarch64.rpm
gnome-control-center-debugsource-3.28.2-28.el8.aarch64.rpm
gnome-online-accounts-3.28.2-3.el8.aarch64.rpm
gnome-online-accounts-debuginfo-3.28.2-3.el8.aarch64.rpm
gnome-online-accounts-debugsource-3.28.2-3.el8.aarch64.rpm
gnome-online-accounts-devel-3.28.2-3.el8.aarch64.rpm
gnome-session-3.28.1-13.el8.aarch64.rpm
gnome-session-debuginfo-3.28.1-13.el8.aarch64.rpm
gnome-session-debugsource-3.28.1-13.el8.aarch64.rpm
gnome-session-kiosk-session-3.28.1-13.el8.aarch64.rpm
gnome-session-wayland-session-3.28.1-13.el8.aarch64.rpm
gnome-session-xsession-3.28.1-13.el8.aarch64.rpm
gnome-settings-daemon-3.32.0-16.el8.aarch64.rpm
gnome-settings-daemon-debuginfo-3.32.0-16.el8.aarch64.rpm
gnome-settings-daemon-debugsource-3.32.0-16.el8.aarch64.rpm
gnome-shell-3.32.2-40.el8.aarch64.rpm
gnome-shell-debuginfo-3.32.2-40.el8.aarch64.rpm
gnome-shell-debugsource-3.32.2-40.el8.aarch64.rpm
gnome-software-3.36.1-10.el8.aarch64.rpm
gnome-software-debuginfo-3.36.1-10.el8.aarch64.rpm
gnome-software-debugsource-3.36.1-10.el8.aarch64.rpm
gsettings-desktop-schemas-devel-3.32.0-6.el8.aarch64.rpm
gtk-update-icon-cache-3.22.30-8.el8.aarch64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-8.el8.aarch64.rpm
gtk3-3.22.30-8.el8.aarch64.rpm
gtk3-debuginfo-3.22.30-8.el8.aarch64.rpm
gtk3-debugsource-3.22.30-8.el8.aarch64.rpm
gtk3-devel-3.22.30-8.el8.aarch64.rpm
gtk3-devel-debuginfo-3.22.30-8.el8.aarch64.rpm
gtk3-immodule-xim-3.22.30-8.el8.aarch64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-8.el8.aarch64.rpm
gtk3-immodules-debuginfo-3.22.30-8.el8.aarch64.rpm
gtk3-tests-debuginfo-3.22.30-8.el8.aarch64.rpm
mutter-3.32.2-60.el8.aarch64.rpm
mutter-debuginfo-3.32.2-60.el8.aarch64.rpm
mutter-debugsource-3.32.2-60.el8.aarch64.rpm
mutter-tests-debuginfo-3.32.2-60.el8.aarch64.rpm
vino-3.22.0-11.el8.aarch64.rpm
vino-debuginfo-3.22.0-11.el8.aarch64.rpm
vino-debugsource-3.22.0-11.el8.aarch64.rpm
webkit2gtk3-2.32.3-2.el8.aarch64.rpm
webkit2gtk3-debuginfo-2.32.3-2.el8.aarch64.rpm
webkit2gtk3-debugsource-2.32.3-2.el8.aarch64.rpm
webkit2gtk3-devel-2.32.3-2.el8.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.32.3-2.el8.aarch64.rpm
webkit2gtk3-jsc-2.32.3-2.el8.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.32.3-2.el8.aarch64.rpm
webkit2gtk3-jsc-devel-2.32.3-2.el8.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.32.3-2.el8.aarch64.rpm
noarch:
gnome-classic-session-3.32.1-20.el8.noarch.rpm
gnome-control-center-filesystem-3.28.2-28.el8.noarch.rpm
gnome-shell-extension-apps-menu-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-auto-move-windows-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-common-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-dash-to-dock-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-desktop-icons-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-disable-screenshield-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-drive-menu-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-gesture-inhibitor-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-horizontal-workspaces-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-launch-new-instance-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-native-window-placement-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-no-hot-corner-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-panel-favorites-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-places-menu-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-screenshot-window-sizer-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-systemMonitor-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-top-icons-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-updates-dialog-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-user-theme-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-window-grouper-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-window-list-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-windowsNavigator-3.32.1-20.el8.noarch.rpm
gnome-shell-extension-workspace-indicator-3.32.1-20.el8.noarch.rpm
ppc64le:
LibRaw-0.19.5-3.el8.ppc64le.rpm
LibRaw-debuginfo-0.19.5-3.el8.ppc64le.rpm
LibRaw-debugsource-0.19.5-3.el8.ppc64le.rpm
LibRaw-samples-debuginfo-0.19.5-3.el8.ppc64le.rpm
accountsservice-0.6.55-2.el8.ppc64le.rpm
accountsservice-debuginfo-0.6.55-2.el8.ppc64le.rpm
accountsservice-debugsource-0.6.55-2.el8.ppc64le.rpm
accountsservice-libs-0.6.55-2.el8.ppc64le.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.ppc64le.rpm
gdm-40.0-15.el8.ppc64le.rpm
gdm-debuginfo-40.0-15.el8.ppc64le.rpm
gdm-debugsource-40.0-15.el8.ppc64le.rpm
gnome-autoar-0.2.3-2.el8.ppc64le.rpm
gnome-autoar-debuginfo-0.2.3-2.el8.ppc64le.rpm
gnome-autoar-debugsource-0.2.3-2.el8.ppc64le.rpm
gnome-calculator-3.28.2-2.el8.ppc64le.rpm
gnome-calculator-debuginfo-3.28.2-2.el8.ppc64le.rpm
gnome-calculator-debugsource-3.28.2-2.el8.ppc64le.rpm
gnome-control-center-3.28.2-28.el8.ppc64le.rpm
gnome-control-center-debuginfo-3.28.2-28.el8.ppc64le.rpm
gnome-control-center-debugsource-3.28.2-28.el8.ppc64le.rpm
gnome-online-accounts-3.28.2-3.el8.ppc64le.rpm
gnome-online-accounts-debuginfo-3.28.2-3.el8.ppc64le.rpm
gnome-online-accounts-debugsource-3.28.2-3.el8.ppc64le.rpm
gnome-online-accounts-devel-3.28.2-3.el8.ppc64le.rpm
gnome-session-3.28.1-13.el8.ppc64le.rpm
gnome-session-debuginfo-3.28.1-13.el8.ppc64le.rpm
gnome-session-debugsource-3.28.1-13.el8.ppc64le.rpm
gnome-session-kiosk-session-3.28.1-13.el8.ppc64le.rpm
gnome-session-wayland-session-3.28.1-13.el8.ppc64le.rpm
gnome-session-xsession-3.28.1-13.el8.ppc64le.rpm
gnome-settings-daemon-3.32.0-16.el8.ppc64le.rpm
gnome-settings-daemon-debuginfo-3.32.0-16.el8.ppc64le.rpm
gnome-settings-daemon-debugsource-3.32.0-16.el8.ppc64le.rpm
gnome-shell-3.32.2-40.el8.ppc64le.rpm
gnome-shell-debuginfo-3.32.2-40.el8.ppc64le.rpm
gnome-shell-debugsource-3.32.2-40.el8.ppc64le.rpm
gnome-software-3.36.1-10.el8.ppc64le.rpm
gnome-software-debuginfo-3.36.1-10.el8.ppc64le.rpm
gnome-software-debugsource-3.36.1-10.el8.ppc64le.rpm
gsettings-desktop-schemas-devel-3.32.0-6.el8.ppc64le.rpm
gtk-update-icon-cache-3.22.30-8.el8.ppc64le.rpm
gtk-update-icon-cache-debuginfo-3.22.30-8.el8.ppc64le.rpm
gtk3-3.22.30-8.el8.ppc64le.rpm
gtk3-debuginfo-3.22.30-8.el8.ppc64le.rpm
gtk3-debugsource-3.22.30-8.el8.ppc64le.rpm
gtk3-devel-3.22.30-8.el8.ppc64le.rpm
gtk3-devel-debuginfo-3.22.30-8.el8.ppc64le.rpm
gtk3-immodule-xim-3.22.30-8.el8.ppc64le.rpm
gtk3-immodule-xim-debuginfo-3.22.30-8.el8.ppc64le.rpm
gtk3-immodules-debuginfo-3.22.30-8.el8.ppc64le.rpm
gtk3-tests-debuginfo-3.22.30-8.el8.ppc64le.rpm
mutter-3.32.2-60.el8.ppc64le.rpm
mutter-debuginfo-3.32.2-60.el8.ppc64le.rpm
mutter-debugsource-3.32.2-60.el8.ppc64le.rpm
mutter-tests-debuginfo-3.32.2-60.el8.ppc64le.rpm
vino-3.22.0-11.el8.ppc64le.rpm
vino-debuginfo-3.22.0-11.el8.ppc64le.rpm
vino-debugsource-3.22.0-11.el8.ppc64le.rpm
webkit2gtk3-2.32.3-2.el8.ppc64le.rpm
webkit2gtk3-debuginfo-2.32.3-2.el8.ppc64le.rpm
webkit2gtk3-debugsource-2.32.3-2.el8.ppc64le.rpm
webkit2gtk3-devel-2.32.3-2.el8.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.32.3-2.el8.ppc64le.rpm
webkit2gtk3-jsc-2.32.3-2.el8.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.32.3-2.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-2.32.3-2.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.32.3-2.el8.ppc64le.rpm
s390x:
accountsservice-0.6.55-2.el8.s390x.rpm
accountsservice-debuginfo-0.6.55-2.el8.s390x.rpm
accountsservice-debugsource-0.6.55-2.el8.s390x.rpm
accountsservice-libs-0.6.55-2.el8.s390x.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.s390x.rpm
gdm-40.0-15.el8.s390x.rpm
gdm-debuginfo-40.0-15.el8.s390x.rpm
gdm-debugsource-40.0-15.el8.s390x.rpm
gnome-autoar-0.2.3-2.el8.s390x.rpm
gnome-autoar-debuginfo-0.2.3-2.el8.s390x.rpm
gnome-autoar-debugsource-0.2.3-2.el8.s390x.rpm
gnome-calculator-3.28.2-2.el8.s390x.rpm
gnome-calculator-debuginfo-3.28.2-2.el8.s390x.rpm
gnome-calculator-debugsource-3.28.2-2.el8.s390x.rpm
gnome-control-center-3.28.2-28.el8.s390x.rpm
gnome-control-center-debuginfo-3.28.2-28.el8.s390x.rpm
gnome-control-center-debugsource-3.28.2-28.el8.s390x.rpm
gnome-online-accounts-3.28.2-3.el8.s390x.rpm
gnome-online-accounts-debuginfo-3.28.2-3.el8.s390x.rpm
gnome-online-accounts-debugsource-3.28.2-3.el8.s390x.rpm
gnome-online-accounts-devel-3.28.2-3.el8.s390x.rpm
gnome-session-3.28.1-13.el8.s390x.rpm
gnome-session-debuginfo-3.28.1-13.el8.s390x.rpm
gnome-session-debugsource-3.28.1-13.el8.s390x.rpm
gnome-session-kiosk-session-3.28.1-13.el8.s390x.rpm
gnome-session-wayland-session-3.28.1-13.el8.s390x.rpm
gnome-session-xsession-3.28.1-13.el8.s390x.rpm
gnome-settings-daemon-3.32.0-16.el8.s390x.rpm
gnome-settings-daemon-debuginfo-3.32.0-16.el8.s390x.rpm
gnome-settings-daemon-debugsource-3.32.0-16.el8.s390x.rpm
gnome-shell-3.32.2-40.el8.s390x.rpm
gnome-shell-debuginfo-3.32.2-40.el8.s390x.rpm
gnome-shell-debugsource-3.32.2-40.el8.s390x.rpm
gnome-software-3.36.1-10.el8.s390x.rpm
gnome-software-debuginfo-3.36.1-10.el8.s390x.rpm
gnome-software-debugsource-3.36.1-10.el8.s390x.rpm
gsettings-desktop-schemas-devel-3.32.0-6.el8.s390x.rpm
gtk-update-icon-cache-3.22.30-8.el8.s390x.rpm
gtk-update-icon-cache-debuginfo-3.22.30-8.el8.s390x.rpm
gtk3-3.22.30-8.el8.s390x.rpm
gtk3-debuginfo-3.22.30-8.el8.s390x.rpm
gtk3-debugsource-3.22.30-8.el8.s390x.rpm
gtk3-devel-3.22.30-8.el8.s390x.rpm
gtk3-devel-debuginfo-3.22.30-8.el8.s390x.rpm
gtk3-immodule-xim-3.22.30-8.el8.s390x.rpm
gtk3-immodule-xim-debuginfo-3.22.30-8.el8.s390x.rpm
gtk3-immodules-debuginfo-3.22.30-8.el8.s390x.rpm
gtk3-tests-debuginfo-3.22.30-8.el8.s390x.rpm
mutter-3.32.2-60.el8.s390x.rpm
mutter-debuginfo-3.32.2-60.el8.s390x.rpm
mutter-debugsource-3.32.2-60.el8.s390x.rpm
mutter-tests-debuginfo-3.32.2-60.el8.s390x.rpm
vino-3.22.0-11.el8.s390x.rpm
vino-debuginfo-3.22.0-11.el8.s390x.rpm
vino-debugsource-3.22.0-11.el8.s390x.rpm
webkit2gtk3-2.32.3-2.el8.s390x.rpm
webkit2gtk3-debuginfo-2.32.3-2.el8.s390x.rpm
webkit2gtk3-debugsource-2.32.3-2.el8.s390x.rpm
webkit2gtk3-devel-2.32.3-2.el8.s390x.rpm
webkit2gtk3-devel-debuginfo-2.32.3-2.el8.s390x.rpm
webkit2gtk3-jsc-2.32.3-2.el8.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.32.3-2.el8.s390x.rpm
webkit2gtk3-jsc-devel-2.32.3-2.el8.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.32.3-2.el8.s390x.rpm
x86_64:
LibRaw-0.19.5-3.el8.i686.rpm
LibRaw-0.19.5-3.el8.x86_64.rpm
LibRaw-debuginfo-0.19.5-3.el8.i686.rpm
LibRaw-debuginfo-0.19.5-3.el8.x86_64.rpm
LibRaw-debugsource-0.19.5-3.el8.i686.rpm
LibRaw-debugsource-0.19.5-3.el8.x86_64.rpm
LibRaw-samples-debuginfo-0.19.5-3.el8.i686.rpm
LibRaw-samples-debuginfo-0.19.5-3.el8.x86_64.rpm
accountsservice-0.6.55-2.el8.x86_64.rpm
accountsservice-debuginfo-0.6.55-2.el8.i686.rpm
accountsservice-debuginfo-0.6.55-2.el8.x86_64.rpm
accountsservice-debugsource-0.6.55-2.el8.i686.rpm
accountsservice-debugsource-0.6.55-2.el8.x86_64.rpm
accountsservice-libs-0.6.55-2.el8.i686.rpm
accountsservice-libs-0.6.55-2.el8.x86_64.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.i686.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.x86_64.rpm
gdm-40.0-15.el8.i686.rpm
gdm-40.0-15.el8.x86_64.rpm
gdm-debuginfo-40.0-15.el8.i686.rpm
gdm-debuginfo-40.0-15.el8.x86_64.rpm
gdm-debugsource-40.0-15.el8.i686.rpm
gdm-debugsource-40.0-15.el8.x86_64.rpm
gnome-autoar-0.2.3-2.el8.i686.rpm
gnome-autoar-0.2.3-2.el8.x86_64.rpm
gnome-autoar-debuginfo-0.2.3-2.el8.i686.rpm
gnome-autoar-debuginfo-0.2.3-2.el8.x86_64.rpm
gnome-autoar-debugsource-0.2.3-2.el8.i686.rpm
gnome-autoar-debugsource-0.2.3-2.el8.x86_64.rpm
gnome-calculator-3.28.2-2.el8.x86_64.rpm
gnome-calculator-debuginfo-3.28.2-2.el8.x86_64.rpm
gnome-calculator-debugsource-3.28.2-2.el8.x86_64.rpm
gnome-control-center-3.28.2-28.el8.x86_64.rpm
gnome-control-center-debuginfo-3.28.2-28.el8.x86_64.rpm
gnome-control-center-debugsource-3.28.2-28.el8.x86_64.rpm
gnome-online-accounts-3.28.2-3.el8.i686.rpm
gnome-online-accounts-3.28.2-3.el8.x86_64.rpm
gnome-online-accounts-debuginfo-3.28.2-3.el8.i686.rpm
gnome-online-accounts-debuginfo-3.28.2-3.el8.x86_64.rpm
gnome-online-accounts-debugsource-3.28.2-3.el8.i686.rpm
gnome-online-accounts-debugsource-3.28.2-3.el8.x86_64.rpm
gnome-online-accounts-devel-3.28.2-3.el8.i686.rpm
gnome-online-accounts-devel-3.28.2-3.el8.x86_64.rpm
gnome-session-3.28.1-13.el8.x86_64.rpm
gnome-session-debuginfo-3.28.1-13.el8.x86_64.rpm
gnome-session-debugsource-3.28.1-13.el8.x86_64.rpm
gnome-session-kiosk-session-3.28.1-13.el8.x86_64.rpm
gnome-session-wayland-session-3.28.1-13.el8.x86_64.rpm
gnome-session-xsession-3.28.1-13.el8.x86_64.rpm
gnome-settings-daemon-3.32.0-16.el8.x86_64.rpm
gnome-settings-daemon-debuginfo-3.32.0-16.el8.x86_64.rpm
gnome-settings-daemon-debugsource-3.32.0-16.el8.x86_64.rpm
gnome-shell-3.32.2-40.el8.x86_64.rpm
gnome-shell-debuginfo-3.32.2-40.el8.x86_64.rpm
gnome-shell-debugsource-3.32.2-40.el8.x86_64.rpm
gnome-software-3.36.1-10.el8.x86_64.rpm
gnome-software-debuginfo-3.36.1-10.el8.x86_64.rpm
gnome-software-debugsource-3.36.1-10.el8.x86_64.rpm
gsettings-desktop-schemas-3.32.0-6.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-6.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-6.el8.x86_64.rpm
gtk-update-icon-cache-3.22.30-8.el8.x86_64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-8.el8.i686.rpm
gtk-update-icon-cache-debuginfo-3.22.30-8.el8.x86_64.rpm
gtk3-3.22.30-8.el8.i686.rpm
gtk3-3.22.30-8.el8.x86_64.rpm
gtk3-debuginfo-3.22.30-8.el8.i686.rpm
gtk3-debuginfo-3.22.30-8.el8.x86_64.rpm
gtk3-debugsource-3.22.30-8.el8.i686.rpm
gtk3-debugsource-3.22.30-8.el8.x86_64.rpm
gtk3-devel-3.22.30-8.el8.i686.rpm
gtk3-devel-3.22.30-8.el8.x86_64.rpm
gtk3-devel-debuginfo-3.22.30-8.el8.i686.rpm
gtk3-devel-debuginfo-3.22.30-8.el8.x86_64.rpm
gtk3-immodule-xim-3.22.30-8.el8.x86_64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-8.el8.i686.rpm
gtk3-immodule-xim-debuginfo-3.22.30-8.el8.x86_64.rpm
gtk3-immodules-debuginfo-3.22.30-8.el8.i686.rpm
gtk3-immodules-debuginfo-3.22.30-8.el8.x86_64.rpm
gtk3-tests-debuginfo-3.22.30-8.el8.i686.rpm
gtk3-tests-debuginfo-3.22.30-8.el8.x86_64.rpm
mutter-3.32.2-60.el8.i686.rpm
mutter-3.32.2-60.el8.x86_64.rpm
mutter-debuginfo-3.32.2-60.el8.i686.rpm
mutter-debuginfo-3.32.2-60.el8.x86_64.rpm
mutter-debugsource-3.32.2-60.el8.i686.rpm
mutter-debugsource-3.32.2-60.el8.x86_64.rpm
mutter-tests-debuginfo-3.32.2-60.el8.i686.rpm
mutter-tests-debuginfo-3.32.2-60.el8.x86_64.rpm
vino-3.22.0-11.el8.x86_64.rpm
vino-debuginfo-3.22.0-11.el8.x86_64.rpm
vino-debugsource-3.22.0-11.el8.x86_64.rpm
webkit2gtk3-2.32.3-2.el8.i686.rpm
webkit2gtk3-2.32.3-2.el8.x86_64.rpm
webkit2gtk3-debuginfo-2.32.3-2.el8.i686.rpm
webkit2gtk3-debuginfo-2.32.3-2.el8.x86_64.rpm
webkit2gtk3-debugsource-2.32.3-2.el8.i686.rpm
webkit2gtk3-debugsource-2.32.3-2.el8.x86_64.rpm
webkit2gtk3-devel-2.32.3-2.el8.i686.rpm
webkit2gtk3-devel-2.32.3-2.el8.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.32.3-2.el8.i686.rpm
webkit2gtk3-devel-debuginfo-2.32.3-2.el8.x86_64.rpm
webkit2gtk3-jsc-2.32.3-2.el8.i686.rpm
webkit2gtk3-jsc-2.32.3-2.el8.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.32.3-2.el8.i686.rpm
webkit2gtk3-jsc-debuginfo-2.32.3-2.el8.x86_64.rpm
webkit2gtk3-jsc-devel-2.32.3-2.el8.i686.rpm
webkit2gtk3-jsc-devel-2.32.3-2.el8.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.32.3-2.el8.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.32.3-2.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
gsettings-desktop-schemas-3.32.0-6.el8.src.rpm
aarch64:
gsettings-desktop-schemas-3.32.0-6.el8.aarch64.rpm
ppc64le:
gsettings-desktop-schemas-3.32.0-6.el8.ppc64le.rpm
s390x:
gsettings-desktop-schemas-3.32.0-6.el8.s390x.rpm
x86_64:
gsettings-desktop-schemas-3.32.0-6.el8.x86_64.rpm
Red Hat Enterprise Linux CRB (v. 8):
aarch64:
accountsservice-debuginfo-0.6.55-2.el8.aarch64.rpm
accountsservice-debugsource-0.6.55-2.el8.aarch64.rpm
accountsservice-devel-0.6.55-2.el8.aarch64.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.aarch64.rpm
gnome-software-debuginfo-3.36.1-10.el8.aarch64.rpm
gnome-software-debugsource-3.36.1-10.el8.aarch64.rpm
gnome-software-devel-3.36.1-10.el8.aarch64.rpm
mutter-debuginfo-3.32.2-60.el8.aarch64.rpm
mutter-debugsource-3.32.2-60.el8.aarch64.rpm
mutter-devel-3.32.2-60.el8.aarch64.rpm
mutter-tests-debuginfo-3.32.2-60.el8.aarch64.rpm
ppc64le:
LibRaw-debuginfo-0.19.5-3.el8.ppc64le.rpm
LibRaw-debugsource-0.19.5-3.el8.ppc64le.rpm
LibRaw-devel-0.19.5-3.el8.ppc64le.rpm
LibRaw-samples-debuginfo-0.19.5-3.el8.ppc64le.rpm
accountsservice-debuginfo-0.6.55-2.el8.ppc64le.rpm
accountsservice-debugsource-0.6.55-2.el8.ppc64le.rpm
accountsservice-devel-0.6.55-2.el8.ppc64le.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.ppc64le.rpm
gnome-software-debuginfo-3.36.1-10.el8.ppc64le.rpm
gnome-software-debugsource-3.36.1-10.el8.ppc64le.rpm
gnome-software-devel-3.36.1-10.el8.ppc64le.rpm
mutter-debuginfo-3.32.2-60.el8.ppc64le.rpm
mutter-debugsource-3.32.2-60.el8.ppc64le.rpm
mutter-devel-3.32.2-60.el8.ppc64le.rpm
mutter-tests-debuginfo-3.32.2-60.el8.ppc64le.rpm
s390x:
accountsservice-debuginfo-0.6.55-2.el8.s390x.rpm
accountsservice-debugsource-0.6.55-2.el8.s390x.rpm
accountsservice-devel-0.6.55-2.el8.s390x.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.s390x.rpm
gnome-software-debuginfo-3.36.1-10.el8.s390x.rpm
gnome-software-debugsource-3.36.1-10.el8.s390x.rpm
gnome-software-devel-3.36.1-10.el8.s390x.rpm
mutter-debuginfo-3.32.2-60.el8.s390x.rpm
mutter-debugsource-3.32.2-60.el8.s390x.rpm
mutter-devel-3.32.2-60.el8.s390x.rpm
mutter-tests-debuginfo-3.32.2-60.el8.s390x.rpm
x86_64:
LibRaw-debuginfo-0.19.5-3.el8.i686.rpm
LibRaw-debuginfo-0.19.5-3.el8.x86_64.rpm
LibRaw-debugsource-0.19.5-3.el8.i686.rpm
LibRaw-debugsource-0.19.5-3.el8.x86_64.rpm
LibRaw-devel-0.19.5-3.el8.i686.rpm
LibRaw-devel-0.19.5-3.el8.x86_64.rpm
LibRaw-samples-debuginfo-0.19.5-3.el8.i686.rpm
LibRaw-samples-debuginfo-0.19.5-3.el8.x86_64.rpm
accountsservice-debuginfo-0.6.55-2.el8.i686.rpm
accountsservice-debuginfo-0.6.55-2.el8.x86_64.rpm
accountsservice-debugsource-0.6.55-2.el8.i686.rpm
accountsservice-debugsource-0.6.55-2.el8.x86_64.rpm
accountsservice-devel-0.6.55-2.el8.i686.rpm
accountsservice-devel-0.6.55-2.el8.x86_64.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.i686.rpm
accountsservice-libs-debuginfo-0.6.55-2.el8.x86_64.rpm
gnome-software-3.36.1-10.el8.i686.rpm
gnome-software-debuginfo-3.36.1-10.el8.i686.rpm
gnome-software-debuginfo-3.36.1-10.el8.x86_64.rpm
gnome-software-debugsource-3.36.1-10.el8.i686.rpm
gnome-software-debugsource-3.36.1-10.el8.x86_64.rpm
gnome-software-devel-3.36.1-10.el8.i686.rpm
gnome-software-devel-3.36.1-10.el8.x86_64.rpm
mutter-debuginfo-3.32.2-60.el8.i686.rpm
mutter-debuginfo-3.32.2-60.el8.x86_64.rpm
mutter-debugsource-3.32.2-60.el8.i686.rpm
mutter-debugsource-3.32.2-60.el8.x86_64.rpm
mutter-devel-3.32.2-60.el8.i686.rpm
mutter-devel-3.32.2-60.el8.x86_64.rpm
mutter-tests-debuginfo-3.32.2-60.el8.i686.rpm
mutter-tests-debuginfo-3.32.2-60.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-13558
https://access.redhat.com/security/cve/CVE-2020-24870
https://access.redhat.com/security/cve/CVE-2020-27918
https://access.redhat.com/security/cve/CVE-2020-29623
https://access.redhat.com/security/cve/CVE-2020-36241
https://access.redhat.com/security/cve/CVE-2021-1765
https://access.redhat.com/security/cve/CVE-2021-1788
https://access.redhat.com/security/cve/CVE-2021-1789
https://access.redhat.com/security/cve/CVE-2021-1799
https://access.redhat.com/security/cve/CVE-2021-1801
https://access.redhat.com/security/cve/CVE-2021-1844
https://access.redhat.com/security/cve/CVE-2021-1870
https://access.redhat.com/security/cve/CVE-2021-1871
https://access.redhat.com/security/cve/CVE-2021-21775
https://access.redhat.com/security/cve/CVE-2021-21779
https://access.redhat.com/security/cve/CVE-2021-21806
https://access.redhat.com/security/cve/CVE-2021-28650
https://access.redhat.com/security/cve/CVE-2021-30663
https://access.redhat.com/security/cve/CVE-2021-30665
https://access.redhat.com/security/cve/CVE-2021-30682
https://access.redhat.com/security/cve/CVE-2021-30689
https://access.redhat.com/security/cve/CVE-2021-30720
https://access.redhat.com/security/cve/CVE-2021-30734
https://access.redhat.com/security/cve/CVE-2021-30744
https://access.redhat.com/security/cve/CVE-2021-30749
https://access.redhat.com/security/cve/CVE-2021-30758
https://access.redhat.com/security/cve/CVE-2021-30795
https://access.redhat.com/security/cve/CVE-2021-30797
https://access.redhat.com/security/cve/CVE-2021-30799
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYYrdm9zjgjWX9erEAQhgIA/+KzLn8QVHI3X8x9ufH1+nO8QXQqwTGQ0E
awNXP8h4qsL7EGugHrz/KVjwaKJs/erPxh5jGl/xE1ZhngGlyStUpQkI2Y3cP2/3
05jDPPS0QEfG5Y0rlnESyPxtwQTCpqped5P7L8VtKuzRae1HV63onsBB8zpcIFF7
sTKcP6wAAjJDltUjlhnEkkE3G6Dxfv14/UowRAWoT9pa9cP0+KqdhuYKHdt3fCD7
tEItM/SFQGoCF8zvXbvAiUXfZsQ/t/Yik9O6WISTWenaxCcP43Xn7aicsvZMVOvQ
w+jnH/hnMLBoPhH2k4PClsDapa/D6IrQIUrwxtgfbC4KRs0fbdrEGCPqs4nl/AdD
Migcf4gCMBq0bk3/yKp+/bi+OWwRMmw3ZdkJsOTNrOAkK1UCyrpF1ULyfs+8/OC5
QnXW88fPCwhFj+KSAq5Cqfwm3hrKTCWIT/T1DQBG+J7Y9NgEx+zEXVmWaaA0z+7T
qji5aUsIH+TG3t1EwtXABWGGEBRxC+svUoWNJBW1u6qwxfMx5E+hHUHhRewVYLYu
SToRXa3cIX23M/XyHNXBgMCpPPw8DeY5aAA1fvKQsuMCLywDg0N3mYhvk1HUNidb
Z6HmsLjLrGbkb1AAhP0V0wUuh5P6YJlL6iM49fQgztlHoBO0OAo56GBjAyT3pAAX
2rgR2Ny0wo4=gfrM
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
.
Alternatively, on your watch, select "My Watch > General > About". - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: WebkitGTK+: Multiple vulnerabilities
Date: February 01, 2022
Bugs: #779175, #801400, #813489, #819522, #820434, #829723,
#831739
ID: 202202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in the arbitrary execution of code.
Background
=========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from hybrid
HTML/CSS applications to full-fledged web browsers.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.34.4 >= 2.34.4
Description
==========
Multiple vulnerabilities have been discovered in WebkitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.34.4"
References
=========
[ 1 ] CVE-2021-30848
https://nvd.nist.gov/vuln/detail/CVE-2021-30848
[ 2 ] CVE-2021-30888
https://nvd.nist.gov/vuln/detail/CVE-2021-30888
[ 3 ] CVE-2021-30682
https://nvd.nist.gov/vuln/detail/CVE-2021-30682
[ 4 ] CVE-2021-30889
https://nvd.nist.gov/vuln/detail/CVE-2021-30889
[ 5 ] CVE-2021-30666
https://nvd.nist.gov/vuln/detail/CVE-2021-30666
[ 6 ] CVE-2021-30665
https://nvd.nist.gov/vuln/detail/CVE-2021-30665
[ 7 ] CVE-2021-30890
https://nvd.nist.gov/vuln/detail/CVE-2021-30890
[ 8 ] CVE-2021-30661
https://nvd.nist.gov/vuln/detail/CVE-2021-30661
[ 9 ] WSA-2021-0005
https://webkitgtk.org/security/WSA-2021-0005.html
[ 10 ] CVE-2021-30761
https://nvd.nist.gov/vuln/detail/CVE-2021-30761
[ 11 ] CVE-2021-30897
https://nvd.nist.gov/vuln/detail/CVE-2021-30897
[ 12 ] CVE-2021-30823
https://nvd.nist.gov/vuln/detail/CVE-2021-30823
[ 13 ] CVE-2021-30734
https://nvd.nist.gov/vuln/detail/CVE-2021-30734
[ 14 ] CVE-2021-30934
https://nvd.nist.gov/vuln/detail/CVE-2021-30934
[ 15 ] CVE-2021-1871
https://nvd.nist.gov/vuln/detail/CVE-2021-1871
[ 16 ] CVE-2021-30762
https://nvd.nist.gov/vuln/detail/CVE-2021-30762
[ 17 ] WSA-2021-0006
https://webkitgtk.org/security/WSA-2021-0006.html
[ 18 ] CVE-2021-30797
https://nvd.nist.gov/vuln/detail/CVE-2021-30797
[ 19 ] CVE-2021-30936
https://nvd.nist.gov/vuln/detail/CVE-2021-30936
[ 20 ] CVE-2021-30663
https://nvd.nist.gov/vuln/detail/CVE-2021-30663
[ 21 ] CVE-2021-1825
https://nvd.nist.gov/vuln/detail/CVE-2021-1825
[ 22 ] CVE-2021-30951
https://nvd.nist.gov/vuln/detail/CVE-2021-30951
[ 23 ] CVE-2021-30952
https://nvd.nist.gov/vuln/detail/CVE-2021-30952
[ 24 ] CVE-2021-1788
https://nvd.nist.gov/vuln/detail/CVE-2021-1788
[ 25 ] CVE-2021-1820
https://nvd.nist.gov/vuln/detail/CVE-2021-1820
[ 26 ] CVE-2021-30953
https://nvd.nist.gov/vuln/detail/CVE-2021-30953
[ 27 ] CVE-2021-30749
https://nvd.nist.gov/vuln/detail/CVE-2021-30749
[ 28 ] CVE-2021-30849
https://nvd.nist.gov/vuln/detail/CVE-2021-30849
[ 29 ] CVE-2021-1826
https://nvd.nist.gov/vuln/detail/CVE-2021-1826
[ 30 ] CVE-2021-30836
https://nvd.nist.gov/vuln/detail/CVE-2021-30836
[ 31 ] CVE-2021-30954
https://nvd.nist.gov/vuln/detail/CVE-2021-30954
[ 32 ] CVE-2021-30984
https://nvd.nist.gov/vuln/detail/CVE-2021-30984
[ 33 ] CVE-2021-30851
https://nvd.nist.gov/vuln/detail/CVE-2021-30851
[ 34 ] CVE-2021-30758
https://nvd.nist.gov/vuln/detail/CVE-2021-30758
[ 35 ] CVE-2021-42762
https://nvd.nist.gov/vuln/detail/CVE-2021-42762
[ 36 ] CVE-2021-1844
https://nvd.nist.gov/vuln/detail/CVE-2021-1844
[ 37 ] CVE-2021-30689
https://nvd.nist.gov/vuln/detail/CVE-2021-30689
[ 38 ] CVE-2021-45482
https://nvd.nist.gov/vuln/detail/CVE-2021-45482
[ 39 ] CVE-2021-30858
https://nvd.nist.gov/vuln/detail/CVE-2021-30858
[ 40 ] CVE-2021-21779
https://nvd.nist.gov/vuln/detail/CVE-2021-21779
[ 41 ] WSA-2021-0004
https://webkitgtk.org/security/WSA-2021-0004.html
[ 42 ] CVE-2021-30846
https://nvd.nist.gov/vuln/detail/CVE-2021-30846
[ 43 ] CVE-2021-30744
https://nvd.nist.gov/vuln/detail/CVE-2021-30744
[ 44 ] CVE-2021-30809
https://nvd.nist.gov/vuln/detail/CVE-2021-30809
[ 45 ] CVE-2021-30884
https://nvd.nist.gov/vuln/detail/CVE-2021-30884
[ 46 ] CVE-2021-30720
https://nvd.nist.gov/vuln/detail/CVE-2021-30720
[ 47 ] CVE-2021-30799
https://nvd.nist.gov/vuln/detail/CVE-2021-30799
[ 48 ] CVE-2021-30795
https://nvd.nist.gov/vuln/detail/CVE-2021-30795
[ 49 ] CVE-2021-1817
https://nvd.nist.gov/vuln/detail/CVE-2021-1817
[ 50 ] CVE-2021-21775
https://nvd.nist.gov/vuln/detail/CVE-2021-21775
[ 51 ] CVE-2021-30887
https://nvd.nist.gov/vuln/detail/CVE-2021-30887
[ 52 ] CVE-2021-21806
https://nvd.nist.gov/vuln/detail/CVE-2021-21806
[ 53 ] CVE-2021-30818
https://nvd.nist.gov/vuln/detail/CVE-2021-30818
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202202-01
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4945-1 security@debian.org
https://www.debian.org/security/ Alberto Garcia
July 28, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : webkit2gtk
CVE ID : CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665
CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744
CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797
CVE-2021-30799
The following vulnerabilities have been discovered in the webkit2gtk
web engine:
CVE-2021-21775
Marcin Towalski discovered that a specially crafted web page can
lead to a potential information leak and further memory
corruption. In order to trigger the vulnerability, a victim must
be tricked into visiting a malicious webpage.
CVE-2021-21779
Marcin Towalski discovered that a specially crafted web page can
lead to a potential information leak and further memory
corruption. In order to trigger the vulnerability, a victim must
be tricked into visiting a malicious webpage. Apple is aware of a
report that this issue may have been actively exploited.
CVE-2021-30720
David Schutz discovered that a malicious website may be able to
access restricted ports on arbitrary servers.
For the stable distribution (buster), these problems have been fixed in
version 2.32.3-1~deb10u1.
We recommend that you upgrade your webkit2gtk packages |
|
var-201310-0368
|
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component. In a typical operating environment, these are of low
security risk as the runtime is not used on untrusted applets. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and
Mac OS X v10.6 Update 17
Java for OS X 2013-005 and Mac OS X v10.6 Update 17 is now available
and addresses the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Impact: Multiple vulnerabilities in Java 1.6.0_51
Description: 8011782 Multiple vulnerabilities existed in Java
1.6.0_51, the most serious of which may allow an untrusted Java
applet to execute arbitrary code outside the Java sandbox. Visiting a
web page containing a maliciously crafted untrusted Java applet may
lead to arbitrary code execution with the privileges of the current
user. These issues were addressed by updating to Java version
1.6.0_65. Further information is available via the Java website at ht
tp://www.oracle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2013-3829
CVE-2013-4002
CVE-2013-5772
CVE-2013-5774
CVE-2013-5776
CVE-2013-5778
CVE-2013-5780
CVE-2013-5782
CVE-2013-5783
CVE-2013-5784
CVE-2013-5787
CVE-2013-5789
CVE-2013-5790
CVE-2013-5797
CVE-2013-5801
CVE-2013-5802
CVE-2013-5803
CVE-2013-5804
CVE-2013-5809
CVE-2013-5812
CVE-2013-5814
CVE-2013-5817
CVE-2013-5818
CVE-2013-5819
CVE-2013-5820
CVE-2013-5823
CVE-2013-5824
CVE-2013-5825
CVE-2013-5829
CVE-2013-5830
CVE-2013-5831
CVE-2013-5832
CVE-2013-5840
CVE-2013-5842
CVE-2013-5843
CVE-2013-5848
CVE-2013-5849
CVE-2013-5850
Java for OS X 2013-005 and Mac OS X v10.6 Update 17
may be obtained from the Software Update pane in System Preferences,
Mac App Store, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6update17.dmg
Its SHA-1 digest is: 5dfe7eaebf9726352c97964da61d57fa28246c08
For OS X Lion and Mountain Lion systems
The download file is named: JavaForOSX2013-005.dmg
Its SHA-1 digest is: ce78f9a916b91ec408c933bd0bde5973ca8a2dc4
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJSXYc6AAoJEPefwLHPlZEwD8EP/3aN1h4wIM/BjidF3ZY+PXf3
Lzgtb8yAxh03A+J3NJCd3BKmjINXIo9Wwt9aUTktEz4UefvpF+rIsgKSinotvQt0
TmtsYPItFgs83Lj2IFBpCLurM+O0fUhje+mvVzR/KA7kHvrtXYRC5w2plWh32Smm
D4Ejh8odeR0IU3OdWV5MJpcRoRpRySX16JOEJc76SIE0+sbOLHZ90rmzyPMB0S2u
jZRq8qY3DJS9C5De97gh8F/V76fV8Aiq6RwGPs9m+tJUCJe6XLEy8Wq/G3jlKXyr
+KrradRl9Bz5oTUnVDlN9odoOGZ/J4nq4xs0RyN08uETKcw6315+7UTP3B+hD8IM
1YyWeceCd8oHtWlR/02spwaku5ctxiUZpqXQ8DxDH3e8dONBfndfmKGUnywQSFd8
vCgZR0SQgSbhtD/UnNGW9VgJsxKgO4gi17aVD/B9LYmMztsSB+wPkg96uTR6J7yh
+ogJqYeOGsMvvQd8XY++ig1bhEsfzzauEWnq3G4WG8E+Fep+5RHZewxnhzakapqW
2z7byXHNXtIP2cxL//DG/x4ed+gAWzKxZyPDPSrltw162mkJk/6mTedtpead4LH8
Ooi4Cf1HMbC9gdRBdtGNWo7EN9kr9rpajuRWjqxT5uTLAgJusKk5UnSO2KJtromy
Los4PbyC//yRidZKynqx
=I3n5
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-ibm security update
Advisory ID: RHSA-2013:1507-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1507.html
Issue date: 2013-11-07
CVE Names: CVE-2013-3829 CVE-2013-4041 CVE-2013-5372
CVE-2013-5375 CVE-2013-5456 CVE-2013-5457
CVE-2013-5458 CVE-2013-5772 CVE-2013-5774
CVE-2013-5776 CVE-2013-5778 CVE-2013-5780
CVE-2013-5782 CVE-2013-5783 CVE-2013-5784
CVE-2013-5787 CVE-2013-5788 CVE-2013-5789
CVE-2013-5790 CVE-2013-5797 CVE-2013-5800
CVE-2013-5801 CVE-2013-5802 CVE-2013-5803
CVE-2013-5804 CVE-2013-5809 CVE-2013-5812
CVE-2013-5814 CVE-2013-5817 CVE-2013-5818
CVE-2013-5819 CVE-2013-5820 CVE-2013-5823
CVE-2013-5824 CVE-2013-5825 CVE-2013-5829
CVE-2013-5830 CVE-2013-5831 CVE-2013-5832
CVE-2013-5838 CVE-2013-5840 CVE-2013-5842
CVE-2013-5843 CVE-2013-5848 CVE-2013-5849
CVE-2013-5850 CVE-2013-5851
=====================================================================
1. Summary:
Updated java-1.7.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM
Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM Security alerts page,
listed in the References section. (CVE-2013-3829, CVE-2013-4041,
CVE-2013-5372, CVE-2013-5375, CVE-2013-5456, CVE-2013-5457, CVE-2013-5458,
CVE-2013-5772, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5780,
CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5788,
CVE-2013-5789, CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5801,
CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5812,
CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820,
CVE-2013-5823, CVE-2013-5824, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830,
CVE-2013-5831, CVE-2013-5832, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842,
CVE-2013-5843, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850, CVE-2013-5851)
All users of java-1.7.0-ibm are advised to upgrade to these updated
packages, containing the IBM Java SE 7 SR6 release. All running
instances of IBM Java must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
1018713 - CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)
1018717 - CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081)
1018720 - CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)
1018727 - CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)
1018736 - CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071)
1018750 - CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)
1018755 - CVE-2013-5800 OpenJDK: default keytab path information leak (JGSS, 8022931)
1018785 - CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071)
1018831 - CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)
1018972 - CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505)
1018977 - CVE-2013-5851 OpenJDK: XML stream factory finder information leak (JAXP, 8013502)
1018984 - CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102)
1019108 - CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)
1019110 - CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)
1019113 - CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)
1019115 - CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287)
1019117 - CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)
1019118 - CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)
1019123 - CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)
1019127 - CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196)
1019130 - CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)
1019131 - CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)
1019133 - CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)
1019137 - CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)
1019139 - CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530)
1019145 - CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)
1019147 - CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)
1019300 - CVE-2013-5838 OpenJDK: Vulnerability in Libraries component (Libraries, 7023639)
1019691 - CVE-2013-5824 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019692 - CVE-2013-5788 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019693 - CVE-2013-5787 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019697 - CVE-2013-5789 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019701 - CVE-2013-5843 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)
1019702 - CVE-2013-5832 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019706 - CVE-2013-5812 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019710 - CVE-2013-5801 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)
1019712 - CVE-2013-5776 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019713 - CVE-2013-5818 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019715 - CVE-2013-5819 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019716 - CVE-2013-5831 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019720 - CVE-2013-5848 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1027748 - CVE-2013-5456 IBM JDK: unspecified sandbox bypass (ORB)
1027754 - CVE-2013-5458 IBM JDK: unspecified sandbox bypass (XML)
1027760 - CVE-2013-5457 IBM JDK: unspecified sandbox bypass (ORB)
1027764 - CVE-2013-4041 IBM JDK: unspecified sandbox bypass (JVM)
1027768 - CVE-2013-5375 IBM JDK: unspecified sandbox bypass (XML)
1027825 - CVE-2013-5372 IBM JDK: XML4J xml entity expansion excessive memory use (XML)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
ppc:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
s390x:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
ppc64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
s390x:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-3829.html
https://www.redhat.com/security/data/cve/CVE-2013-4041.html
https://www.redhat.com/security/data/cve/CVE-2013-5372.html
https://www.redhat.com/security/data/cve/CVE-2013-5375.html
https://www.redhat.com/security/data/cve/CVE-2013-5456.html
https://www.redhat.com/security/data/cve/CVE-2013-5457.html
https://www.redhat.com/security/data/cve/CVE-2013-5458.html
https://www.redhat.com/security/data/cve/CVE-2013-5772.html
https://www.redhat.com/security/data/cve/CVE-2013-5774.html
https://www.redhat.com/security/data/cve/CVE-2013-5776.html
https://www.redhat.com/security/data/cve/CVE-2013-5778.html
https://www.redhat.com/security/data/cve/CVE-2013-5780.html
https://www.redhat.com/security/data/cve/CVE-2013-5782.html
https://www.redhat.com/security/data/cve/CVE-2013-5783.html
https://www.redhat.com/security/data/cve/CVE-2013-5784.html
https://www.redhat.com/security/data/cve/CVE-2013-5787.html
https://www.redhat.com/security/data/cve/CVE-2013-5788.html
https://www.redhat.com/security/data/cve/CVE-2013-5789.html
https://www.redhat.com/security/data/cve/CVE-2013-5790.html
https://www.redhat.com/security/data/cve/CVE-2013-5797.html
https://www.redhat.com/security/data/cve/CVE-2013-5800.html
https://www.redhat.com/security/data/cve/CVE-2013-5801.html
https://www.redhat.com/security/data/cve/CVE-2013-5802.html
https://www.redhat.com/security/data/cve/CVE-2013-5803.html
https://www.redhat.com/security/data/cve/CVE-2013-5804.html
https://www.redhat.com/security/data/cve/CVE-2013-5809.html
https://www.redhat.com/security/data/cve/CVE-2013-5812.html
https://www.redhat.com/security/data/cve/CVE-2013-5814.html
https://www.redhat.com/security/data/cve/CVE-2013-5817.html
https://www.redhat.com/security/data/cve/CVE-2013-5818.html
https://www.redhat.com/security/data/cve/CVE-2013-5819.html
https://www.redhat.com/security/data/cve/CVE-2013-5820.html
https://www.redhat.com/security/data/cve/CVE-2013-5823.html
https://www.redhat.com/security/data/cve/CVE-2013-5824.html
https://www.redhat.com/security/data/cve/CVE-2013-5825.html
https://www.redhat.com/security/data/cve/CVE-2013-5829.html
https://www.redhat.com/security/data/cve/CVE-2013-5830.html
https://www.redhat.com/security/data/cve/CVE-2013-5831.html
https://www.redhat.com/security/data/cve/CVE-2013-5832.html
https://www.redhat.com/security/data/cve/CVE-2013-5838.html
https://www.redhat.com/security/data/cve/CVE-2013-5840.html
https://www.redhat.com/security/data/cve/CVE-2013-5842.html
https://www.redhat.com/security/data/cve/CVE-2013-5843.html
https://www.redhat.com/security/data/cve/CVE-2013-5848.html
https://www.redhat.com/security/data/cve/CVE-2013-5849.html
https://www.redhat.com/security/data/cve/CVE-2013-5850.html
https://www.redhat.com/security/data/cve/CVE-2013-5851.html
https://access.redhat.com/security/updates/classification/#critical
https://www.ibm.com/developerworks/java/jdk/alerts/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFSe8ghXlSAg2UNWIIRAgQCAJ9O3UvBG+vhMICXle9blDKNTBc/OQCfWgVS
R6qJKc835R+WrpHDdTVcaWk=
=dGn4
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory pages, listed in the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: January 27, 2014
Bugs: #404071, #421073, #433094, #438706, #451206, #455174,
#458444, #460360, #466212, #473830, #473980, #488210, #498148
ID: 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable!
2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 *
3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable!
4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 *
5 app-emulation/emul-linux-x86-java
< 1.7.0.51 >= 1.7.0.51 *
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
5 affected packages
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation. Please review the CVE identifiers referenced below for
details.
Impact
======
An unauthenticated, remote attacker could exploit these vulnerabilities
to execute arbitrary code.
Furthermore, a local or remote attacker could exploit these
vulnerabilities to cause unspecified impact, possibly including remote
execution of arbitrary code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the
latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one
of the newer Oracle packages like dev-java/oracle-jdk-bin or
dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.
References
==========
[ 1 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04031205
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04031205
Version: 1
HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access,
Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2013-12-04
Last Updated: 2013-12-04
Potential Security Impact: Remote unauthorized access, disclosure of
information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in the Java Runtime
Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These
vulnerabilities could allow remote unauthorized access, disclosure of
information, and other exploits.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.20 and
earlier.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2013-3829 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2013-4002 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1
CVE-2013-5772 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2013-5774 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5776 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5778 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2013-5780 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2013-5782 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5783 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2013-5784 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2013-5787 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5789 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5790 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2013-5797 (AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.5
CVE-2013-5801 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2013-5802 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2013-5803 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6
CVE-2013-5804 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2013-5809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5812 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4
CVE-2013-5814 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5817 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5818 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5819 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5820 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5823 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2013-5824 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5825 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2013-5829 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5830 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5831 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5840 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2013-5842 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5843 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5848 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5849 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2013-5852 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these
vulnerabilities.
The upgrade is available from the following location: http://www.hp.com/java
OS Version
Release Version
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.21 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0 update to Java v6.0.21 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
===========
Jdk60.JDK60-COM
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
Jre60.JRE60-COM
Jre60.JRE60-COM-DOC
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
action: install revision 1.6.0.21.00 or subsequent
HP-UX B.11.23
HP-UX B.11.31
===========
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
action: install revision 1.6.0.21.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 4 December 2013 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits;damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners |
|
var-202105-1459
|
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability. libwebp Is vulnerable to an out-of-bounds read.Information is obtained and denial of service (DoS) It may be put into a state. libwebp is an encoding and decoding library for the WebP image format. Bugs fixed (https://bugzilla.redhat.com/):
1944888 - CVE-2021-21409 netty: Request smuggling via content-length header
2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data
2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
5. JIRA issues fixed (https://issues.jboss.org/):
LOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable
6. Summary:
The Migration Toolkit for Containers (MTC) 1.6.3 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API. Solution:
For details on how to install and use MTC, refer to:
https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html
4. Bugs fixed (https://bugzilla.redhat.com/):
2019088 - "MigrationController" CR displays syntax error when unquiescing applications
2021666 - Route name longer than 63 characters causes direct volume migration to fail
2021668 - "MigrationController" CR ignores the "cluster_subdomain" value for direct volume migration routes
2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC)
2024966 - Manifests not used by Operator Lifecycle Manager must be removed from the MTC 1.6 Operator image
2027196 - "migration-controller" pod goes into "CrashLoopBackoff" state if an invalid registry route is entered on the "Clusters" page of the web console
2027382 - "Copy oc describe/oc logs" window does not close automatically after timeout
2028841 - "rsync-client" container fails during direct volume migration with "Address family not supported by protocol" error
2031793 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "includedResources" resource
2039852 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "destMigClusterRef" or "srcMigClusterRef"
5. Summary:
An update is now available for OpenShift Logging 5.3. Description:
Openshift Logging Bug Fix Release (5.3.0)
Security Fix(es):
* golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):
1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment
5. JIRA issues fixed (https://issues.jboss.org/):
LOG-1168 - Disable hostname verification in syslog TLS settings
LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd
LOG-1375 - ssl_ca_cert should be optional
LOG-1378 - CLO should support sasl_plaintext(Password over http)
LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate
LOG-1494 - Syslog output is serializing json incorrectly
LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server
LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing
LOG-1735 - Regression introducing flush_at_shutdown
LOG-1774 - The collector logs should be excluded in fluent.conf
LOG-1776 - fluentd total_limit_size sets value beyond available space
LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance
LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled
LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL
LOG-1903 - Fix the Display of ClusterLogging type in OLM
LOG-1911 - CLF API changes to Opt-in to multiline error detection
LOG-1918 - Alert `FluentdNodeDown` always firing
LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding
6. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4930-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 10, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : libwebp
CVE ID : CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25013
CVE-2018-25014 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330
CVE-2020-36331 CVE-2020-36332
Multiple vulnerabilities were discovered in libwebp, the implementation
of the WebP image format, which could result in denial of service, memory
disclosure or potentially the execution of arbitrary code if malformed
images are processed.
For the stable distribution (buster), these problems have been fixed in
version 0.6.1-2+deb10u1.
We recommend that you upgrade your libwebp packages.
For the detailed security status of libwebp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libwebp
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDCfg0ACgkQEMKTtsN8
TjaaKBAAqMJfe5aH4Gh14SpB7h2S5JJUK+eo/aPo1tXn7BoLiF4O5g05+McyUOdE
HI9ibolUfv+HoZlCDC93MBJvopWgd1/oqReHML5n2GXPBESYXpRstL04qwaRqu9g
AvofhX88EwHefTXmljVTL4W1KgMJuhhPxVLdimxoqd0/hjagZtA7B7R05khigC5k
nHMFoRogSPjI9H4vI2raYaOqC26zmrZNbk/CRVhuUbtDOG9qy9okjc+6KM9RcbXC
ha++EhrGXPjCg5SwrQAZ50nW3Jwif2WpSeULfTrqHr2E8nHGUCHDMMtdDwegFH/X
FK0dVaNPgrayw1Dji+fhBQz3qR7pl/1DK+gsLtREafxY0+AxZ57kCi51CykT/dLs
eC4bOPaoho91KuLFrT+X/AyAASS/00VuroFJB4sWQUvEpBCnWPUW1m3NvjsyoYuj
0wmQMVM5Bb/aYuWAM+/V9MeoklmtIn+OPAXqsVvLxdbB0GScwJV86/NvsN6Nde6c
twImfMCK1V75FPrIsxx37M52AYWvALgXbWoVi4aQPyPeDerQdgUPL1FzTGzem0NQ
PnXhuE27H/pJz79DosW8md0RFr+tfPgZ8CeTirXSUUXFiqhcXR/w1lqN2vlmfm8V
dmwgzvu9A7ZhG++JRqbbMx2D+NS4coGgRdA7XPuRrdNKniRIDhQ=
=pN/j
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: OpenShift Container Platform 4.11.0 bug fix and security update
Advisory ID: RHSA-2022:5069-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2022:5069
Issue date: 2022-08-10
CVE Names: CVE-2018-25009 CVE-2018-25010 CVE-2018-25012
CVE-2018-25013 CVE-2018-25014 CVE-2018-25032
CVE-2019-5827 CVE-2019-13750 CVE-2019-13751
CVE-2019-17594 CVE-2019-17595 CVE-2019-18218
CVE-2019-19603 CVE-2019-20838 CVE-2020-13435
CVE-2020-14155 CVE-2020-17541 CVE-2020-19131
CVE-2020-24370 CVE-2020-28493 CVE-2020-35492
CVE-2020-36330 CVE-2020-36331 CVE-2020-36332
CVE-2021-3481 CVE-2021-3580 CVE-2021-3634
CVE-2021-3672 CVE-2021-3695 CVE-2021-3696
CVE-2021-3697 CVE-2021-3737 CVE-2021-4115
CVE-2021-4156 CVE-2021-4189 CVE-2021-20095
CVE-2021-20231 CVE-2021-20232 CVE-2021-23177
CVE-2021-23566 CVE-2021-23648 CVE-2021-25219
CVE-2021-31535 CVE-2021-31566 CVE-2021-36084
CVE-2021-36085 CVE-2021-36086 CVE-2021-36087
CVE-2021-38185 CVE-2021-38593 CVE-2021-40528
CVE-2021-41190 CVE-2021-41617 CVE-2021-42771
CVE-2021-43527 CVE-2021-43818 CVE-2021-44225
CVE-2021-44906 CVE-2022-0235 CVE-2022-0778
CVE-2022-1012 CVE-2022-1215 CVE-2022-1271
CVE-2022-1292 CVE-2022-1586 CVE-2022-1621
CVE-2022-1629 CVE-2022-1706 CVE-2022-1729
CVE-2022-2068 CVE-2022-2097 CVE-2022-21698
CVE-2022-22576 CVE-2022-23772 CVE-2022-23773
CVE-2022-23806 CVE-2022-24407 CVE-2022-24675
CVE-2022-24903 CVE-2022-24921 CVE-2022-25313
CVE-2022-25314 CVE-2022-26691 CVE-2022-26945
CVE-2022-27191 CVE-2022-27774 CVE-2022-27776
CVE-2022-27782 CVE-2022-28327 CVE-2022-28733
CVE-2022-28734 CVE-2022-28735 CVE-2022-28736
CVE-2022-28737 CVE-2022-29162 CVE-2022-29810
CVE-2022-29824 CVE-2022-30321 CVE-2022-30322
CVE-2022-30323 CVE-2022-32250
====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.11.0 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container
Platform 4.11.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.11.0. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2022:5068
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
Security Fix(es):
* go-getter: command injection vulnerability (CVE-2022-26945)
* go-getter: unsafe download (issue 1 of 3) (CVE-2022-30321)
* go-getter: unsafe download (issue 2 of 3) (CVE-2022-30322)
* go-getter: unsafe download (issue 3 of 3) (CVE-2022-30323)
* nanoid: Information disclosure via valueOf() function (CVE-2021-23566)
* sanitize-url: XSS (CVE-2021-23648)
* minimist: prototype pollution (CVE-2021-44906)
* node-fetch: exposure of sensitive information to an unauthorized actor
(CVE-2022-0235)
* prometheus/client_golang: Denial of service using
InstrumentHandlerCounter (CVE-2022-21698)
* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
* go-getter: writes SSH credentials into logfile, exposing sensitive
credentials to local uses (CVE-2022-29810)
* opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.11.0-x86_64
The image digest is
sha256:300bce8246cf880e792e106607925de0a404484637627edf5f517375517d54a4
(For aarch64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.11.0-aarch64
The image digest is
sha256:29fa8419da2afdb64b5475d2b43dad8cc9205e566db3968c5738e7a91cf96dfe
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.11.0-s390x
The image digest is
sha256:015d6180238b4024d11dfef6751143619a0458eccfb589f2058ceb1a6359dd46
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.11.0-ppc64le
The image digest is
sha256:5052f8d5597c6656ca9b6bfd3de521504c79917aa80feb915d3c8546241f86ca
All OpenShift Container Platform 4.11 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
3. Solution:
For OpenShift Container Platform 4.11 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
4. Bugs fixed (https://bugzilla.redhat.com/):
1817075 - MCC & MCO don't free leader leases during shut down -> 10 minutes of leader election timeouts
1822752 - cluster-version operator stops applying manifests when blocked by a precondition check
1823143 - oc adm release extract --command, --tools doesn't pull from localregistry when given a localregistry/image
1858418 - [OCPonRHV] OpenShift installer fails when Blank template is missing in oVirt/RHV
1859153 - [AWS] An IAM error occurred occasionally during the installation phase: Invalid IAM Instance Profile name
1896181 - [ovirt] install fails: due to terraform error "Cannot run VM. VM is being updated" on vm resource
1898265 - [OCP 4.5][AWS] Installation failed: error updating LB Target Group
1902307 - [vSphere] cloud labels management via cloud provider makes nodes not ready
1905850 - `oc adm policy who-can` failed to check the `operatorcondition/status` resource
1916279 - [OCPonRHV] Sometimes terraform installation fails on -failed to fetch Cluster(another terraform bug)
1917898 - [ovirt] install fails: due to terraform error "Tag not matched: expect <fault> but got <html>" on vm resource
1918005 - [vsphere] If there are multiple port groups with the same name installation fails
1918417 - IPv6 errors after exiting crictl
1918690 - Should update the KCM resource-graph timely with the latest configure
1919980 - oVirt installer fails due to terraform error "Failed to wait for Templte(...) to become ok"
1921182 - InspectFailed: kubelet Failed to inspect image: rpc error: code = DeadlineExceeded desc = context deadline exceeded
1923536 - Image pullthrough does not pass 429 errors back to capable clients
1926975 - [aws-c2s] kube-apiserver crashloops due to missing cloud config
1928932 - deploy/route_crd.yaml in openshift/router uses deprecated v1beta1 CRD API
1932812 - Installer uses the terraform-provider in the Installer's directory if it exists
1934304 - MemoryPressure Top Pod Consumers seems to be 2x expected value
1943937 - CatalogSource incorrect parsing validation
1944264 - [ovn] CNO should gracefully terminate OVN databases
1944851 - List of ingress routes not cleaned up when routers no longer exist - take 2
1945329 - In k8s 1.21 bump conntrack 'should drop INVALID conntrack entries' tests are disabled
1948556 - Cannot read property 'apiGroup' of undefined error viewing operator CSV
1949827 - Kubelet bound to incorrect IPs, referring to incorrect NICs in 4.5.x
1957012 - Deleting the KubeDescheduler CR does not remove the corresponding deployment or configmap
1957668 - oc login does not show link to console
1958198 - authentication operator takes too long to pick up a configuration change
1958512 - No 1.25 shown in REMOVEDINRELEASE for apis audited with k8s.io/removed-release 1.25 and k8s.io/deprecated true
1961233 - Add CI test coverage for DNS availability during upgrades
1961844 - baremetal ClusterOperator installed by CVO does not have relatedObjects
1965468 - [OSP] Delete volume snapshots based on cluster ID in their metadata
1965934 - can not get new result with "Refresh off" if click "Run queries" again
1965969 - [aws] the public hosted zone id is not correct in the destroy log, while destroying a cluster which is using BYO private hosted zone.
1968253 - GCP CSI driver can provision volume with access mode ROX
1969794 - [OSP] Document how to use image registry PVC backend with custom availability zones
1975543 - [OLM] Remove stale cruft installed by CVO in earlier releases
1976111 - [tracker] multipathd.socket is missing start conditions
1976782 - Openshift registry starts to segfault after S3 storage configuration
1977100 - Pod failed to start with message "set CPU load balancing: readdirent /proc/sys/kernel/sched_domain/cpu66/domain0: no such file or directory"
1978303 - KAS pod logs show: [SHOULD NOT HAPPEN] ...failed to convert new object...CertificateSigningRequest) to smd typed: .status.conditions: duplicate entries for key [type=\"Approved\"]
1978798 - [Network Operator] Upgrade: The configuration to enable network policy ACL logging is missing on the cluster upgraded from 4.7->4.8
1979671 - Warning annotation for pods with cpu requests or limits on single-node OpenShift cluster without workload partitioning
1982737 - OLM does not warn on invalid CSV
1983056 - IP conflict while recreating Pod with fixed name
1984785 - LSO CSV does not contain disconnected annotation
1989610 - Unsupported data types should not be rendered on operand details page
1990125 - co/image-registry is degrade because ImagePrunerDegraded: Job has reached the specified backoff limit
1990384 - 502 error on "Observe -> Alerting" UI after disabled local alertmanager
1992553 - all the alert rules' annotations "summary" and "description" should comply with the OpenShift alerting guidelines
1994117 - Some hardcodes are detected at the code level in orphaned code
1994820 - machine controller doesn't send vCPU quota failed messages to cluster install logs
1995953 - Ingresscontroller change the replicas to scaleup first time will be rolling update for all the ingress pods
1996544 - AWS region ap-northeast-3 is missing in installer prompt
1996638 - Helm operator manager container restart when CR is creating&deleting
1997120 - test_recreate_pod_in_namespace fails - Timed out waiting for namespace
1997142 - OperatorHub: Filtering the OperatorHub catalog is extremely slow
1997704 - [osp][octavia lb] given loadBalancerIP is ignored when creating a LoadBalancer type svc
1999325 - FailedMount MountVolume.SetUp failed for volume "kube-api-access" : object "openshift-kube-scheduler"/"kube-root-ca.crt" not registered
1999529 - Must gather fails to gather logs for all the namespace if server doesn't have volumesnapshotclasses resource
1999891 - must-gather collects backup data even when Pods fails to be created
2000653 - Add hypershift namespace to exclude namespaces list in descheduler configmap
2002009 - IPI Baremetal, qemu-convert takes to long to save image into drive on slow/large disks
2002602 - Storageclass creation page goes blank when "Enable encryption" is clicked if there is a syntax error in the configmap
2002868 - Node exporter not able to scrape OVS metrics
2005321 - Web Terminal is not opened on Stage of DevSandbox when terminal instance is not created yet
2005694 - Removing proxy object takes up to 10 minutes for the changes to propagate to the MCO
2006067 - Objects are not valid as a React child
2006201 - ovirt-csi-driver-node pods are crashing intermittently
2007246 - Openshift Container Platform - Ingress Controller does not set allowPrivilegeEscalation in the router deployment
2007340 - Accessibility issues on topology - list view
2007611 - TLS issues with the internal registry and AWS S3 bucket
2007647 - oc adm release info --changes-from does not show changes in repos that squash-merge
2008486 - Double scroll bar shows up on dragging the task quick search to the bottom
2009345 - Overview page does not load from openshift console for some set of users after upgrading to 4.7.19
2009352 - Add image-registry usage metrics to telemeter
2009845 - Respect overrides changes during installation
2010361 - OpenShift Alerting Rules Style-Guide Compliance
2010364 - OpenShift Alerting Rules Style-Guide Compliance
2010393 - [sig-arch][Late] clients should not use APIs that are removed in upcoming releases [Suite:openshift/conformance/parallel]
2011525 - Rate-limit incoming BFD to prevent ovn-controller DoS
2011895 - Details about cloud errors are missing from PV/PVC errors
2012111 - LSO still try to find localvolumeset which is already deleted
2012969 - need to figure out why osupdatedstart to reboot is zero seconds
2013144 - Developer catalog category links could not be open in a new tab (sharing and open a deep link works fine)
2013461 - Import deployment from Git with s2i expose always port 8080 (Service and Pod template, not Route) if another Route port is selected by the user
2013734 - unable to label downloads route in openshift-console namespace
2013822 - ensure that the `container-tools` content comes from the RHAOS plashets
2014161 - PipelineRun logs are delayed and stuck on a high log volume
2014240 - Image registry uses ICSPs only when source exactly matches image
2014420 - Topology page is crashed
2014640 - Cannot change storage class of boot disk when cloning from template
2015023 - Operator objects are re-created even after deleting it
2015042 - Adding a template from the catalog creates a secret that is not owned by the TemplateInstance
2015356 - Different status shows on VM list page and details page
2015375 - PVC creation for ODF/IBM Flashsystem shows incorrect types
2015459 - [azure][openstack]When image registry configure an invalid proxy, registry pods are CrashLoopBackOff
2015800 - [IBM]Shouldn't change status.storage.bucket and status.storage.resourceKeyCRN when update sepc.stroage,ibmcos with invalid value
2016425 - Adoption controller generating invalid metadata.Labels for an already adopted Subscription resource
2016534 - externalIP does not work when egressIP is also present
2017001 - Topology context menu for Serverless components always open downwards
2018188 - VRRP ID conflict between keepalived-ipfailover and cluster VIPs
2018517 - [sig-arch] events should not repeat pathologically expand_less failures - s390x CI
2019532 - Logger object in LSO does not log source location accurately
2019564 - User settings resources (ConfigMap, Role, RB) should be deleted when a user is deleted
2020483 - Parameter $__auto_interval_period is in Period drop-down list
2020622 - e2e-aws-upi and e2e-azure-upi jobs are not working
2021041 - [vsphere] Not found TagCategory when destroying ipi cluster
2021446 - openshift-ingress-canary is not reporting DEGRADED state, even though the canary route is not available and accessible
2022253 - Web terminal view is broken
2022507 - Pods stuck in OutOfpods state after running cluster-density
2022611 - Remove BlockPools(no use case) and Object(redundat with Overview) tab on the storagesystem page for NooBaa only and remove BlockPools tab for External mode deployment
2022745 - Cluster reader is not able to list NodeNetwork* objects
2023295 - Must-gather tool gathering data from custom namespaces.
2023691 - ClusterIP internalTrafficPolicy does not work for ovn-kubernetes
2024427 - oc completion zsh doesn't auto complete
2024708 - The form for creating operational CRs is badly rendering filed names ("obsoleteCPUs" -> "Obsolete CP Us" )
2024821 - [Azure-File-CSI] need more clear info when requesting pvc with volumeMode Block
2024938 - CVE-2021-41190 opencontainers: OCI manifest and index parsing confusion
2025624 - Ingress router metrics endpoint serving old certificates after certificate rotation
2026356 - [IPI on Azure] The bootstrap machine type should be same as master
2026461 - Completed pods in Openshift cluster not releasing IP addresses and results in err: range is full unless manually deleted
2027603 - [UI] Dropdown doesn't close on it's own after arbiter zone selection on 'Capacity and nodes' page
2027613 - Users can't silence alerts from the dev console
2028493 - OVN-migration failed - ovnkube-node: error waiting for node readiness: timed out waiting for the condition
2028532 - noobaa-pg-db-0 pod stuck in Init:0/2
2028821 - Misspelled label in ODF management UI - MCG performance view
2029438 - Bootstrap node cannot resolve api-int because NetworkManager replaces resolv.conf
2029470 - Recover from suddenly appearing old operand revision WAS: kube-scheduler-operator test failure: Node's not achieving new revision
2029797 - Uncaught exception: ResizeObserver loop limit exceeded
2029835 - CSI migration for vSphere: Inline-volume tests failing
2030034 - prometheusrules.openshift.io: dial tcp: lookup prometheus-operator.openshift-monitoring.svc on 172.30.0.10:53: no such host
2030530 - VM created via customize wizard has single quotation marks surrounding its password
2030733 - wrong IP selected to connect to the nodes when ExternalCloudProvider enabled
2030776 - e2e-operator always uses quay master images during presubmit tests
2032559 - CNO allows migration to dual-stack in unsupported configurations
2032717 - Unable to download ignition after coreos-installer install --copy-network
2032924 - PVs are not being cleaned up after PVC deletion
2033482 - [vsphere] two variables in tf are undeclared and get warning message during installation
2033575 - monitoring targets are down after the cluster run for more than 1 day
2033711 - IBM VPC operator needs e2e csi tests for ibmcloud
2033862 - MachineSet is not scaling up due to an OpenStack error trying to create multiple ports with the same MAC address
2034147 - OpenShift VMware IPI Installation fails with Resource customization when corespersocket is unset and vCPU count is not a multiple of 4
2034296 - Kubelet and Crio fails to start during upgrde to 4.7.37
2034411 - [Egress Router] No NAT rules for ipv6 source and destination created in ip6tables-save
2034688 - Allow Prometheus/Thanos to return 401 or 403 when the request isn't authenticated
2034958 - [sig-network] Conntrack should be able to preserve UDP traffic when initial unready endpoints get ready
2035005 - MCD is not always removing in progress taint after a successful update
2035334 - [RFE] [OCPonRHV] Provision machines with preallocated disks
2035899 - Operator-sdk run bundle doesn't support arm64 env
2036202 - Bump podman to >= 3.3.0 so that setup of multiple credentials for a single registry which can be distinguished by their path will work
2036594 - [MAPO] Machine goes to failed state due to a momentary error of the cluster etcd
2036948 - SR-IOV Network Device Plugin should handle offloaded VF instead of supporting only PF
2037190 - dns operator status flaps between True/False/False and True/True/(False|True) after updating dnses.operator.openshift.io/default
2037447 - Ingress Operator is not closing TCP connections.
2037513 - I/O metrics from the Kubernetes/Compute Resources/Cluster Dashboard show as no datapoints found
2037542 - Pipeline Builder footer is not sticky and yaml tab doesn't use full height
2037610 - typo for the Terminated message from thanos-querier pod description info
2037620 - Upgrade playbook should quit directly when trying to upgrade RHEL-7 workers to 4.10
2037625 - AppliedClusterResourceQuotas can not be shown on project overview
2037626 - unable to fetch ignition file when scaleup rhel worker nodes on cluster enabled Tang disk encryption
2037628 - Add test id to kms flows for automation
2037721 - PodDisruptionBudgetAtLimit alert fired in SNO cluster
2037762 - Wrong ServiceMonitor definition is causing failure during Prometheus configuration reload and preventing changes from being applied
2037841 - [RFE] use /dev/ptp_hyperv on Azure/AzureStack
2038115 - Namespace and application bar is not sticky anymore
2038244 - Import from git ignore the given servername and could not validate On-Premises GitHub and BitBucket installations
2038405 - openshift-e2e-aws-workers-rhel-workflow in CI step registry broken
2038774 - IBM-Cloud OVN IPsec fails, IKE UDP ports and ESP protocol not in security group
2039135 - the error message is not clear when using "opm index prune" to prune a file-based index image
2039161 - Note about token for encrypted PVCs should be removed when only cluster wide encryption checkbox is selected
2039253 - ovnkube-node crashes on duplicate endpoints
2039256 - Domain validation fails when TLD contains a digit.
2039277 - Topology list view items are not highlighted on keyboard navigation
2039462 - Application tab in User Preferences dropdown menus are too wide.
2039477 - validation icon is missing from Import from git
2039589 - The toolbox command always ignores [command] the first time
2039647 - Some developer perspective links are not deep-linked causes developer to sometimes delete/modify resources in the wrong project
2040180 - Bug when adding a new table panel to a dashboard for OCP UI with only one value column
2040195 - Ignition fails to enable systemd units with backslash-escaped characters in their names
2040277 - ThanosRuleNoEvaluationFor10Intervals alert description is wrong
2040488 - OpenShift-Ansible BYOH Unit Tests are Broken
2040635 - CPU Utilisation is negative number for "Kubernetes / Compute Resources / Cluster" dashboard
2040654 - 'oc adm must-gather -- some_script' should exit with same non-zero code as the failed 'some_script' exits
2040779 - Nodeport svc not accessible when the backend pod is on a window node
2040933 - OCP 4.10 nightly build will fail to install if multiple NICs are defined on KVM nodes
2041133 - 'oc explain route.status.ingress.conditions' shows type 'Currently only Ready' but actually is 'Admitted'
2041454 - Garbage values accepted for `--reference-policy` in `oc import-image` without any error
2041616 - Ingress operator tries to manage DNS of additional ingresscontrollers that are not under clusters basedomain, which can't work
2041769 - Pipeline Metrics page not showing data for normal user
2041774 - Failing git detection should not recommend Devfiles as import strategy
2041814 - The KubeletConfigController wrongly process multiple confs for a pool
2041940 - Namespace pre-population not happening till a Pod is created
2042027 - Incorrect feedback for "oc label pods --all"
2042348 - Volume ID is missing in output message when expanding volume which is not mounted.
2042446 - CSIWithOldVSphereHWVersion alert recurring despite upgrade to vmx-15
2042501 - use lease for leader election
2042587 - ocm-operator: Improve reconciliation of CA ConfigMaps
2042652 - Unable to deploy hw-event-proxy operator
2042838 - The status of container is not consistent on Container details and pod details page
2042852 - Topology toolbars are unaligned to other toolbars
2042999 - A pod cannot reach kubernetes.default.svc.cluster.local cluster IP
2043035 - Wrong error code provided when request contains invalid argument
2043068 - <x> available of <y> text disappears in Utilization item if x is 0
2043080 - openshift-installer intermittent failure on AWS with Error: InvalidVpcID.NotFound: The vpc ID 'vpc-123456789' does not exist
2043094 - ovnkube-node not deleting stale conntrack entries when endpoints go away
2043118 - Host should transition through Preparing when HostFirmwareSettings changed
2043132 - Add a metric when vsphere csi storageclass creation fails
2043314 - `oc debug node` does not meet compliance requirement
2043336 - Creating multi SriovNetworkNodePolicy cause the worker always be draining
2043428 - Address Alibaba CSI driver operator review comments
2043533 - Update ironic, inspector, and ironic-python-agent to latest bugfix release
2043672 - [MAPO] root volumes not working
2044140 - When 'oc adm upgrade --to-image ...' rejects an update as not recommended, it should mention --allow-explicit-upgrade
2044207 - [KMS] The data in the text box does not get cleared on switching the authentication method
2044227 - Test Managed cluster should only include cluster daemonsets that have maxUnavailable update of 10 or 33 percent fails
2044412 - Topology list misses separator lines and hover effect let the list jump 1px
2044421 - Topology list does not allow selecting an application group anymore
2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor
2044803 - Unify button text style on VM tabs
2044824 - Failing test in periodics: [sig-network] Services should respect internalTrafficPolicy=Local Pod and Node, to Pod (hostNetwork: true) [Feature:ServiceInternalTrafficPolicy] [Skipped:Network/OVNKubernetes] [Suite:openshift/conformance/parallel] [Suite:k8s]
2045065 - Scheduled pod has nodeName changed
2045073 - Bump golang and build images for local-storage-operator
2045087 - Failed to apply sriov policy on intel nics
2045551 - Remove enabled FeatureGates from TechPreviewNoUpgrade
2045559 - API_VIP moved when kube-api container on another master node was stopped
2045577 - [ocp 4.9 | ovn-kubernetes] ovsdb_idl|WARN|transaction error: {"details":"cannot delete Datapath_Binding row 29e48972-xxxx because of 2 remaining reference(s)","error":"referential integrity violation
2045872 - SNO: cluster-policy-controller failed to start due to missing serving-cert/tls.crt
2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
2046133 - [MAPO]IPI proxy installation failed
2046156 - Network policy: preview of affected pods for non-admin shows empty popup
2046157 - Still uses pod-security.admission.config.k8s.io/v1alpha1 in admission plugin config
2046191 - Opeartor pod is missing correct qosClass and priorityClass
2046277 - openshift-installer intermittent failure on AWS with "Error: Provider produced inconsistent result after apply" when creating the module.vpc.aws_subnet.private_subnet[0] resource
2046319 - oc debug cronjob command failed with error "unable to extract pod template from type *v1.CronJob".
2046435 - Better Devfile Import Strategy support in the 'Import from Git' flow
2046496 - Awkward wrapping of project toolbar on mobile
2046497 - Re-enable TestMetricsEndpoint test case in console operator e2e tests
2046498 - "All Projects" and "all applications" use different casing on topology page
2046591 - Auto-update boot source is not available while create new template from it
2046594 - "Requested template could not be found" while creating VM from user-created template
2046598 - Auto-update boot source size unit is byte on customize wizard
2046601 - Cannot create VM from template
2046618 - Start last run action should contain current user name in the started-by annotation of the PLR
2046662 - Should upgrade the go version to be 1.17 for example go operator memcached-operator
2047197 - Sould upgrade the operator_sdk.util version to "0.4.0" for the "osdk_metric" module
2047257 - [CP MIGRATION] Node drain failure during control plane node migration
2047277 - Storage status is missing from status card of virtualization overview
2047308 - Remove metrics and events for master port offsets
2047310 - Running VMs per template card needs empty state when no VMs exist
2047320 - New route annotation to show another URL or hide topology URL decorator doesn't work for Knative Services
2047335 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used
2047362 - Removing prometheus UI access breaks origin test
2047445 - ovs-configure mis-detecting the ipv6 status on IPv4 only cluster causing Deployment failure
2047670 - Installer should pre-check that the hosted zone is not associated with the VPC and throw the error message.
2047702 - Issue described on bug #2013528 reproduced: mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8
2047710 - [OVN] ovn-dbchecker CrashLoopBackOff and sbdb jsonrpc unix socket receive error
2047732 - [IBM]Volume is not deleted after destroy cluster
2047741 - openshift-installer intermittent failure on AWS with "Error: Provider produced inconsistent result after apply" when creating the module.masters.aws_network_interface.master[1] resource
2047790 - [sig-network][Feature:Router] The HAProxy router should override the route host for overridden domains with a custom value [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2047799 - release-openshift-ocp-installer-e2e-aws-upi-4.9
2047870 - Prevent redundant queries of BIOS settings in HostFirmwareController
2047895 - Fix architecture naming in oc adm release mirror for aarch64
2047911 - e2e: Mock CSI tests fail on IBM ROKS clusters
2047913 - [sig-network][Feature:Router] The HAProxy router should override the route host for overridden domains with a custom value [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2047925 - [FJ OCP4.10 Bug]: IRONIC_KERNEL_PARAMS does not contain coreos_kernel_params during iPXE boot
2047935 - [4.11] Bootimage bump tracker
2047998 - [alicloud] CCM deploys alibaba-cloud-controller-manager from quay.io/openshift/origin-*
2048059 - Service Level Agreement (SLA) always show 'Unknown'
2048067 - [IPI on Alibabacloud] "Platform Provisioning Check" tells '"ap-southeast-6": enhanced NAT gateway is not supported', which seems false
2048186 - Image registry operator panics when finalizes config deletion
2048214 - Can not push images to image-registry when enabling KMS encryption in AlibabaCloud
2048219 - MetalLB: User should not be allowed add same bgp advertisement twice in BGP address pool
2048221 - Capitalization of titles in the VM details page is inconsistent.
2048222 - [AWS GovCloud] Cluster can not be installed on AWS GovCloud regions via terminal interactive UI.
2048276 - Cypress E2E tests fail due to a typo in test-cypress.sh
2048333 - prometheus-adapter becomes inaccessible during rollout
2048352 - [OVN] node does not recover after NetworkManager restart, NotReady and unreachable
2048442 - [KMS] UI does not have option to specify kube auth path and namespace for cluster wide encryption
2048451 - Custom serviceEndpoints in install-config are reported to be unreachable when environment uses a proxy
2048538 - Network policies are not implemented or updated by OVN-Kubernetes
2048541 - incorrect rbac check for install operator quick starts
2048563 - Leader election conventions for cluster topology
2048575 - IP reconciler cron job failing on single node
2048686 - Check MAC address provided on the install-config.yaml file
2048687 - All bare metal jobs are failing now due to End of Life of centos 8
2048793 - Many Conformance tests are failing in OCP 4.10 with Kuryr
2048803 - CRI-O seccomp profile out of date
2048824 - [IBMCloud] ibm-vpc-block-csi-node does not specify an update strategy, only resource requests, or priority class
2048841 - [ovn] Missing lr-policy-list and snat rules for egressip when new pods are added
2048955 - Alibaba Disk CSI Driver does not have CI
2049073 - AWS EFS CSI driver should use the trusted CA bundle when cluster proxy is configured
2049078 - Bond CNI: Failed to attach Bond NAD to pod
2049108 - openshift-installer intermittent failure on AWS with 'Error: Error waiting for NAT Gateway (nat-xxxxx) to become available'
2049117 - e2e-metal-ipi-serial-ovn-ipv6 is failing frequently
2049133 - oc adm catalog mirror throws 'missing signature key' error when using file://local/index
2049142 - Missing "app" label
2049169 - oVirt CSI driver should use the trusted CA bundle when cluster proxy is configured
2049234 - ImagePull fails with error "unable to pull manifest from example.com/busy.box:v5 invalid reference format"
2049410 - external-dns-operator creates provider section, even when not requested
2049483 - Sidepanel for Connectors/workloads in topology shows invalid tabs
2049613 - MTU migration on SDN IPv4 causes API alerts
2049671 - system:serviceaccount:openshift-cluster-csi-drivers:aws-ebs-csi-driver-operator trying to GET and DELETE /api/v1/namespaces/openshift-cluster-csi-drivers/configmaps/kube-cloud-config which does not exist
2049687 - superfluous apirequestcount entries in audit log
2049775 - cloud-provider-config change not applied when ExternalCloudProvider enabled
2049787 - (dummy bug) ovn-kubernetes ExternalTrafficPolicy still SNATs
2049832 - ContainerCreateError when trying to launch large (>500) numbers of pods across nodes
2049872 - cluster storage operator AWS credentialsrequest lacks KMS privileges
2049889 - oc new-app --search nodejs warns about access to sample content on quay.io
2050005 - Plugin module IDs can clash with console module IDs causing runtime errors
2050011 - Observe > Metrics page: Timespan text input and dropdown do not align
2050120 - Missing metrics in kube-state-metrics
2050146 - Installation on PSI fails with: 'openstack platform does not have the required standard-attr-tag network extension'
2050173 - [aws-ebs-csi-driver] Merge upstream changes since v1.2.0
2050180 - [aws-efs-csi-driver] Merge upstream changes since v1.3.2
2050300 - panic in cluster-storage-operator while updating status
2050332 - Malformed ClusterClaim lifetimes cause the clusterclaims-controller to silently fail to reconcile all clusterclaims
2050335 - azure-disk failed to mount with error special device does not exist
2050345 - alert data for burn budget needs to be updated to prevent regression
2050407 - revert "force cert rotation every couple days for development" in 4.11
2050409 - ip-reconcile job is failing consistently
2050452 - Update osType and hardware version used by RHCOS OVA to indicate it is a RHEL 8 guest
2050466 - machine config update with invalid container runtime config should be more robust
2050637 - Blog Link not re-directing to the intented website in the last modal in the Dev Console Onboarding Tour
2050698 - After upgrading the cluster the console still show 0 of N, 0% progress for worker nodes
2050707 - up test for prometheus pod look to far in the past
2050767 - Vsphere upi tries to access vsphere during manifests generation phase
2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function
2050882 - Crio appears to be coredumping in some scenarios
2050902 - not all resources created during import have common labels
2050946 - Cluster-version operator fails to notice TechPreviewNoUpgrade featureSet change after initialization-lookup error
2051320 - Need to build ose-aws-efs-csi-driver-operator-bundle-container image for 4.11
2051333 - [aws] records in public hosted zone and BYO private hosted zone were not deleted.
2051377 - Unable to switch vfio-pci to netdevice in policy
2051378 - Template wizard is crashed when there are no templates existing
2051423 - migrate loadbalancers from amphora to ovn not working
2051457 - [RFE] PDB for cloud-controller-manager to avoid going too many replicas down
2051470 - prometheus: Add validations for relabel configs
2051558 - RoleBinding in project without subject is causing "Project access" page to fail
2051578 - Sort is broken for the Status and Version columns on the Cluster Settings > ClusterOperators page
2051583 - sriov must-gather image doesn't work
2051593 - Summary Interval Hardcoded in PTP Operator if Set in the Global Body Instead of Command Line
2051611 - Remove Check which enforces summary_interval must match logSyncInterval
2051642 - Remove "Tech-Preview" Label for the Web Terminal GA release
2051657 - Remove 'Tech preview' from minnimal deployment Storage System creation
2051718 - MetaLLB: Validation Webhook: BGPPeer hold time is allowed to be set to less than 3s
2051722 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop
2051881 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid
2051954 - Allow changing of policyAuditConfig ratelimit post-deployment
2051969 - Need to build local-storage-operator-metadata-container image for 4.11
2051985 - An APIRequestCount without dots in the name can cause a panic
2052016 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set.
2052034 - Can't start correct debug pod using pod definition yaml in OCP 4.8
2052055 - Whereabouts should implement client-go 1.22+
2052056 - Static pod installer should throttle creating new revisions
2052071 - local storage operator metrics target down after upgrade
2052095 - Infinite OAuth redirect loop post-upgrade to 4.10.0-rc.1
2052270 - FSyncControllerDegraded has "treshold" -> "threshold" typos
2052309 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests
2052332 - Probe failures and pod restarts during 4.7 to 4.8 upgrade
2052393 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh
2052398 - 4.9 to 4.10 upgrade fails for ovnkube-masters
2052415 - Pod density test causing problems when using kube-burner
2052513 - Failing webhooks will block an upgrade to 4.10 mid-way through the upgrade.
2052578 - Create new app from a private git repository using 'oc new app' with basic auth does not work.
2052595 - Remove dev preview badge from IBM FlashSystem deployment windows
2052618 - Node reboot causes duplicate persistent volumes
2052671 - Add Sprint 214 translations
2052674 - Remove extra spaces
2052700 - kube-controller-manger should use configmap lease
2052701 - kube-scheduler should use configmap lease
2052814 - go fmt fails in OSM after migration to go 1.17
2052840 - IMAGE_BUILDER=docker make test-e2e-operator-ocp runs with podman instead of docker
2052953 - Observe dashboard always opens for last viewed workload instead of the selected one
2052956 - Installing virtualization operator duplicates the first action on workloads in topology
2052975 - High cpu load on Juniper Qfx5120 Network switches after upgrade to Openshift 4.8.26
2052986 - Console crashes when Mid cycle hook in Recreate strategy(edit deployment/deploymentConfig) selects Lifecycle strategy as "Tags the current image as an image stream tag if the deployment succeeds"
2053006 - [ibm]Operator storage PROGRESSING and DEGRADED is true during fresh install for ocp4.11
2053104 - [vSphere CSI driver Operator] hw_version_total metric update wrong value after upgrade nodes hardware version from `vmx-13` to `vmx-15`
2053112 - nncp status is unknown when nnce is Progressing
2053118 - nncp Available condition reason should be exposed in `oc get`
2053168 - Ensure the core dynamic plugin SDK package has correct types and code
2053205 - ci-openshift-cluster-network-operator-master-e2e-agnostic-upgrade is failing most of the time
2053304 - Debug terminal no longer works in admin console
2053312 - requestheader IDP test doesn't wait for cleanup, causing high failure rates
2053334 - rhel worker scaleup playbook failed because missing some dependency of podman
2053343 - Cluster Autoscaler not scaling down nodes which seem to qualify for scale-down
2053491 - nmstate interprets interface names as float64 and subsequently crashes on state update
2053501 - Git import detection does not happen for private repositories
2053582 - inability to detect static lifecycle failure
2053596 - [IBM Cloud] Storage IOPS limitations and lack of IPI ETCD deployment options trigger leader election during cluster initialization
2053609 - LoadBalancer SCTP service leaves stale conntrack entry that causes issues if service is recreated
2053622 - PDB warning alert when CR replica count is set to zero
2053685 - Topology performance: Immutable .toJSON consumes a lot of CPU time when rendering a large topology graph (~100 nodes)
2053721 - When using RootDeviceHint rotational setting the host can fail to provision
2053922 - [OCP 4.8][OVN] pod interface: error while waiting on OVS.Interface.external-ids
2054095 - [release-4.11] Gather images.conifg.openshift.io cluster resource definiition
2054197 - The ProjectHelmChartRepositrory schema has merged but has not been initialized in the cluster yet
2054200 - Custom created services in openshift-ingress removed even though the services are not of type LoadBalancer
2054238 - console-master-e2e-gcp-console is broken
2054254 - vSphere test failure: [Serial] [sig-auth][Feature:OAuthServer] [RequestHeaders] [IdP] test RequestHeaders IdP [Suite:openshift/conformance/serial]
2054285 - Services other than knative service also shows as KSVC in add subscription/trigger modal
2054319 - must-gather | gather_metallb_logs can't detect metallb pod
2054351 - Rrestart of ptp4l/phc2sys on change of PTPConfig generates more than one times, socket error in event frame work
2054385 - redhat-operatori ndex image build failed with AMQ brew build - amq-interconnect-operator-metadata-container-1.10.13
2054564 - DPU network operator 4.10 branch need to sync with master
2054630 - cancel create silence from kebab menu of alerts page will navigated to the previous page
2054693 - Error deploying HorizontalPodAutoscaler with oc new-app command in OpenShift 4
2054701 - [MAPO] Events are not created for MAPO machines
2054705 - [tracker] nf_reinject calls nf_queue_entry_free on an already freed entry->state
2054735 - Bad link in CNV console
2054770 - IPI baremetal deployment metal3 pod crashes when using capital letters in hosts bootMACAddress
2054787 - SRO controller goes to CrashLoopBackOff status when the pull-secret does not have the correct permissions
2054950 - A large number is showing on disk size field
2055305 - Thanos Querier high CPU and memory usage till OOM
2055386 - MetalLB changes the shared external IP of a service upon updating the externalTrafficPolicy definition
2055433 - Unable to create br-ex as gateway is not found
2055470 - Ingresscontroller LB scope change behaviour differs for different values of aws-load-balancer-internal annotation
2055492 - The default YAML on vm wizard is not latest
2055601 - installer did not destroy *.app dns recored in a IPI on ASH install
2055702 - Enable Serverless tests in CI
2055723 - CCM operator doesn't deploy resources after enabling TechPreviewNoUpgrade feature set.
2055729 - NodePerfCheck fires and stays active on momentary high latency
2055814 - Custom dynamic exntension point causes runtime and compile time error
2055861 - cronjob collect-profiles failed leads node reach to OutOfpods status
2055980 - [dynamic SDK][internal] console plugin SDK does not support table actions
2056454 - Implement preallocated disks for oVirt in the cluster API provider
2056460 - Implement preallocated disks for oVirt in the OCP installer
2056496 - If image does not exists for builder image then upload jar form crashes
2056519 - unable to install IPI PRIVATE OpenShift cluster in Azure due to organization policies
2056607 - Running kubernetes-nmstate handler e2e tests stuck on OVN clusters
2056752 - Better to named the oc-mirror version info with more information like the `oc version --client`
2056802 - "enforcedLabelLimit|enforcedLabelNameLengthLimit|enforcedLabelValueLengthLimit" do not take effect
2056841 - [UI] [DR] Web console update is available pop-up is seen multiple times on Hub cluster where ODF operator is not installed and unnecessarily it pop-up on the Managed cluster as well where ODF operator is installed
2056893 - incorrect warning for --to-image in oc adm upgrade help
2056967 - MetalLB: speaker metrics is not updated when deleting a service
2057025 - Resource requests for the init-config-reloader container of prometheus-k8s-* pods are too high
2057054 - SDK: k8s methods resolves into Response instead of the Resource
2057079 - [cluster-csi-snapshot-controller-operator] CI failure: events should not repeat pathologically
2057101 - oc commands working with images print an incorrect and inappropriate warning
2057160 - configure-ovs selects wrong interface on reboot
2057183 - OperatorHub: Missing "valid subscriptions" filter
2057251 - response code for Pod count graph changed from 422 to 200 periodically for about 30 minutes if pod is rescheduled
2057358 - [Secondary Scheduler] - cannot build bundle index image using the secondary scheduler operator bundle
2057387 - [Secondary Scheduler] - olm.skiprange, com.redhat.openshift.versions is incorrect and no minkubeversion
2057403 - CMO logs show forbidden: User "system:serviceaccount:openshift-monitoring:cluster-monitoring-operator" cannot get resource "replicasets" in API group "apps" in the namespace "openshift-monitoring"
2057495 - Alibaba Disk CSI driver does not provision small PVCs
2057558 - Marketplace operator polls too frequently for cluster operator status changes
2057633 - oc rsync reports misleading error when container is not found
2057642 - ClusterOperator status.conditions[].reason "etcd disk metrics exceeded..." should be a CamelCase slug
2057644 - FSyncControllerDegraded latches True, even after fsync latency recovers on all members
2057696 - Removing console still blocks OCP install from completing
2057762 - ingress operator should report Upgradeable False to remind user before upgrade to 4.10 when Non-SAN certs are used
2057832 - expr for record rule: "cluster:telemetry_selected_series:count" is improper
2057967 - KubeJobCompletion does not account for possible job states
2057990 - Add extra debug information to image signature workflow test
2057994 - SRIOV-CNI failed to load netconf: LoadConf(): failed to get VF information
2058030 - On OCP 4.10+ using OVNK8s on BM IPI, nodes register as localhost.localdomain
2058217 - [vsphere-problem-detector-operator] 'vsphere_rwx_volumes_total' metric name make confused
2058225 - openshift_csi_share_* metrics are not found from telemeter server
2058282 - Websockets stop updating during cluster upgrades
2058291 - CI builds should have correct version of Kube without needing to push tags everytime
2058368 - Openshift OVN-K got restarted mutilple times with the error " ovsdb-server/memory-trim-on-compaction on'' failed: exit status 1 and " ovndbchecker.go:118] unable to turn on memory trimming for SB DB, stderr " , cluster unavailable
2058370 - e2e-aws-driver-toolkit CI job is failing
2058421 - 4.9.23-s390x-machine-os-content manifest invalid when mirroring content for disconnected install
2058424 - ConsolePlugin proxy always passes Authorization header even if `authorize` property is omitted or false
2058623 - Bootstrap server dropdown menu in Create Event Source- KafkaSource form is empty even if it's created
2058626 - Multiple Azure upstream kube fsgroupchangepolicy tests are permafailing expecting gid "1000" but geting "root"
2058671 - whereabouts IPAM CNI ip-reconciler cronjob specification requires hostnetwork, api-int lb usage & proper backoff
2058692 - [Secondary Scheduler] Creating secondaryscheduler instance fails with error "key failed with : secondaryschedulers.operator.openshift.io "secondary-scheduler" not found"
2059187 - [Secondary Scheduler] - key failed with : serviceaccounts "secondary-scheduler" is forbidden
2059212 - [tracker] Backport https://github.com/util-linux/util-linux/commit/eab90ef8d4f66394285e0cff1dfc0a27242c05aa
2059213 - ART cannot build installer images due to missing terraform binaries for some architectures
2059338 - A fully upgraded 4.10 cluster defaults to HW-13 hardware version even if HW-15 is default (and supported)
2059490 - The operator image in CSV file of the ART DPU network operator bundle is incorrect
2059567 - vMedia based IPI installation of OpenShift fails on Nokia servers due to issues with virtual media attachment and boot source override
2059586 - (release-4.11) Insights operator doesn't reconcile clusteroperator status condition messages
2059654 - Dynamic demo plugin proxy example out of date
2059674 - Demo plugin fails to build
2059716 - cloud-controller-manager flaps operator version during 4.9 -> 4.10 update
2059791 - [vSphere CSI driver Operator] didn't update 'vsphere_csi_driver_error' metric value when fixed the error manually
2059840 - [LSO]Could not gather logs for pod diskmaker-discovery and diskmaker-manager
2059943 - MetalLB: Move CI config files to metallb repo from dev-scripts repo
2060037 - Configure logging level of FRR containers
2060083 - CMO doesn't react to changes in clusteroperator console
2060091 - CMO produces invalid alertmanager statefulset if console cluster .status.consoleURL is unset
2060133 - [OVN RHEL upgrade] could not find IP addresses: failed to lookup link br-ex: Link not found
2060147 - RHEL8 Workers Need to Ensure libseccomp is up to date at install time
2060159 - LGW: External->Service of type ETP=Cluster doesn't go to the node
2060329 - Detect unsupported amount of workloads before rendering a lazy or crashing topology
2060334 - Azure VNET lookup fails when the NIC subnet is in a different resource group
2060361 - Unable to enumerate NICs due to missing the 'primary' field due to security restrictions
2060406 - Test 'operators should not create watch channels very often' fails
2060492 - Update PtpConfigSlave source-crs to use network_transport L2 instead of UDPv4
2060509 - Incorrect installation of ibmcloud vpc csi driver in IBM Cloud ROKS 4.10
2060532 - LSO e2e tests are run against default image and namespace
2060534 - openshift-apiserver pod in crashloop due to unable to reach kubernetes svc ip
2060549 - ErrorAddingLogicalPort: duplicate IP found in ECMP Pod route cache!
2060553 - service domain can't be resolved when networkpolicy is used in OCP 4.10-rc
2060583 - Remove Console internal-kubevirt plugin SDK package
2060605 - Broken access to public images: Unable to connect to the server: no basic auth credentials
2060617 - IBMCloud destroy DNS regex not strict enough
2060687 - Azure Ci: SubscriptionDoesNotSupportZone - does not support availability zones at location 'westus'
2060697 - [AWS] partitionNumber cannot work for specifying Partition number
2060714 - [DOCS] Change source_labels to sourceLabels in "Configuring remote write storage" section
2060837 - [oc-mirror] Catalog merging error when two or more bundles does not have a set Replace field
2060894 - Preceding/Trailing Whitespaces In Form Elements on the add page
2060924 - Console white-screens while using debug terminal
2060968 - Installation failing due to ironic-agent.service not starting properly
2060970 - Bump recommended FCOS to 35.20220213.3.0
2061002 - Conntrack entry is not removed for LoadBalancer IP
2061301 - Traffic Splitting Dialog is Confusing With Only One Revision
2061303 - Cachito request failure with vendor directory is out of sync with go.mod/go.sum
2061304 - workload info gatherer - don't serialize empty images map
2061333 - White screen for Pipeline builder page
2061447 - [GSS] local pv's are in terminating state
2061496 - etcd RecentBackup=Unknown ControllerStarted contains no message string
2061527 - [IBMCloud] infrastructure asset missing CloudProviderType
2061544 - AzureStack is hard-coded to use Standard_LRS for the disk type
2061549 - AzureStack install with internal publishing does not create api DNS record
2061611 - [upstream] The marker of KubeBuilder doesn't work if it is close to the code
2061732 - Cinder CSI crashes when API is not available
2061755 - Missing breadcrumb on the resource creation page
2061833 - A single worker can be assigned to multiple baremetal hosts
2061891 - [IPI on IBMCLOUD] missing ?br-sao? region in openshift installer
2061916 - mixed ingress and egress policies can result in half-isolated pods
2061918 - Topology Sidepanel style is broken
2061919 - Egress Ip entry stays on node's primary NIC post deletion from hostsubnet
2062007 - MCC bootstrap command lacks template flag
2062126 - IPfailover pod is crashing during creation showing keepalived_script doesn't exist
2062151 - Add RBAC for 'infrastructures' to operator bundle
2062355 - kubernetes-nmstate resources and logs not included in must-gathers
2062459 - Ingress pods scheduled on the same node
2062524 - [Kamelet Sink] Topology crashes on click of Event sink node if the resource is created source to Uri over ref
2062558 - Egress IP with openshift sdn in not functional on worker node.
2062568 - CVO does not trigger new upgrade again after fail to update to unavailable payload
2062645 - configure-ovs: don't restart networking if not necessary
2062713 - Special Resource Operator(SRO) - No sro_used_nodes metric
2062849 - hw event proxy is not binding on ipv6 local address
2062920 - Project selector is too tall with only a few projects
2062998 - AWS GovCloud regions are recognized as the unknown regions
2063047 - Configuring a full-path query log file in CMO breaks Prometheus with the latest version of the operator
2063115 - ose-aws-efs-csi-driver has invalid dependency in go.mod
2063164 - metal-ipi-ovn-ipv6 Job Permafailing and Blocking OpenShift 4.11 Payloads: insights operator is not available
2063183 - DefragDialTimeout is set to low for large scale OpenShift Container Platform - Cluster
2063194 - cluster-autoscaler-default will fail when automated etcd defrag is running on large scale OpenShift Container Platform 4 - Cluster
2063321 - [OVN]After reboot egress node, lr-policy-list was not correct, some duplicate records or missed internal IPs
2063324 - MCO template output directories created with wrong mode causing render failure in unprivileged container environments
2063375 - ptp operator upgrade from 4.9 to 4.10 stuck at pending due to service account requirements not met
2063414 - on OKD 4.10, when image-registry is enabled, the /etc/hosts entry is missing on some nodes
2063699 - Builds - Builds - Logs: i18n misses.
2063708 - Builds - Builds - Logs: translation correction needed.
2063720 - Metallb EBGP neighbor stuck in active until adding ebgp-multihop (directly connected neighbors)
2063732 - Workloads - StatefulSets : I18n misses
2063747 - When building a bundle, the push command fails because is passes a redundant "IMG=" on the the CLI
2063753 - User Preferences - Language - Language selection : Page refresh rquired to change the UI into selected Language.
2063756 - User Preferences - Applications - Insecure traffic : i18n misses
2063795 - Remove go-ovirt-client go.mod replace directive
2063829 - During an IPI install with the 4.10.4 installer on vSphere, getting "Check": platform.vsphere.network: Invalid value: "VLAN_3912": unable to find network provided"
2063831 - etcd quorum pods landing on same node
2063897 - Community tasks not shown in pipeline builder page
2063905 - PrometheusOperatorWatchErrors alert may fire shortly in case of transient errors from the API server
2063938 - sing the hard coded rest-mapper in library-go
2063955 - cannot download operator catalogs due to missing images
2063957 - User Management - Users : While Impersonating user, UI is not switching into user's set language
2064024 - SNO OCP upgrade with DU workload stuck at waiting for kube-apiserver static pod
2064170 - [Azure] Missing punctuation in the installconfig.controlPlane.platform.azure.osDisk explain
2064239 - Virtualization Overview page turns into blank page
2064256 - The Knative traffic distribution doesn't update percentage in sidebar
2064553 - UI should prefer to use the virtio-win configmap than v2v-vmware configmap for windows creation
2064596 - Fix the hubUrl docs link in pipeline quicksearch modal
2064607 - Pipeline builder makes too many (100+) API calls upfront
2064613 - [OCPonRHV]- after few days that cluster is alive we got error in storage operator
2064693 - [IPI][OSP] Openshift-install fails to find the shiftstack cloud defined in clouds.yaml in the current directory
2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server
2064705 - the alertmanagerconfig validation catches the wrong value for invalid field
2064744 - Errors trying to use the Debug Container feature
2064984 - Update error message for label limits
2065076 - Access monitoring Routes based on monitoring-shared-config creates wrong URL
2065160 - Possible leak of load balancer targets on AWS Machine API Provider
2065224 - Configuration for cloudFront in image-registry operator configuration is ignored & duration is corrupted
2065290 - CVE-2021-23648 sanitize-url: XSS
2065338 - VolumeSnapshot creation date sorting is broken
2065507 - `oc adm upgrade` should return ReleaseAccepted condition to show upgrade status.
2065510 - [AWS] failed to create cluster on ap-southeast-3
2065513 - Dev Perspective -> Project Dashboard shows Resource Quotas which are a bit misleading, and too many decimal places
2065547 - (release-4.11) Gather kube-controller-manager pod logs with garbage collector errors
2065552 - [AWS] Failed to install cluster on AWS ap-southeast-3 region due to image-registry panic error
2065577 - user with user-workload-monitoring-config-edit role can not create user-workload-monitoring-config configmap
2065597 - Cinder CSI is not configurable
2065682 - Remote write relabel config adds label __tmp_openshift_cluster_id__ to all metrics
2065689 - Internal Image registry with GCS backend does not redirect client
2065749 - Kubelet slowly leaking memory and pods eventually unable to start
2065785 - ip-reconciler job does not complete, halts node drain
2065804 - Console backend check for Web Terminal Operator incorrectly returns HTTP 204
2065806 - stop considering Mint mode as supported on Azure
2065840 - the cronjob object is created with a wrong api version batch/v1beta1 when created via the openshift console
2065893 - [4.11] Bootimage bump tracker
2066009 - CVE-2021-44906 minimist: prototype pollution
2066232 - e2e-aws-workers-rhel8 is failing on ansible check
2066418 - [4.11] Update channels information link is taking to a 404 error page
2066444 - The "ingress" clusteroperator's relatedObjects field has kind names instead of resource names
2066457 - Prometheus CI failure: 503 Service Unavailable
2066463 - [IBMCloud] failed to list DNS zones: Exactly one of ApiKey or RefreshToken must be specified
2066605 - coredns template block matches cluster API to loose
2066615 - Downstream OSDK still use upstream image for Hybird type operator
2066619 - The GitCommit of the `oc-mirror version` is not correct
2066665 - [ibm-vpc-block] Unable to change default storage class
2066700 - [node-tuning-operator] - Minimize wildcard/privilege Usage in Cluster and Local Roles
2066754 - Cypress reports for core tests are not captured
2066782 - Attached disk keeps in loading status when add disk to a power off VM by non-privileged user
2066865 - Flaky test: In-tree Volumes [Driver: azure-disk] [Testpattern: Dynamic PV (delayed binding)] topology should provision a volume and schedule a pod with AllowedTopologies
2066886 - openshift-apiserver pods never going NotReady
2066887 - Dependabot alert: Path traversal in github.com/valyala/fasthttp
2066889 - Dependabot alert: Path traversal in github.com/valyala/fasthttp
2066923 - No rule to make target 'docker-push' when building the SRO bundle
2066945 - SRO appends "arm64" instead of "aarch64" to the kernel name and it doesn't match the DTK
2067004 - CMO contains grafana image though grafana is removed
2067005 - Prometheus rule contains grafana though grafana is removed
2067062 - should update prometheus-operator resources version
2067064 - RoleBinding in Developer Console is dropping all subjects when editing
2067155 - Incorrect operator display name shown in pipelines quickstart in devconsole
2067180 - Missing i18n translations
2067298 - Console 4.10 operand form refresh
2067312 - PPT event source is lost when received by the consumer
2067384 - OCP 4.10 should be firing APIRemovedInNextEUSReleaseInUse for APIs removed in 1.25
2067456 - OCP 4.11 should be firing APIRemovedInNextEUSReleaseInUse and APIRemovedInNextReleaseInUse for APIs removed in 1.25
2067995 - Internal registries with a big number of images delay pod creation due to recursive SELinux file context relabeling
2068115 - resource tab extension fails to show up
2068148 - [4.11] /etc/redhat-release symlink is broken
2068180 - OCP UPI on AWS with STS enabled is breaking the Ingress operator
2068181 - Event source powered with kamelet type source doesn't show associated deployment in resources tab
2068490 - OLM descriptors integration test failing
2068538 - Crashloop back-off popover visual spacing defects
2068601 - Potential etcd inconsistent revision and data occurs
2068613 - ClusterRoleUpdated/ClusterRoleBindingUpdated Spamming Event Logs
2068908 - Manual blog link change needed
2069068 - reconciling Prometheus Operator Deployment failed while upgrading from 4.7.46 to 4.8.35
2069075 - [Alibaba 4.11.0-0.nightly] cluster storage component in Progressing state
2069181 - Disabling community tasks is not working
2069198 - Flaky CI test in e2e/pipeline-ci
2069307 - oc mirror hangs when processing the Red Hat 4.10 catalog
2069312 - extend rest mappings with 'job' definition
2069457 - Ingress operator has superfluous finalizer deletion logic for LoadBalancer-type services
2069577 - ConsolePlugin example proxy authorize is wrong
2069612 - Special Resource Operator (SRO) - Crash when nodeSelector does not match any nodes
2069632 - Not able to download previous container logs from console
2069643 - ConfigMaps leftovers while uninstalling SpecialResource with configmap
2069654 - Creating VMs with YAML on Openshift Virtualization UI is missing labels `flavor`, `os` and `workload`
2069685 - UI crashes on load if a pinned resource model does not exist
2069705 - prometheus target "serviceMonitor/openshift-metallb-system/monitor-metallb-controller/0" has a failure with "server returned HTTP status 502 Bad Gateway"
2069740 - On-prem loadbalancer ports conflict with kube node port range
2069760 - In developer perspective divider does not show up in navigation
2069904 - Sync upstream 1.18.1 downstream
2069914 - Application Launcher groupings are not case-sensitive
2069997 - [4.11] should add user containers in /etc/subuid and /etc/subgid to support run pods in user namespaces
2070000 - Add warning alerts for installing standalone k8s-nmstate
2070020 - InContext doesn't work for Event Sources
2070047 - Kuryr: Prometheus when installed on the cluster shouldn't report any alerts in firing state apart from Watchdog and AlertmanagerReceiversNotConfigured
2070160 - Copy-to-clipboard and <pre> elements cause display issues for ACM dynamic plugins
2070172 - SRO uses the chart's name as Helm release, not the SpecialResource's
2070181 - [MAPO] serverGroupName ignored
2070457 - Image vulnerability Popover overflows from the visible area
2070674 - [GCP] Routes get timed out and nonresponsive after creating 2K service routes
2070703 - some ipv6 network policy tests consistently failing
2070720 - [UI] Filter reset doesn't work on Pods/Secrets/etc pages and complete list disappears
2070731 - details switch label is not clickable on add page
2070791 - [GCP]Image registry are crash on cluster with GCP workload identity enabled
2070792 - service "openshift-marketplace/marketplace-operator-metrics" is not annotated with capability
2070805 - ClusterVersion: could not download the update
2070854 - cv.status.capabilities.enabledCapabilities doesn?t show the day-2 enabled caps when there are errors on resources update
2070887 - Cv condition ImplicitlyEnabledCapabilities doesn?t complain about the disabled capabilities which is previously enabled
2070888 - Cannot bind driver vfio-pci when apply sriovnodenetworkpolicy with type vfio-pci
2070929 - OVN-Kubernetes: EgressIP breaks access from a pod with EgressIP to other host networked pods on different nodes
2071019 - rebase vsphere csi driver 2.5
2071021 - vsphere driver has snapshot support missing
2071033 - conditionally relabel volumes given annotation not working - SELinux context match is wrong
2071139 - Ingress pods scheduled on the same node
2071364 - All image building tests are broken with " error: build error: attempting to convert BUILD_LOGLEVEL env var value "" to integer: strconv.Atoi: parsing "": invalid syntax
2071578 - Monitoring navigation should not be shown if monitoring is not available (CRC)
2071599 - RoleBidings are not getting updated for ClusterRole in OpenShift Web Console
2071614 - Updating EgressNetworkPolicy rejecting with error UnsupportedMediaType
2071617 - remove Kubevirt extensions in favour of dynamic plugin
2071650 - ovn-k ovn_db_cluster metrics are not exposed for SNO
2071691 - OCP Console global PatternFly overrides adds padding to breadcrumbs
2071700 - v1 events show "Generated from" message without the source/reporting component
2071715 - Shows 404 on Environment nav in Developer console
2071719 - OCP Console global PatternFly overrides link button whitespace
2071747 - Link to documentation from the overview page goes to a missing link
2071761 - Translation Keys Are Not Namespaced
2071799 - Multus CNI should exit cleanly on CNI DEL when the API server is unavailable
2071859 - ovn-kube pods spec.dnsPolicy should be Default
2071914 - cloud-network-config-controller 4.10.5: Error building cloud provider client, err: %vfailed to initialize Azure environment: autorest/azure: There is no cloud environment matching the name ""
2071998 - Cluster-version operator should share details of signature verification when it fails in 'Force: true' updates
2072106 - cluster-ingress-operator tests do not build on go 1.18
2072134 - Routes are not accessible within cluster from hostnet pods
2072139 - vsphere driver has permissions to create/update PV objects
2072154 - Secondary Scheduler operator panics
2072171 - Test "[sig-network][Feature:EgressFirewall] EgressFirewall should have no impact outside its namespace [Suite:openshift/conformance/parallel]" fails
2072195 - machine api doesn't issue client cert when AWS DNS suffix missing
2072215 - Whereabouts ip-reconciler should be opt-in and not required
2072389 - CVO exits upgrade immediately rather than waiting for etcd backup
2072439 - openshift-cloud-network-config-controller reports wrong range of IP addresses for Azure worker nodes
2072455 - make bundle overwrites supported-nic-ids_v1_configmap.yaml
2072570 - The namespace titles for operator-install-single-namespace test keep changing
2072710 - Perfscale - pods time out waiting for OVS port binding (ovn-installed)
2072766 - Cluster Network Operator stuck in CrashLoopBackOff when scheduled to same master
2072780 - OVN kube-master does not clear NetworkUnavailableCondition on GCP BYOH Windows node
2072793 - Drop "Used Filesystem" from "Virtualization -> Overview"
2072805 - Observe > Dashboards: $__range variables cause PromQL query errors
2072807 - Observe > Dashboards: Missing `panel.styles` attribute for table panels causes JS error
2072842 - (release-4.11) Gather namespace names with overlapping UID ranges
2072883 - sometimes monitoring dashboards charts can not be loaded successfully
2072891 - Update gcp-pd-csi-driver to 1.5.1;
2072911 - panic observed in kubedescheduler operator
2072924 - periodic-ci-openshift-release-master-ci-4.11-e2e-azure-techpreview-serial
2072957 - ContainerCreateError loop leads to several thousand empty logfiles in the file system
2072998 - update aws-efs-csi-driver to the latest version
2072999 - Navigate from logs of selected Tekton task instead of last one
2073021 - [vsphere] Failed to update OS on master nodes
2073112 - Prometheus (uwm) externalLabels not showing always in alerts.
2073113 - Warning is logged to the console: W0407 Defaulting of registry auth file to "${HOME}/.docker/config.json" is deprecated.
2073176 - removing data in form does not remove data from yaml editor
2073197 - Error in Spoke/SNO agent: Source image rejected: A signature was required, but no signature exists
2073329 - Pipelines-plugin- Having different title for Pipeline Runs tab, on Pipeline Details page it's "PipelineRuns" and on Repository Details page it's "Pipeline Runs".
2073373 - Update azure-disk-csi-driver to 1.16.0
2073378 - failed egressIP assignment - cloud-network-config-controller does not delete failed cloudprivateipconfig
2073398 - machine-api-provider-openstack does not clean up OSP ports after failed server provisioning
2073436 - Update azure-file-csi-driver to v1.14.0
2073437 - Topology performance: Firehose/useK8sWatchResources cache can return unexpected data format if isList differs on multiple calls
2073452 - [sig-network] pods should successfully create sandboxes by other - failed (add)
2073473 - [OVN SCALE][ovn-northd] Unnecessary SB record no-op changes added to SB transaction.
2073522 - Update ibm-vpc-block-csi-driver to v4.2.0
2073525 - Update vpc-node-label-updater to v4.1.2
2073901 - Installation failed due to etcd operator Err:DefragControllerDegraded: failed to dial endpoint https://10.0.0.7:2379 with maintenance client: context canceled
2073937 - Invalid retention time and invalid retention size should be validated at one place and have error log in one place for UMW
2073938 - APIRemovedInNextEUSReleaseInUse alert for runtimeclasses
2073945 - APIRemovedInNextEUSReleaseInUse alert for podsecuritypolicies
2073972 - Invalid retention time and invalid retention size should be validated at one place and have error log in one place for platform monitoring
2074009 - [OVN] ovn-northd doesn't clean Chassis_Private record after scale down to 0 a machineSet
2074031 - Admins should be able to tune garbage collector aggressiveness (GOGC) for kube-apiserver if necessary
2074062 - Node Tuning Operator(NTO) - Cloud provider profile rollback doesn't work well
2074084 - CMO metrics not visible in the OCP webconsole UI
2074100 - CRD filtering according to name broken
2074210 - asia-south2, australia-southeast2, and southamerica-west1Missing from GCP regions
2074237 - oc new-app --image-stream flag behavior is unclear
2074243 - DefaultPlacement API allow empty enum value and remove default
2074447 - cluster-dashboard: CPU Utilisation iowait and steal
2074465 - PipelineRun fails in import from Git flow if "main" branch is default
2074471 - Cannot delete namespace with a LB type svc and Kuryr when ExternalCloudProvider is enabled
2074475 - [e2e][automation] kubevirt plugin cypress tests fail
2074483 - coreos-installer doesnt work on Dell machines
2074544 - e2e-metal-ipi-ovn-ipv6 failing due to recent CEO changes
2074585 - MCG standalone deployment page goes blank when the KMS option is enabled
2074606 - occm does not have permissions to annotate SVC objects
2074612 - Operator fails to install due to service name lookup failure
2074613 - nodeip-configuration container incorrectly attempts to relabel /etc/systemd/system
2074635 - Unable to start Web Terminal after deleting existing instance
2074659 - AWS installconfig ValidateForProvisioning always provides blank values to validate zone records
2074706 - Custom EC2 endpoint is not considered by AWS EBS CSI driver
2074710 - Transition to go-ovirt-client
2074756 - Namespace column provide wrong data in ClusterRole Details -> Rolebindings tab
2074767 - Metrics page show incorrect values due to metrics level config
2074807 - NodeFilesystemSpaceFillingUp alert fires even before kubelet GC kicks in
2074902 - `oc debug node/nodename ? chroot /host somecommand` should exit with non-zero when the sub-command failed
2075015 - etcd-guard connection refused event repeating pathologically (payload blocking)
2075024 - Metal upgrades permafailing on metal3 containers crash looping
2075050 - oc-mirror fails to calculate between two channels with different prefixes for the same version of OCP
2075091 - Symptom Detection.Undiagnosed panic detected in pod
2075117 - Developer catalog: Order dropdown (A-Z, Z-A) is miss-aligned (in a separate row)
2075149 - Trigger Translations When Extensions Are Updated
2075189 - Imports from dynamic-plugin-sdk lead to failed module resolution errors
2075459 - Set up cluster on aws with rootvolumn io2 failed due to no iops despite it being configured
2075475 - OVN-Kubernetes: egress router pod (redirect mode), access from pod on different worker-node (redirect) doesn't work
2075478 - Bump documentationBaseURL to 4.11
2075491 - nmstate operator cannot be upgraded on SNO
2075575 - Local Dev Env - Prometheus 404 Call errors spam the console
2075584 - improve clarity of build failure messages when using csi shared resources but tech preview is not enabled
2075592 - Regression - Top of the web terminal drawer is missing a stroke/dropshadow
2075621 - Cluster upgrade.[sig-mco] Machine config pools complete upgrade
2075647 - 'oc adm upgrade ...' POSTs ClusterVersion, clobbering any unrecognized spec properties
2075671 - Cluster Ingress Operator K8S API cache contains duplicate objects
2075778 - Fix failing TestGetRegistrySamples test
2075873 - Bump recommended FCOS to 35.20220327.3.0
2076193 - oc patch command for the liveness probe and readiness probe parameters of an OpenShift router deployment doesn't take effect
2076270 - [OCPonRHV] MachineSet scale down operation fails to delete the worker VMs
2076277 - [RFE] [OCPonRHV] Add storage domain ID valueto Compute/ControlPlain section in the machine object
2076290 - PTP operator readme missing documentation on BC setup via PTP config
2076297 - Router process ignores shutdown signal while starting up
2076323 - OLM blocks all operator installs if an openshift-marketplace catalogsource is unavailable
2076355 - The KubeletConfigController wrongly process multiple confs for a pool after having kubeletconfig in bootstrap
2076393 - [VSphere] survey fails to list datacenters
2076521 - Nodes in the same zone are not updated in the right order
2076527 - Pipeline Builder: Make unnecessary tekton hub API calls when the user types 'too fast'
2076544 - Whitespace (padding) is missing after an PatternFly update, already in 4.10
2076553 - Project access view replace group ref with user ref when updating their Role
2076614 - Missing Events component from the SDK API
2076637 - Configure metrics for vsphere driver to be reported
2076646 - openshift-install destroy unable to delete PVC disks in GCP if cluster identifier is longer than 22 characters
2076793 - CVO exits upgrade immediately rather than waiting for etcd backup
2076831 - [ocp4.11]Mem/cpu high utilization by apiserver/etcd for cluster stayed 10 hours
2076877 - network operator tracker to switch to use flowcontrol.apiserver.k8s.io/v1beta2 instead v1beta1 to be deprecated in k8s 1.26
2076880 - OKD: add cluster domain to the uploaded vm configs so that 30-local-dns-prepender can use it
2076975 - Metric unset during static route conversion in configure-ovs.sh
2076984 - TestConfigurableRouteNoConsumingUserNoRBAC fails in CI
2077050 - OCP should default to pd-ssd disk type on GCP
2077150 - Breadcrumbs on a few screens don't have correct top margin spacing
2077160 - Update owners for openshift/cluster-etcd-operator
2077357 - [release-4.11] 200ms packet delay with OVN controller turn on
2077373 - Accessibility warning on developer perspective
2077386 - Import page shows untranslated values for the route advanced routing>security options (devconsole~Edge)
2077457 - failure in test case "[sig-network][Feature:Router] The HAProxy router should serve the correct routes when running with the haproxy config manager"
2077497 - Rebase etcd to 3.5.3 or later
2077597 - machine-api-controller is not taking the proxy configuration when it needs to reach the RHV API
2077599 - OCP should alert users if they are on vsphere version <7.0.2
2077662 - AWS Platform Provisioning Check incorrectly identifies record as part of domain of cluster
2077797 - LSO pods don't have any resource requests
2077851 - "make vendor" target is not working
2077943 - If there is a service with multiple ports, and the route uses 8080, when editing the 8080 port isn't replaced, but a random port gets replaced and 8080 still stays
2077994 - Publish RHEL CoreOS AMIs in AWS ap-southeast-3 region
2078013 - drop multipathd.socket workaround
2078375 - When using the wizard with template using data source the resulting vm use pvc source
2078396 - [OVN AWS] EgressIP was not balanced to another egress node after original node was removed egress label
2078431 - [OCPonRHV] - ERROR failed to instantiate provider "openshift/local/ovirt" to obtain schema: ERROR fork/exec
2078526 - Multicast breaks after master node reboot/sync
2078573 - SDN CNI -Fail to create nncp when vxlan is up
2078634 - CRI-O not killing Calico CNI stalled (zombie) processes.
2078698 - search box may not completely remove content
2078769 - Different not translated filter group names (incl. Secret, Pipeline, PIpelineRun)
2078778 - [4.11] oc get ValidatingWebhookConfiguration,MutatingWebhookConfiguration fails and caused ?apiserver panic'd...http2: panic serving xxx.xx.xxx.21:49748: cannot deep copy int? when AllRequestBodies audit-profile is used.
2078781 - PreflightValidation does not handle multiarch images
2078866 - [BM][IPI] Installation with bonds fail - DaemonSet "openshift-ovn-kubernetes/ovnkube-node" rollout is not making progress
2078875 - OpenShift Installer fail to remove Neutron ports
2078895 - [OCPonRHV]-"cow" unsupported value in format field in install-config.yaml
2078910 - CNO spitting out ".spec.groups[0].rules[4].runbook_url: field not declared in schema"
2078945 - Ensure only one apiserver-watcher process is active on a node.
2078954 - network-metrics-daemon makes costly global pod list calls scaling per node
2078969 - Avoid update races between old and new NTO operands during cluster upgrades
2079012 - egressIP not migrated to correct workers after deleting machineset it was assigned
2079062 - Test for console demo plugin toast notification needs to be increased for ci testing
2079197 - [RFE] alert when more than one default storage class is detected
2079216 - Partial cluster update reference doc link returns 404
2079292 - containers prometheus-operator/kube-rbac-proxy violate PodSecurity
2079315 - (release-4.11) Gather ODF config data with Insights
2079422 - Deprecated 1.25 API call
2079439 - OVN Pods Assigned Same IP Simultaneously
2079468 - Enhance the waitForIngressControllerCondition for better CI results
2079500 - okd-baremetal-install uses fcos for bootstrap but rhcos for cluster
2079610 - Opeatorhub status shows errors
2079663 - change default image features in RBD storageclass
2079673 - Add flags to disable migrated code
2079685 - Storageclass creation page with "Enable encryption" is not displaying saved KMS connection details when vaulttenantsa details are available in csi-kms-details config
2079724 - cluster-etcd-operator - disable defrag-controller as there is unpredictable impact on large OpenShift Container Platform 4 - Cluster
2079788 - Operator restarts while applying the acm-ice example
2079789 - cluster drops ImplicitlyEnabledCapabilities during upgrade
2079803 - Upgrade-triggered etcd backup will be skip during serial upgrade
2079805 - Secondary scheduler operator should comply to restricted pod security level
2079818 - Developer catalog installation overlay (modal?) shows a duplicated padding
2079837 - [RFE] Hub/Spoke example with daemonset
2079844 - EFS cluster csi driver status stuck in AWSEFSDriverCredentialsRequestControllerProgressing with sts installation
2079845 - The Event Sinks catalog page now has a blank space on the left
2079869 - Builds for multiple kernel versions should be ran in parallel when possible
2079913 - [4.10] APIRemovedInNextEUSReleaseInUse alert for OVN endpointslices
2079961 - The search results accordion has no spacing between it and the side navigation bar.
2079965 - [rebase v1.24] [sig-node] PodOSRejection [NodeConformance] Kubelet should reject pod when the node OS doesn't match pod's OS [Suite:openshift/conformance/parallel] [Suite:k8s]
2080054 - TAGS arg for installer-artifacts images is not propagated to build images
2080153 - aws-load-balancer-operator-controller-manager pod stuck in ContainerCreating status
2080197 - etcd leader changes produce test churn during early stage of test
2080255 - EgressIP broken on AWS with OpenShiftSDN / latest nightly build
2080267 - [Fresh Installation] Openshift-machine-config-operator namespace is flooded with events related to clusterrole, clusterrolebinding
2080279 - CVE-2022-29810 go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses
2080379 - Group all e2e tests as parallel or serial
2080387 - Visual connector not appear between the node if a node get created using "move connector" to a different application
2080416 - oc bash-completion problem
2080429 - CVO must ensure non-upgrade related changes are saved when desired payload fails to load
2080446 - Sync ironic images with latest bug fixes packages
2080679 - [rebase v1.24] [sig-cli] test failure
2080681 - [rebase v1.24] [sig-cluster-lifecycle] CSRs from machines that are not recognized by the cloud provider are not approved [Suite:openshift/conformance/parallel]
2080687 - [rebase v1.24] [sig-network][Feature:Router] tests are failing
2080873 - Topology graph crashes after update to 4.11 when Layout 2 (ColaForce) was selected previously
2080964 - Cluster operator special-resource-operator is always in Failing state with reason: "Reconciling simple-kmod"
2080976 - Avoid hooks config maps when hooks are empty
2081012 - [rebase v1.24] [sig-devex][Feature:OpenShiftControllerManager] TestAutomaticCreationOfPullSecrets [Suite:openshift/conformance/parallel]
2081018 - [rebase v1.24] [sig-imageregistry][Feature:Image] oc tag should work when only imagestreams api is available
2081021 - [rebase v1.24] [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources
2081062 - Unrevert RHCOS back to 8.6
2081067 - admin dev-console /settings/cluster should point out history may be excerpted
2081069 - [sig-network] pods should successfully create sandboxes by adding pod to network
2081081 - PreflightValidation "odd number of arguments passed as key-value pairs for logging" error
2081084 - [rebase v1.24] [sig-instrumentation] Events API should ensure that an event can be fetched, patched, deleted, and listed
2081087 - [rebase v1.24] [sig-auth] ServiceAccounts should allow opting out of API token automount
2081119 - `oc explain` output of default overlaySize is outdated
2081172 - MetallLB: YAML view in webconsole does not show all the available key value pairs of all the objects
2081201 - cloud-init User check for Windows VM refuses to accept capitalized usernames
2081447 - Ingress operator performs spurious updates in response to API's defaulting of router deployment's router container's ports' protocol field
2081562 - lifecycle.posStart hook does not have network connectivity.
2081685 - Typo in NNCE Conditions
2081743 - [e2e] tests failing
2081788 - MetalLB: the crds are not validated until metallb is deployed
2081821 - SpecialResourceModule CRD is not installed after deploying SRO operator using brew bundle image via OLM
2081895 - Use the managed resource (and not the manifest) for resource health checks
2081997 - disconnected insights operator remains degraded after editing pull secret
2082075 - Removing huge amount of ports takes a lot of time.
2082235 - CNO exposes a generic apiserver that apparently does nothing
2082283 - Transition to new oVirt Terraform provider
2082360 - OCP 4.10.4, CNI: SDN; Whereabouts IPAM: Duplicate IP address with bond-cni
2082380 - [4.10.z] customize wizard is crashed
2082403 - [LSO] No new build local-storage-operator-metadata-container created
2082428 - oc patch healthCheckInterval with invalid "5 s" to the ingress-controller successfully
2082441 - [UPI] aws-load-balancer-operator-controller-manager failed to get VPC ID in UPI on AWS
2082492 - [IPI IBM]Can't create image-registry-private-configuration secret with error "specified resource key credentials does not contain HMAC keys"
2082535 - [OCPonRHV]-workers are cloned when "clone: false" is specified in install-config.yaml
2082538 - apirequests limits of Cluster CAPI Operator are too low for GCP platform
2082566 - OCP dashboard fails to load when the query to Prometheus takes more than 30s to return
2082604 - [IBMCloud][x86_64] IBM VPC does not properly support RHCOS Custom Image tagging
2082667 - No new machines provisioned while machineset controller drained old nodes for change to machineset
2082687 - [IBM Cloud][x86_64][CCCMO] IBM x86_64 CCM using unsupported --port argument
2082763 - Cluster install stuck on the applying for operatorhub "cluster"
2083149 - "Update blocked" label incorrectly displays on new minor versions in the "Other available paths" modal
2083153 - Unable to use application credentials for Manila PVC creation on OpenStack
2083154 - Dynamic plugin sdk tsdoc generation does not render docs for parameters
2083219 - DPU network operator doesn't deal with c1... inteface names
2083237 - [vsphere-ipi] Machineset scale up process delay
2083299 - SRO does not fetch mirrored DTK images in disconnected clusters
2083445 - [FJ OCP4.11 Bug]: RAID setting during IPI cluster deployment fails if iRMC port number is specified
2083451 - Update external serivces URLs to console.redhat.com
2083459 - Make numvfs > totalvfs error message more verbose
2083466 - Failed to create clusters on AWS C2S/SC2S due to image-registry MissingEndpoint error
2083514 - Operator ignores managementState Removed
2083641 - OpenShift Console Knative Eventing ContainerSource generates wrong api version when pointed to k8s Service
2083756 - Linkify not upgradeable message on ClusterSettings page
2083770 - Release image signature manifest filename extension is yaml
2083919 - openshift4/ose-operator-registry:4.10.0 having security vulnerabilities
2083942 - Learner promotion can temporarily fail with rpc not supported for learner errors
2083964 - Sink resources dropdown is not persisted in form yaml switcher in event source creation form
2083999 - "--prune-over-size-limit" is not working as expected
2084079 - prometheus route is not updated to "path: /api" after upgrade from 4.10 to 4.11
2084081 - nmstate-operator installed cluster on POWER shows issues while adding new dhcp interface
2084124 - The Update cluster modal includes a broken link
2084215 - Resource configmap "openshift-machine-api/kube-rbac-proxy" is defined by 2 manifests
2084249 - panic in ovn pod from an e2e-aws-single-node-serial nightly run
2084280 - GCP API Checks Fail if non-required APIs are not enabled
2084288 - "alert/Watchdog must have no gaps or changes" failing after bump
2084292 - Access to dashboard resources is needed in dynamic plugin SDK
2084331 - Resource with multiple capabilities included unless all capabilities are disabled
2084433 - Podsecurity violation error getting logged for ingresscontroller during deployment.
2084438 - Change Ping source spec.jsonData (deprecated) field to spec.data
2084441 - [IPI-Azure]fail to check the vm capabilities in install cluster
2084459 - Topology list view crashes when switching from chart view after moving sink from knative service to uri
2084463 - 5 control plane replica tests fail on ephemeral volumes
2084539 - update azure arm templates to support customer provided vnet
2084545 - [rebase v1.24] cluster-api-operator causes all techpreview tests to fail
2084580 - [4.10] No cluster name sanity validation - cluster name with a dot (".") character
2084615 - Add to navigation option on search page is not properly aligned
2084635 - PipelineRun creation from the GUI for a Pipeline with 2 workspaces hardcode the PVC storageclass
2084732 - A special resource that was created in OCP 4.9 can't be deleted after an upgrade to 4.10
2085187 - installer-artifacts fails to build with go 1.18
2085326 - kube-state-metrics is tripping APIRemovedInNextEUSReleaseInUse
2085336 - [IPI-Azure] Fail to create the worker node which HyperVGenerations is V2 or V1 and vmNetworkingType is Accelerated
2085380 - [IPI-Azure] Incorrect error prompt validate VM image and instance HyperV gen match when install cluster
2085407 - There is no Edit link/icon for labels on Node details page
2085721 - customization controller image name is wrong
2086056 - Missing doc for OVS HW offload
2086086 - Update Cluster Sample Operator dependencies and libraries for OCP 4.11
2086092 - update kube to v.24
2086143 - CNO uses too much memory
2086198 - Cluster CAPI Operator creates unnecessary defaulting webhooks
2086301 - kubernetes nmstate pods are not running after creating instance
2086408 - Podsecurity violation error getting logged for externalDNS operand pods during deployment
2086417 - Pipeline created from add flow has GIT Revision as required field
2086437 - EgressQoS CRD not available
2086450 - aws-load-balancer-controller-cluster pod logged Podsecurity violation error during deployment
2086459 - oc adm inspect fails when one of resources not exist
2086461 - CNO probes MTU unnecessarily in Hypershift, making cluster startup take too long
2086465 - External identity providers should log login attempts in the audit trail
2086469 - No data about title 'API Request Duration by Verb - 99th Percentile' display on the dashboard 'API Performance'
2086483 - baremetal-runtimecfg k8s dependencies should be on a par with 1.24 rebase
2086505 - Update oauth-server images to be consistent with ART
2086519 - workloads must comply to restricted security policy
2086521 - Icons of Knative actions are not clearly visible on the context menu in the dark mode
2086542 - Cannot create service binding through drag and drop
2086544 - ovn-k master daemonset on hypershift shouldn't log token
2086546 - Service binding connector is not visible in the dark mode
2086718 - PowerVS destroy code does not work
2086728 - [hypershift] Move drain to controller
2086731 - Vertical pod autoscaler operator needs a 4.11 bump
2086734 - Update csi driver images to be consistent with ART
2086737 - cloud-provider-openstack rebase to kubernetes v1.24
2086754 - Cluster resource override operator needs a 4.11 bump
2086759 - [IPI] OCP-4.11 baremetal - boot partition is not mounted on temporary directory
2086791 - Azure: Validate UltraSSD instances in multi-zone regions
2086851 - pods with multiple external gateways may only be have ECMP routes for one gateway
2086936 - vsphere ipi should use cores by default instead of sockets
2086958 - flaky e2e in kube-controller-manager-operator TestPodDisruptionBudgetAtLimitAlert
2086959 - flaky e2e in kube-controller-manager-operator TestLogLevel
2086962 - oc-mirror publishes metadata with --dry-run when publishing to mirror
2086964 - oc-mirror fails on differential run when mirroring a package with multiple channels specified
2086972 - oc-mirror does not error invalid metadata is passed to the describe command
2086974 - oc-mirror does not work with headsonly for operator 4.8
2087024 - The oc-mirror result mapping.txt is not correct , can?t be used by `oc image mirror` command
2087026 - DTK's imagestream is missing from OCP 4.11 payload
2087037 - Cluster Autoscaler should use K8s 1.24 dependencies
2087039 - Machine API components should use K8s 1.24 dependencies
2087042 - Cloud providers components should use K8s 1.24 dependencies
2087084 - remove unintentional nic support
2087103 - "Updating to release image" from 'oc' should point out that the cluster-version operator hasn't accepted the update
2087114 - Add simple-procfs-kmod in modprobe example in README.md
2087213 - Spoke BMH stuck "inspecting" when deployed via ZTP in 4.11 OCP hub
2087271 - oc-mirror does not check for existing workspace when performing mirror2mirror synchronization
2087556 - Failed to render DPU ovnk manifests
2087579 - ` --keep-manifest-list=true` does not work for `oc adm release new` , only pick up the linux/amd64 manifest from the manifest list
2087680 - [Descheduler] Sync with sigs.k8s.io/descheduler
2087684 - KCMO should not be able to apply LowUpdateSlowReaction from Default WorkerLatencyProfile
2087685 - KASO should not be able to apply LowUpdateSlowReaction from Default WorkerLatencyProfile
2087687 - MCO does not generate event when user applies Default -> LowUpdateSlowReaction WorkerLatencyProfile
2087764 - Rewrite the registry backend will hit error
2087771 - [tracker] NetworkManager 1.36.0 loses DHCP lease and doesn't try again
2087772 - Bindable badge causes some layout issues with the side panel of bindable operator backed services
2087942 - CNO references images that are divergent from ART
2087944 - KafkaSink Node visualized incorrectly
2087983 - remove etcd_perf before restore
2087993 - PreflightValidation many "msg":"TODO: preflight checks" in the operator log
2088130 - oc-mirror init does not allow for automated testing
2088161 - Match dockerfile image name with the name used in the release repo
2088248 - Create HANA VM does not use values from customized HANA templates
2088304 - ose-console: enable source containers for open source requirements
2088428 - clusteroperator/baremetal stays in progressing: Applying metal3 resources state on a fresh install
2088431 - AvoidBuggyIPs field of addresspool should be removed
2088483 - oc adm catalog mirror returns 0 even if there are errors
2088489 - Topology list does not allow selecting an application group anymore (again)
2088533 - CRDs for openshift.io should have subresource.status failes on sharedconfigmaps.sharedresource and sharedsecrets.sharedresource
2088535 - MetalLB: Enable debug log level for downstream CI
2088541 - Default CatalogSources in openshift-marketplace namespace keeps throwing pod security admission warnings `would violate PodSecurity "restricted:v1.24"`
2088561 - BMH unable to start inspection: File name too long
2088634 - oc-mirror does not fail when catalog is invalid
2088660 - Nutanix IPI installation inside container failed
2088663 - Better to change the default value of --max-per-registry to 6
2089163 - NMState CRD out of sync with code
2089191 - should remove grafana from cluster-monitoring-config configmap in hypershift cluster
2089224 - openshift-monitoring/cluster-monitoring-config configmap always revert to default setting
2089254 - CAPI operator: Rotate token secret if its older than 30 minutes
2089276 - origin tests for egressIP and azure fail
2089295 - [Nutanix]machine stuck in Deleting phase when delete a machineset whose replicas>=2 and machine is Provisioning phase on Nutanix
2089309 - [OCP 4.11] Ironic inspector image fails to clean disks that are part of a multipath setup if they are passive paths
2089334 - All cloud providers should use service account credentials
2089344 - Failed to deploy simple-kmod
2089350 - Rebase sdn to 1.24
2089387 - LSO not taking mpath. ignoring device
2089392 - 120 node baremetal upgrade from 4.9.29 --> 4.10.13 crashloops on machine-approver
2089396 - oc-mirror does not show pruned image plan
2089405 - New topology package shows gray build icons instead of green/red icons for builds and pipelines
2089419 - do not block 4.10 to 4.11 upgrades if an existing CSI driver is found. Instead, warn about presence of third party CSI driver
2089488 - Special resources are missing the managementState field
2089563 - Update Power VS MAPI to use api's from openshift/api repo
2089574 - UWM prometheus-operator pod can't start up due to no master node in hypershift cluster
2089675 - Could not move Serverless Service without Revision (or while starting?)
2089681 - [Hypershift] EgressIP doesn't work in hypershift guest cluster
2089682 - Installer expects all nutanix subnets to have a cluster reference which is not the case for e.g. overlay networks
2089687 - alert message of MCDDrainError needs to be updated for new drain controller
2089696 - CR reconciliation is stuck in daemonset lifecycle
2089716 - [4.11][reliability]one worker node became NotReady on which ovnkube-node pod's memory increased sharply
2089719 - acm-simple-kmod fails to build
2089720 - [Hypershift] ICSP doesn't work for the guest cluster
2089743 - acm-ice fails to deploy: helm chart does not appear to be a gzipped archive
2089773 - Pipeline status filter and status colors doesn't work correctly with non-english languages
2089775 - keepalived can keep ingress VIP on wrong node under certain circumstances
2089805 - Config duration metrics aren't exposed
2089827 - MetalLB CI - backward compatible tests are failing due to the order of delete
2089909 - PTP e2e testing not working on SNO cluster
2089918 - oc-mirror skip-missing still returns 404 errors when images do not exist
2089930 - Bump OVN to 22.06
2089933 - Pods do not post readiness status on termination
2089968 - Multus CNI daemonset should use hostPath mounts with type: directory
2089973 - bump libs to k8s 1.24 for OCP 4.11
2089996 - Unnecessary yarn install runs in e2e tests
2090017 - Enable source containers to meet open source requirements
2090049 - destroying GCP cluster which has a compute node without infra id in name would fail to delete 2 k8s firewall-rules and VPC network
2090092 - Will hit error if specify the channel not the latest
2090151 - [RHEL scale up] increase the wait time so that the node has enough time to get ready
2090178 - VM SSH command generated by UI points at api VIP
2090182 - [Nutanix]Create a machineset with invalid image, machine stuck in "Provisioning" phase
2090236 - Only reconcile annotations and status for clusters
2090266 - oc adm release extract is failing on mutli arch image
2090268 - [AWS EFS] Operator not getting installed successfully on Hypershift Guest cluster
2090336 - Multus logging should be disabled prior to release
2090343 - Multus debug logging should be enabled temporarily for debugging podsandbox creation failures.
2090358 - Initiating drain log message is displayed before the drain actually starts
2090359 - Nutanix mapi-controller: misleading error message when the failure is caused by wrong credentials
2090405 - [tracker] weird port mapping with asymmetric traffic [rhel-8.6.0.z]
2090430 - gofmt code
2090436 - It takes 30min-60min to update the machine count in custom MachineConfigPools (MCPs) when a node is removed from the pool
2090437 - Bump CNO to k8s 1.24
2090465 - golang version mismatch
2090487 - Change default SNO Networking Type and disallow OpenShiftSDN a supported networking Type
2090537 - failure in ovndb migration when db is not ready in HA mode
2090549 - dpu-network-operator shall be able to run on amd64 arch platform
2090621 - Metal3 plugin does not work properly with updated NodeMaintenance CRD
2090627 - Git commit and branch are empty in MetalLB log
2090692 - Bump to latest 1.24 k8s release
2090730 - must-gather should include multus logs.
2090731 - nmstate deploys two instances of webhook on a single-node cluster
2090751 - oc image mirror skip-missing flag does not skip images
2090755 - MetalLB: BGPAdvertisement validation allows duplicate entries for ip pool selector, ip address pools, node selector and bgp peers
2090774 - Add Readme to plugin directory
2090794 - MachineConfigPool cannot apply a configuration after fixing the pods that caused a drain alert
2090809 - gm.ClockClass invalid syntax parse error in linux ptp daemon logs
2090816 - OCP 4.8 Baremetal IPI installation failure: "Bootstrap failed to complete: timed out waiting for the condition"
2090819 - oc-mirror does not catch invalid registry input when a namespace is specified
2090827 - Rebase CoreDNS to 1.9.2 and k8s 1.24
2090829 - Bump OpenShift router to k8s 1.24
2090838 - Flaky test: ignore flapping host interface 'tunbr'
2090843 - addLogicalPort() performance/scale optimizations
2090895 - Dynamic plugin nav extension "startsWith" property does not work
2090929 - [etcd] cluster-backup.sh script has a conflict to use the '/etc/kubernetes/static-pod-certs' folder if a custom API certificate is defined
2090993 - [AI Day2] Worker node overview page crashes in Openshift console with TypeError
2091029 - Cancel rollout action only appears when rollout is completed
2091030 - Some BM may fail booting with default bootMode strategy
2091033 - [Descheduler]: provide ability to override included/excluded namespaces
2091087 - ODC Helm backend Owners file needs updates
2091106 - Dependabot alert: Unhandled exception in gopkg.in/yaml.v3
2091142 - Dependabot alert: Unhandled exception in gopkg.in/yaml.v3
2091167 - IPsec runtime enabling not work in hypershift
2091218 - Update Dev Console Helm backend to use helm 3.9.0
2091433 - Update AWS instance types
2091542 - Error Loading/404 not found page shown after clicking "Current namespace only"
2091547 - Internet connection test with proxy permanently fails
2091567 - oVirt CSI driver should use latest go-ovirt-client
2091595 - Alertmanager configuration can't use OpsGenie's entity field when AlertmanagerConfig is enabled
2091599 - PTP Dual Nic | Extend Events 4.11 - Up/Down master interface affects all the other interface in the same NIC accoording the events and metric
2091603 - WebSocket connection restarts when switching tabs in WebTerminal
2091613 - simple-kmod fails to build due to missing KVC
2091634 - OVS 2.15 stops handling traffic once ovs-dpctl(2.17.2) is used against it
2091730 - MCO e2e tests are failing with "No token found in openshift-monitoring secrets"
2091746 - "Oh no! Something went wrong" shown after user creates MCP without 'spec'
2091770 - CVO gets stuck downloading an upgrade, with the version pod complaining about invalid options
2091854 - clusteroperator status filter doesn't match all values in Status column
2091901 - Log stream paused right after updating log lines in Web Console in OCP4.10
2091902 - unable to retrieve the complete list of server APIs: metrics.k8s.io/v1beta1: the server has received too many requests and has asked us to try again later
2091990 - wrong external-ids for ovn-controller lflow-cache-limit-kb
2092003 - PR 3162 | BZ 2084450 - invalid URL schema for AWS causes tests to perma fail and break the cloud-network-config-controller
2092041 - Bump cluster-dns-operator to k8s 1.24
2092042 - Bump cluster-ingress-operator to k8s 1.24
2092047 - Kube 1.24 rebase for cloud-network-config-controller
2092137 - Search doesn't show all entries when name filter is cleared
2092296 - Change Default MachineCIDR of Power VS Platform from 10.x to 192.168.0.0/16
2092390 - [RDR] [UI] Multiple instances of Object Bucket, Object Bucket Claims and 'Overview' tab is present under Storage section on the Hub cluster when navigated back from the Managed cluster using the Hybrid console dropdown
2092395 - etcdHighNumberOfFailedGRPCRequests alerts with wrong results
2092408 - Wrong icon is used in the virtualization overview permissions card
2092414 - In virtualization overview "running vm per templates" template list can be improved
2092442 - Minimum time between drain retries is not the expected one
2092464 - marketplace catalog defaults to v4.10
2092473 - libovsdb performance backports
2092495 - ovn: use up to 4 northd threads in non-SNO clusters
2092502 - [azure-file-csi-driver] Stop shipping a NFS StorageClass
2092509 - Invalid memory address error if non existing caBundle is configured in DNS-over-TLS using ForwardPlugins
2092572 - acm-simple-kmod chart should create the namespace on the spoke cluster
2092579 - Don't retry pod deletion if objects are not existing
2092650 - [BM IPI with Provisioning Network] Worker nodes are not provisioned: ironic-agent is stuck before writing into disks
2092703 - Incorrect mount propagation information in container status
2092815 - can't delete the unwanted image from registry by oc-mirror
2092851 - [Descheduler]: allow to customize the LowNodeUtilization strategy thresholds
2092867 - make repository name unique in acm-ice/acm-simple-kmod examples
2092880 - etcdHighNumberOfLeaderChanges returns incorrect number of leadership changes
2092887 - oc-mirror list releases command uses filter-options flag instead of filter-by-os
2092889 - Incorrect updating of EgressACLs using direction "from-lport"
2092918 - CVE-2022-30321 go-getter: unsafe download (issue 1 of 3)
2092923 - CVE-2022-30322 go-getter: unsafe download (issue 2 of 3)
2092925 - CVE-2022-30323 go-getter: unsafe download (issue 3 of 3)
2092928 - CVE-2022-26945 go-getter: command injection vulnerability
2092937 - WebScale: OVN-k8s forwarding to external-gw over the secondary interfaces failing
2092966 - [OCP 4.11] [azure] /etc/udev/rules.d/66-azure-storage.rules missing from initramfs
2093044 - Azure machine-api-provider-azure Availability Set Name Length Limit
2093047 - Dynamic Plugins: Generated API markdown duplicates `checkAccess` and `useAccessReview` doc
2093126 - [4.11] Bootimage bump tracker
2093236 - DNS operator stopped reconciling after 4.10 to 4.11 upgrade | 4.11 nightly to 4.11 nightly upgrade
2093288 - Default catalogs fails liveness/readiness probes
2093357 - Upgrading sno spoke with acm-ice, causes the sno to get unreachable
2093368 - Installer orphans FIPs created for LoadBalancer Services on `cluster destroy`
2093396 - Remove node-tainting for too-small MTU
2093445 - ManagementState reconciliation breaks SR
2093454 - Router proxy protocol doesn't work with dual-stack (IPv4 and IPv6) clusters
2093462 - Ingress Operator isn't reconciling the ingress cluster operator object
2093586 - Topology: Ctrl+space opens the quick search modal, but doesn't close it again
2093593 - Import from Devfile shows configuration options that shoudn't be there
2093597 - Import: Advanced option sentence is splited into two parts and headlines has no padding
2093600 - Project access tab should apply new permissions before it delete old ones
2093601 - Project access page doesn't allow the user to update the settings twice (without manually reload the content)
2093783 - Should bump cluster-kube-descheduler-operator to kubernetes version V1.24
2093797 - 'oc registry login' with serviceaccount function need update
2093819 - An etcd member for a new machine was never added to the cluster
2093930 - Gather console helm install totals metric
2093957 - Oc-mirror write dup metadata to registry backend
2093986 - Podsecurity violation error getting logged for pod-identity-webhook
2093992 - Cluster version operator acknowledges upgrade failing on periodic-ci-openshift-release-master-nightly-4.11-e2e-metal-ipi-upgrade-ovn-ipv6
2094023 - Add Git Flow - Template Labels for Deployment show as DeploymentConfig
2094024 - bump oauth-apiserver deps to include 1.23.1 k8s that fixes etcd blips
2094039 - egressIP panics with nil pointer dereference
2094055 - Bump coreos-installer for s390x Secure Execution
2094071 - No runbook created for SouthboundStale alert
2094088 - Columns in NBDB may never be updated by OVNK
2094104 - Demo dynamic plugin image tests should be skipped when testing console-operator
2094152 - Alerts in the virtualization overview status card aren't filtered
2094196 - Add default and validating webhooks for Power VS MAPI
2094227 - Topology: Create Service Binding should not be the last option (even under delete)
2094239 - custom pool Nodes with 0 nodes are always populated in progress bar
2094303 - If og is configured with sa, operator installation will be failed.
2094335 - [Nutanix] - debug logs are enabled by default in machine-controller
2094342 - apirequests limits of Cluster CAPI Operator are too low for Azure platform
2094438 - Make AWS URL parsing more lenient for GetNodeEgressIPConfiguration
2094525 - Allow automatic upgrades for efs operator
2094532 - ovn-windows CI jobs are broken
2094675 - PTP Dual Nic | Extend Events 4.11 - when kill the phc2sys We have notification for the ptp4l physical master moved to free run
2094694 - [Nutanix] No cluster name sanity validation - cluster name with a dot (".") character
2094704 - Verbose log activated on kube-rbac-proxy in deployment prometheus-k8s
2094801 - Kuryr controller keep restarting when handling IPs with leading zeros
2094806 - Machine API oVrit component should use K8s 1.24 dependencies
2094816 - Kuryr controller restarts when over quota
2094833 - Repository overview page does not show default PipelineRun template for developer user
2094857 - CloudShellTerminal loops indefinitely if DevWorkspace CR goes into failed state
2094864 - Rebase CAPG to latest changes
2094866 - oc-mirror does not always delete all manifests associated with an image during pruning
2094896 - Run 'openshift-install agent create image' has segfault exception if cluster-manifests directory missing
2094902 - Fix installer cross-compiling
2094932 - MGMT-10403 Ingress should enable single-node cluster expansion on upgraded clusters
2095049 - managed-csi StorageClass does not create PVs
2095071 - Backend tests fails after devfile registry update
2095083 - Observe > Dashboards: Graphs may change a lot on automatic refresh
2095110 - [ovn] northd container termination script must use bash
2095113 - [ovnkube] bump to openvswitch2.17-2.17.0-22.el8fdp
2095226 - Added changes to verify cloud connection and dhcpservices quota of a powervs instance
2095229 - ingress-operator pod in CrashLoopBackOff in 4.11 after upgrade starting in 4.6 due to go panic
2095231 - Kafka Sink sidebar in topology is empty
2095247 - Event sink form doesn't show channel as sink until app is refreshed
2095248 - [vSphere-CSI-Driver] does not report volume count limits correctly caused pod with multi volumes maybe schedule to not satisfied volume count node
2095256 - Samples Owner needs to be Updated
2095264 - ovs-configuration.service fails with Error: Failed to modify connection 'ovs-if-br-ex': failed to update connection: error writing to file '/etc/NetworkManager/systemConnectionsMerged/ovs-if-br-ex.nmconnection'
2095362 - oVirt CSI driver operator should use latest go-ovirt-client
2095574 - e2e-agnostic CI job fails
2095687 - Debug Container shown for build logs and on click ui breaks
2095703 - machinedeletionhooks doesn't work in vsphere cluster and BM cluster
2095716 - New PSA component for Pod Security Standards enforcement is refusing openshift-operators ns
2095756 - CNO panics with concurrent map read/write
2095772 - Memory requests for ovnkube-master containers are over-sized
2095917 - Nutanix set osDisk with diskSizeGB rather than diskSizeMiB
2095941 - DNS Traffic not kept local to zone or node when Calico SDN utilized
2096053 - Builder Image icons in Git Import flow are hard to see in Dark mode
2096226 - crio fails to bind to tentative IP, causing service failure since RHOCS was rebased on RHEL 8.6
2096315 - NodeClockNotSynchronising alert's severity should be critical
2096350 - Web console doesn't display webhook errors for upgrades
2096352 - Collect whole journal in gather
2096380 - acm-simple-kmod references deprecated KVC example
2096392 - Topology node icons are not properly visible in Dark mode
2096394 - Add page Card items background color does not match with column background color in Dark mode
2096413 - br-ex not created due to default bond interface having a different mac address than expected
2096496 - FIPS issue on OCP SNO with RT Kernel via performance profile
2096605 - [vsphere] no validation checking for diskType
2096691 - [Alibaba 4.11] Specifying ResourceGroup id in install-config.yaml, New pv are still getting created to default ResourceGroups
2096855 - `oc adm release new` failed with error when use an existing multi-arch release image as input
2096905 - Openshift installer should not use the prism client embedded in nutanix terraform provider
2096908 - Dark theme issue in pipeline builder, Helm rollback form, and Git import
2097000 - KafkaConnections disappear from Topology after creating KafkaSink in Topology
2097043 - No clean way to specify operand issues to KEDA OLM operator
2097047 - MetalLB: matchExpressions used in CR like L2Advertisement, BGPAdvertisement, BGPPeers allow duplicate entries
2097067 - ClusterVersion history pruner does not always retain initial completed update entry
2097153 - poor performance on API call to vCenter ListTags with thousands of tags
2097186 - PSa autolabeling in 4.11 env upgraded from 4.10 does not work due to missing RBAC objects
2097239 - Change Lower CPU limits for Power VS cloud
2097246 - Kuryr: verify and unit jobs failing due to upstream OpenStack dropping py36 support
2097260 - openshift-install create manifests failed for Power VS platform
2097276 - MetalLB CI deploys the operator via manifests and not using the csv
2097282 - chore: update external-provisioner to the latest upstream release
2097283 - chore: update external-snapshotter to the latest upstream release
2097284 - chore: update external-attacher to the latest upstream release
2097286 - chore: update node-driver-registrar to the latest upstream release
2097334 - oc plugin help shows 'kubectl'
2097346 - Monitoring must-gather doesn't seem to be working anymore in 4.11
2097400 - Shared Resource CSI Driver needs additional permissions for validation webhook
2097454 - Placeholder bug for OCP 4.11.0 metadata release
2097503 - chore: rebase against latest external-resizer
2097555 - IngressControllersNotUpgradeable: load balancer service has been modified; changes must be reverted before upgrading
2097607 - Add Power VS support to Webhooks tests in actuator e2e test
2097685 - Ironic-agent can't restart because of existing container
2097716 - settings under httpConfig is dropped with AlertmanagerConfig v1beta1
2097810 - Required Network tools missing for Testing e2e PTP
2097832 - clean up unused IPv6DualStackNoUpgrade feature gate
2097940 - openshift-install destroy cluster traps if vpcRegion not specified
2097954 - 4.11 installation failed at monitoring and network clusteroperators with error "conmon: option parsing failed: Unknown option --log-global-size-max" making all jobs failing
2098172 - oc-mirror does not validatethe registry in the storage config
2098175 - invalid license in python-dataclasses-0.8-2.el8 spec
2098177 - python-pint-0.10.1-2.el8 has unused Patch0 in spec file
2098242 - typo in SRO specialresourcemodule
2098243 - Add error check to Platform create for Power VS
2098392 - [OCP 4.11] Ironic cannot match "wwn" rootDeviceHint for a multipath device
2098508 - Control-plane-machine-set-operator report panic
2098610 - No need to check the push permission with ?manifests-only option
2099293 - oVirt cluster API provider should use latest go-ovirt-client
2099330 - Edit application grouping is shown to user with view only access in a cluster
2099340 - CAPI e2e tests for AWS are missing
2099357 - ovn-kubernetes needs explicit RBAC coordination leases for 1.24 bump
2099358 - Dark mode+Topology update: Unexpected selected+hover border and background colors for app groups
2099528 - Layout issue: No spacing in delete modals
2099561 - Prometheus returns HTTP 500 error on /favicon.ico
2099582 - Format and update Repository overview content
2099611 - Failures on etcd-operator watch channels
2099637 - Should print error when use --keep-manifest-list\xfalse for manifestlist image
2099654 - Topology performance: Endless rerender loop when showing a Http EventSink (KameletBinding)
2099668 - KubeControllerManager should degrade when GC stops working
2099695 - Update CAPG after rebase
2099751 - specialresourcemodule stacktrace while looping over build status
2099755 - EgressIP node's mgmtIP reachability configuration option
2099763 - Update icons for event sources and sinks in topology, Add page, and context menu
2099811 - UDP Packet loss in OpenShift using IPv6 [upcall]
2099821 - exporting a pointer for the loop variable
2099875 - The speaker won't start if there's another component on the host listening on 8080
2099899 - oc-mirror looks for layers in the wrong repository when searching for release images during publishing
2099928 - [FJ OCP4.11 Bug]: Add unit tests to image_customization_test file
2099968 - [Azure-File-CSI] failed to provisioning volume in ARO cluster
2100001 - Sync upstream v1.22.0 downstream
2100007 - Run bundle-upgrade failed from the traditional File-Based Catalog installed operator
2100033 - OCP 4.11 IPI - Some csr remain "Pending" post deployment
2100038 - failure to update special-resource-lifecycle table during update Event
2100079 - SDN needs explicit RBAC coordination leases for 1.24 bump
2100138 - release info --bugs has no differentiator between Jira and Bugzilla
2100155 - kube-apiserver-operator should raise an alert when there is a Pod Security admission violation
2100159 - Dark theme: Build icon for pending status is not inverted in topology sidebar
2100323 - Sqlit-based catsrc cannot be ready due to "Error: open ./db-xxxx: permission denied"
2100347 - KASO retains old config values when switching from Medium/Default to empty worker latency profile
2100356 - Remove Condition tab and create option from console as it is deprecated in OSP-1.8
2100439 - [gce-pd] GCE PD in-tree storage plugin tests not running
2100496 - [OCPonRHV]-oVirt API returns affinity groups without a description field
2100507 - Remove redundant log lines from obj_retry.go
2100536 - Update API to allow EgressIP node reachability check
2100601 - Update CNO to allow EgressIP node reachability check
2100643 - [Migration] [GCP]OVN can not rollback to SDN
2100644 - openshift-ansible FTBFS on RHEL8
2100669 - Telemetry should not log the full path if it contains a username
2100749 - [OCP 4.11] multipath support needs multipath modules
2100825 - Update machine-api-powervs go modules to latest version
2100841 - tiny openshift-install usability fix for setting KUBECONFIG
2101460 - An etcd member for a new machine was never added to the cluster
2101498 - Revert Bug 2082599: add upper bound to number of failed attempts
2102086 - The base image is still 4.10 for operator-sdk 1.22
2102302 - Dummy bug for 4.10 backports
2102362 - Valid regions should be allowed in GCP install config
2102500 - Kubernetes NMState pods can not evict due to PDB on an SNO cluster
2102639 - Drain happens before other image-registry pod is ready to service requests, causing disruption
2102782 - topolvm-controller get into CrashLoopBackOff few minutes after install
2102834 - [cloud-credential-operator]container has runAsNonRoot and image will run as root
2102947 - [VPA] recommender is logging errors for pods with init containers
2103053 - [4.11] Backport Prow CI improvements from master
2103075 - Listing secrets in all namespaces with a specific labelSelector does not work properly
2103080 - br-ex not created due to default bond interface having a different mac address than expected
2103177 - disabling ipv6 router advertisements using "all" does not disable it on secondary interfaces
2103728 - Carry HAProxy patch 'BUG/MEDIUM: h2: match absolute-path not path-absolute for :path'
2103749 - MachineConfigPool is not getting updated
2104282 - heterogeneous arch: oc adm extract encodes arch specific release payload pullspec rather than the manifestlisted pullspec
2104432 - [dpu-network-operator] Updating images to be consistent with ART
2104552 - kube-controller-manager operator 4.11.0-rc.0 degraded on disabled monitoring stack
2104561 - 4.10 to 4.11 update: Degraded node: unexpected on-disk state: mode mismatch for file: "/etc/crio/crio.conf.d/01-ctrcfg-pidsLimit"; expected: -rw-r--r--/420/0644; received: ----------/0/0
2104589 - must-gather namespace should have ?privileged? warn and audit pod security labels besides enforce
2104701 - In CI 4.10 HAProxy must-gather takes longer than 10 minutes
2104717 - NetworkPolicies: ovnkube-master pods crashing due to panic: "invalid memory address or nil pointer dereference"
2104727 - Bootstrap node should honor http proxy
2104906 - Uninstall fails with Observed a panic: runtime.boundsError
2104951 - Web console doesn't display webhook errors for upgrades
2104991 - Completed pods may not be correctly cleaned up
2105101 - NodeIP is used instead of EgressIP if egressPod is recreated within 60 seconds
2105106 - co/node-tuning: Waiting for 15/72 Profiles to be applied
2105146 - Degraded=True noise with: UpgradeBackupControllerDegraded: unable to retrieve cluster version, no completed update was found in cluster version status history
2105167 - BuildConfig throws error when using a label with a / in it
2105334 - vmware-vsphere-csi-driver-controller can't use host port error on e2e-vsphere-serial
2105382 - Add a validation webhook for Nutanix machine provider spec in Machine API Operator
2105468 - The ccoctl does not seem to know how to leverage the VMs service account to talk to GCP APIs.
2105937 - telemeter golangci-lint outdated blocking ART PRs that update to Go1.18
2106051 - Unable to deploy acm-ice using latest SRO 4.11 build
2106058 - vSphere defaults to SecureBoot on; breaks installation of out-of-tree drivers [4.11.0]
2106062 - [4.11] Bootimage bump tracker
2106116 - IngressController spec.tuningOptions.healthCheckInterval validation allows invalid values such as "0abc"
2106163 - Samples ImageStreams vs. registry.redhat.io: unsupported: V2 schema 1 manifest digests are no longer supported for image pulls
2106313 - bond-cni: backport bond-cni GA items to 4.11
2106543 - Typo in must-gather release-4.10
2106594 - crud/other-routes.spec.ts Cypress test failing at a high rate in CI
2106723 - [4.11] Upgrade from 4.11.0-rc0 -> 4.11.0-rc.1 failed. rpm-ostree status shows No space left on device
2106855 - [4.11.z] externalTrafficPolicy=Local is not working in local gateway mode if ovnkube-node is restarted
2107493 - ReplicaSet prometheus-operator-admission-webhook has timed out progressing
2107501 - metallb greenwave tests failure
2107690 - Driver Container builds fail with "error determining starting point for build: no FROM statement found"
2108175 - etcd backup seems to not be triggered in 4.10.18-->4.10.20 upgrade
2108617 - [oc adm release] extraction of the installer against a manifestlisted payload referenced by tag leads to a bad release image reference
2108686 - rpm-ostreed: start limit hit easily
2110505 - [Upgrade]deployment openshift-machine-api/machine-api-operator has a replica failure FailedCreate
2110715 - openshift-controller-manager(-operator) namespace should clear run-level annotations
2111055 - dummy bug for 4.10.z bz2110938
5. References:
https://access.redhat.com/security/cve/CVE-2018-25009
https://access.redhat.com/security/cve/CVE-2018-25010
https://access.redhat.com/security/cve/CVE-2018-25012
https://access.redhat.com/security/cve/CVE-2018-25013
https://access.redhat.com/security/cve/CVE-2018-25014
https://access.redhat.com/security/cve/CVE-2018-25032
https://access.redhat.com/security/cve/CVE-2019-5827
https://access.redhat.com/security/cve/CVE-2019-13750
https://access.redhat.com/security/cve/CVE-2019-13751
https://access.redhat.com/security/cve/CVE-2019-17594
https://access.redhat.com/security/cve/CVE-2019-17595
https://access.redhat.com/security/cve/CVE-2019-18218
https://access.redhat.com/security/cve/CVE-2019-19603
https://access.redhat.com/security/cve/CVE-2019-20838
https://access.redhat.com/security/cve/CVE-2020-13435
https://access.redhat.com/security/cve/CVE-2020-14155
https://access.redhat.com/security/cve/CVE-2020-17541
https://access.redhat.com/security/cve/CVE-2020-19131
https://access.redhat.com/security/cve/CVE-2020-24370
https://access.redhat.com/security/cve/CVE-2020-28493
https://access.redhat.com/security/cve/CVE-2020-35492
https://access.redhat.com/security/cve/CVE-2020-36330
https://access.redhat.com/security/cve/CVE-2020-36331
https://access.redhat.com/security/cve/CVE-2020-36332
https://access.redhat.com/security/cve/CVE-2021-3481
https://access.redhat.com/security/cve/CVE-2021-3580
https://access.redhat.com/security/cve/CVE-2021-3634
https://access.redhat.com/security/cve/CVE-2021-3672
https://access.redhat.com/security/cve/CVE-2021-3695
https://access.redhat.com/security/cve/CVE-2021-3696
https://access.redhat.com/security/cve/CVE-2021-3697
https://access.redhat.com/security/cve/CVE-2021-3737
https://access.redhat.com/security/cve/CVE-2021-4115
https://access.redhat.com/security/cve/CVE-2021-4156
https://access.redhat.com/security/cve/CVE-2021-4189
https://access.redhat.com/security/cve/CVE-2021-20095
https://access.redhat.com/security/cve/CVE-2021-20231
https://access.redhat.com/security/cve/CVE-2021-20232
https://access.redhat.com/security/cve/CVE-2021-23177
https://access.redhat.com/security/cve/CVE-2021-23566
https://access.redhat.com/security/cve/CVE-2021-23648
https://access.redhat.com/security/cve/CVE-2021-25219
https://access.redhat.com/security/cve/CVE-2021-31535
https://access.redhat.com/security/cve/CVE-2021-31566
https://access.redhat.com/security/cve/CVE-2021-36084
https://access.redhat.com/security/cve/CVE-2021-36085
https://access.redhat.com/security/cve/CVE-2021-36086
https://access.redhat.com/security/cve/CVE-2021-36087
https://access.redhat.com/security/cve/CVE-2021-38185
https://access.redhat.com/security/cve/CVE-2021-38593
https://access.redhat.com/security/cve/CVE-2021-40528
https://access.redhat.com/security/cve/CVE-2021-41190
https://access.redhat.com/security/cve/CVE-2021-41617
https://access.redhat.com/security/cve/CVE-2021-42771
https://access.redhat.com/security/cve/CVE-2021-43527
https://access.redhat.com/security/cve/CVE-2021-43818
https://access.redhat.com/security/cve/CVE-2021-44225
https://access.redhat.com/security/cve/CVE-2021-44906
https://access.redhat.com/security/cve/CVE-2022-0235
https://access.redhat.com/security/cve/CVE-2022-0778
https://access.redhat.com/security/cve/CVE-2022-1012
https://access.redhat.com/security/cve/CVE-2022-1215
https://access.redhat.com/security/cve/CVE-2022-1271
https://access.redhat.com/security/cve/CVE-2022-1292
https://access.redhat.com/security/cve/CVE-2022-1586
https://access.redhat.com/security/cve/CVE-2022-1621
https://access.redhat.com/security/cve/CVE-2022-1629
https://access.redhat.com/security/cve/CVE-2022-1706
https://access.redhat.com/security/cve/CVE-2022-1729
https://access.redhat.com/security/cve/CVE-2022-2068
https://access.redhat.com/security/cve/CVE-2022-2097
https://access.redhat.com/security/cve/CVE-2022-21698
https://access.redhat.com/security/cve/CVE-2022-22576
https://access.redhat.com/security/cve/CVE-2022-23772
https://access.redhat.com/security/cve/CVE-2022-23773
https://access.redhat.com/security/cve/CVE-2022-23806
https://access.redhat.com/security/cve/CVE-2022-24407
https://access.redhat.com/security/cve/CVE-2022-24675
https://access.redhat.com/security/cve/CVE-2022-24903
https://access.redhat.com/security/cve/CVE-2022-24921
https://access.redhat.com/security/cve/CVE-2022-25313
https://access.redhat.com/security/cve/CVE-2022-25314
https://access.redhat.com/security/cve/CVE-2022-26691
https://access.redhat.com/security/cve/CVE-2022-26945
https://access.redhat.com/security/cve/CVE-2022-27191
https://access.redhat.com/security/cve/CVE-2022-27774
https://access.redhat.com/security/cve/CVE-2022-27776
https://access.redhat.com/security/cve/CVE-2022-27782
https://access.redhat.com/security/cve/CVE-2022-28327
https://access.redhat.com/security/cve/CVE-2022-28733
https://access.redhat.com/security/cve/CVE-2022-28734
https://access.redhat.com/security/cve/CVE-2022-28735
https://access.redhat.com/security/cve/CVE-2022-28736
https://access.redhat.com/security/cve/CVE-2022-28737
https://access.redhat.com/security/cve/CVE-2022-29162
https://access.redhat.com/security/cve/CVE-2022-29810
https://access.redhat.com/security/cve/CVE-2022-29824
https://access.redhat.com/security/cve/CVE-2022-30321
https://access.redhat.com/security/cve/CVE-2022-30322
https://access.redhat.com/security/cve/CVE-2022-30323
https://access.redhat.com/security/cve/CVE-2022-32250
https://access.redhat.com/security/updates/classification/#important
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYvOfk9zjgjWX9erEAQhJ/w//UlbBGKBBFBAyfEmQf9Zu0yyv6MfZW0Zl
iO1qXVIl9UQUFjTY5ejerx7cP8EBWLhKaiiqRRjbjtj+w+ENGB4LLj6TEUrSM5oA
YEmhnX3M+GUKF7Px61J7rZfltIOGhYBvJ+qNZL2jvqz1NciVgI4/71cZWnvDbGpa
02w3Dn0JzhTSR9znNs9LKcV/anttJ3NtOYhqMXnN8EpKdtzQkKRazc7xkOTxfxyl
jRiER2Z0TzKDE6dMoVijS2Sv5j/JF0LRwetkZl6+oh8ehKh5GRV3lPg3eVkhzDEo
/gp0P9GdLMHi6cS6uqcREbod//waSAa7cssgULoycFwjzbDK3L2c+wMuWQIgXJca
RYuP6wvrdGwiI1mgUi/226EzcZYeTeoKxnHkp7AsN9l96pJYafj0fnK1p9NM/8g3
jBE/W4K8jdDNVd5l1Z5O0Nyxk6g4P8MKMe10/w/HDXFPSgufiCYIGX4TKqb+ESIR
SuYlSMjoGsB4mv1KMDEUJX6d8T05lpEwJT0RYNdZOouuObYMtcHLpRQHH9mkj86W
pHdma5aGG/mTMvSMW6l6L05uT41Azm6fVimTv+E5WvViBni2480CVH+9RexKKSyL
XcJX1gaLdo+72I/gZrtT+XE5tcJ3Sf5fmfsenQeY4KFum/cwzbM6y7RGn47xlEWB
xBWKPzRxz0Q=9r0B
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-201302-0305
|
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code.
Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2013:0254-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html
Issue date: 2013-02-13
CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639
CVE-2013-0642 CVE-2013-0644 CVE-2013-0645
CVE-2013-0647 CVE-2013-0649 CVE-2013-1365
CVE-2013-1366 CVE-2013-1367 CVE-2013-1368
CVE-2013-1369 CVE-2013-1370 CVE-2013-1372
CVE-2013-1373 CVE-2013-1374
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes several security issues is
now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security bulletin APSB13-05,
listed in the References section. Specially-crafted SWF content could cause
flash-plugin to crash or, potentially, execute arbitrary code when a victim
loads a page containing the malicious SWF content. (CVE-2013-0638,
CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,
CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,
CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive
information if a victim were tricked into visiting a specially-crafted web
page.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05)
910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html
https://www.redhat.com/security/data/cve/CVE-2013-0638.html
https://www.redhat.com/security/data/cve/CVE-2013-0639.html
https://www.redhat.com/security/data/cve/CVE-2013-0642.html
https://www.redhat.com/security/data/cve/CVE-2013-0644.html
https://www.redhat.com/security/data/cve/CVE-2013-0645.html
https://www.redhat.com/security/data/cve/CVE-2013-0647.html
https://www.redhat.com/security/data/cve/CVE-2013-0649.html
https://www.redhat.com/security/data/cve/CVE-2013-1365.html
https://www.redhat.com/security/data/cve/CVE-2013-1366.html
https://www.redhat.com/security/data/cve/CVE-2013-1367.html
https://www.redhat.com/security/data/cve/CVE-2013-1368.html
https://www.redhat.com/security/data/cve/CVE-2013-1369.html
https://www.redhat.com/security/data/cve/CVE-2013-1370.html
https://www.redhat.com/security/data/cve/CVE-2013-1372.html
https://www.redhat.com/security/data/cve/CVE-2013-1373.html
https://www.redhat.com/security/data/cve/CVE-2013-1374.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb13-05.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs
pnyD10c/hdKGIm0b1Kjv3eY=
=+cgh
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
SOLUTION:
Update to version 24.0.1312.70.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites. Please review the CVE identifiers referenced below for
details.
Impact
======
A remote attacker could entice a user to open specially crafted SWF
content, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to bypass access
restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
==========
[ 1 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 2 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 3 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 4 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 5 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 6 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 7 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 8 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 9 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 10 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 11 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 12 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 13 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 14 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 15 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 16 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 17 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 18 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 19 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 20 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 21 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 22 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 23 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 24 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 25 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 26 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 27 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 28 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 29 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 30 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 31 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 32 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 33 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 34 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 35 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 36 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 37 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 38 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 39 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 40 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 41 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 42 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 43 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 44 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 45 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 46 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 47 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 48 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 49 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 50 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 51 ] CVE-2012-5274
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274
[ 52 ] CVE-2012-5275
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275
[ 53 ] CVE-2012-5276
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276
[ 54 ] CVE-2012-5277
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277
[ 55 ] CVE-2012-5278
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278
[ 56 ] CVE-2012-5279
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279
[ 57 ] CVE-2012-5280
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280
[ 58 ] CVE-2012-5676
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676
[ 59 ] CVE-2012-5677
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677
[ 60 ] CVE-2012-5678
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678
[ 61 ] CVE-2013-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504
[ 62 ] CVE-2013-0630
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630
[ 63 ] CVE-2013-0633
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633
[ 64 ] CVE-2013-0634
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634
[ 65 ] CVE-2013-0637
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637
[ 66 ] CVE-2013-0638
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638
[ 67 ] CVE-2013-0639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639
[ 68 ] CVE-2013-0642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642
[ 69 ] CVE-2013-0643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643
[ 70 ] CVE-2013-0644
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644
[ 71 ] CVE-2013-0645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645
[ 72 ] CVE-2013-0646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646
[ 73 ] CVE-2013-0647
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647
[ 74 ] CVE-2013-0648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648
[ 75 ] CVE-2013-0649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649
[ 76 ] CVE-2013-0650
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650
[ 77 ] CVE-2013-1365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365
[ 78 ] CVE-2013-1366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366
[ 79 ] CVE-2013-1367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367
[ 80 ] CVE-2013-1368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368
[ 81 ] CVE-2013-1369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369
[ 82 ] CVE-2013-1370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370
[ 83 ] CVE-2013-1371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371
[ 84 ] CVE-2013-1372
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372
[ 85 ] CVE-2013-1373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373
[ 86 ] CVE-2013-1374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374
[ 87 ] CVE-2013-1375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375
[ 88 ] CVE-2013-1378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378
[ 89 ] CVE-2013-1379
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379
[ 90 ] CVE-2013-1380
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380
[ 91 ] CVE-2013-2555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555
[ 92 ] CVE-2013-2728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728
[ 93 ] CVE-2013-3343
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343
[ 94 ] CVE-2013-3344
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344
[ 95 ] CVE-2013-3345
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345
[ 96 ] CVE-2013-3347
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347
[ 97 ] CVE-2013-3361
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361
[ 98 ] CVE-2013-3362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362
[ 99 ] CVE-2013-3363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363
[ 100 ] CVE-2013-5324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Please send
email to <cert@cert.org> with "TA13-043A Feedback VU#689711" in
the subject.
____________________________________________________________________
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released.
Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA52166
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/52166/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE:
2013-02-12
DISCUSS ADVISORY:
http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player and
AIR, which can be exploited by malicious people to disclose certain
sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer
overflows.
2) Some use-after-free errors can be exploited to dereference already
freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain
sensitive information.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and
Fermin Serna, Google
3) The vendor credits Natalie Silvanovich, BlackBerry Security,
Research in Motion
4) The vendor credits Damian Put via iDefense
6) Reported by the vendor.
ORIGINAL ADVISORY:
Adobe (APSB13-05):
http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-201304-0106
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the fontmanager native component. There is a vulnerability when processing GSUB tables having an overlarge "LookupCount" sum in a TTF file, which can result in memory corruption. This allows a malicious applet to execute attacker-supplied code resulting in remote code execution under the context of the current user.
This vulnerability affects the following supported versions:
7 Update 17, 6 Update 43, 5.0 Update 41. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201406-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: IcedTea JDK: Multiple vulnerabilities
Date: June 29, 2014
Bugs: #312297, #330205, #340819, #346799, #352035, #353418,
#354231, #355127, #370787, #387637, #404095, #421031,
#429522, #433389, #438750, #442478, #457206, #458410,
#461714, #466822, #477210, #489570, #508270
ID: 201406-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the IcedTea JDK, the worst
of which could lead to arbitrary code execution.
Background
==========
IcedTea is a distribution of the Java OpenJDK source code built with
free build tools.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
===========
Multiple vulnerabilities have been discovered in the IcedTea JDK.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
==========
[ 1 ] CVE-2009-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555
[ 2 ] CVE-2010-2548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548
[ 3 ] CVE-2010-2783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783
[ 4 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 5 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 6 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 7 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 8 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 9 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 10 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 11 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 12 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 13 ] CVE-2010-3564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564
[ 14 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 15 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 16 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 17 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 18 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 19 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 20 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 21 ] CVE-2010-3860
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860
[ 22 ] CVE-2010-4351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351
[ 23 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 24 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 25 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 26 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 27 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 28 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 29 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 30 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 31 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 32 ] CVE-2011-0025
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025
[ 33 ] CVE-2011-0706
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706
[ 34 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 35 ] CVE-2011-0822
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822
[ 36 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 37 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 38 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 39 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 40 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 41 ] CVE-2011-0870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870
[ 42 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 43 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 44 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 45 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 46 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 47 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 48 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 49 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 50 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 51 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 52 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 53 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 54 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 55 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 56 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 57 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 58 ] CVE-2011-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571
[ 59 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 60 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 61 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 62 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 63 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 64 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 65 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 66 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 67 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 68 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 69 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 70 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 71 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 72 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 73 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 74 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 75 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 76 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 77 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 78 ] CVE-2012-3422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422
[ 79 ] CVE-2012-3423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423
[ 80 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 81 ] CVE-2012-4540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540
[ 82 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 83 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 84 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 85 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 86 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 87 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 88 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 89 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 90 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 91 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 92 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 93 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 94 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 95 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 96 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 97 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 98 ] CVE-2012-5979
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979
[ 99 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 100 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 101 ] CVE-2013-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424
[ 102 ] CVE-2013-0425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425
[ 103 ] CVE-2013-0426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426
[ 104 ] CVE-2013-0427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427
[ 105 ] CVE-2013-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428
[ 106 ] CVE-2013-0429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429
[ 107 ] CVE-2013-0431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431
[ 108 ] CVE-2013-0432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432
[ 109 ] CVE-2013-0433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433
[ 110 ] CVE-2013-0434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434
[ 111 ] CVE-2013-0435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435
[ 112 ] CVE-2013-0440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440
[ 113 ] CVE-2013-0441
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441
[ 114 ] CVE-2013-0442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442
[ 115 ] CVE-2013-0443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443
[ 116 ] CVE-2013-0444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444
[ 117 ] CVE-2013-0450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450
[ 118 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 119 ] CVE-2013-1475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475
[ 120 ] CVE-2013-1476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476
[ 121 ] CVE-2013-1478
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478
[ 122 ] CVE-2013-1480
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480
[ 123 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 124 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 125 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 126 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 127 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 128 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 129 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 130 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 131 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 132 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 133 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 134 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 135 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 136 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 137 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 138 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 139 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 140 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 141 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 142 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 143 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 144 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 145 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 146 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 147 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 148 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 149 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 150 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 151 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 152 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 153 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 154 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 155 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 156 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 157 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 158 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 159 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 160 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 161 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 162 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 163 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 164 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 165 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 166 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 167 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 168 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 169 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 170 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 171 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 172 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 173 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 174 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 175 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 176 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 177 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 178 ] CVE-2013-4002
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002
[ 179 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 180 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 181 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 182 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 183 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 184 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 185 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 186 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 187 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 188 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 189 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 190 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 191 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 192 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 193 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 194 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 195 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 196 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 197 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 198 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 199 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 200 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 201 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 202 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 203 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 204 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 205 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 206 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 207 ] CVE-2013-6629
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629
[ 208 ] CVE-2013-6954
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954
[ 209 ] CVE-2014-0429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429
[ 210 ] CVE-2014-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446
[ 211 ] CVE-2014-0451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451
[ 212 ] CVE-2014-0452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452
[ 213 ] CVE-2014-0453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453
[ 214 ] CVE-2014-0456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456
[ 215 ] CVE-2014-0457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457
[ 216 ] CVE-2014-0458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458
[ 217 ] CVE-2014-0459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459
[ 218 ] CVE-2014-0460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460
[ 219 ] CVE-2014-0461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461
[ 220 ] CVE-2014-1876
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876
[ 221 ] CVE-2014-2397
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397
[ 222 ] CVE-2014-2398
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398
[ 223 ] CVE-2014-2403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403
[ 224 ] CVE-2014-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412
[ 225 ] CVE-2014-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414
[ 226 ] CVE-2014-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421
[ 227 ] CVE-2014-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423
[ 228 ] CVE-2014-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ============================================================================
Ubuntu Security Notice USN-2522-3
March 10, 2015
icu vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
ICU could be made to crash or run programs as your login if it processed
specially crafted data.
Software Description:
- icu: International Components for Unicode library
Details:
USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font
patches caused a regression when using LibreOffice Calc. The patches have
now been updated to fix the regression.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ICU incorrectly handled memory operations when
processing fonts. This issue only affected
Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2419)
It was discovered that ICU incorrectly handled memory operations when
processing fonts. (CVE-2014-6585,
CVE-2014-6591)
It was discovered that ICU incorrectly handled memory operations when
processing regular expressions.
(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)
It was discovered that ICU collator implementation incorrectly handled
memory operations.
CVE-2013-1569
Glyph table issue.
CVE-2013-2383
Glyph table issue.
CVE-2013-2384
Font layout issue.
CVE-2013-2419
Font processing issue.
CVE-2014-6585
Out-of-bounds read.
CVE-2014-6591
Additional out-of-bounds reads.
CVE-2014-7923
Memory corruption in regular expression comparison.
CVE-2014-7926
Memory corruption in regular expression comparison.
CVE-2014-7940
Uninitialized memory.
CVE-2014-9654
More regular expression flaws.
For the stable distribution (wheezy), these problems have been fixed in
version 4.8.1.1-12+deb7u2.
For the upcoming stable (jessie) and unstable (sid) distributions, these
problems have been fixed in version 52.1-7.1.
We recommend that you upgrade your icu packages. Hi @ll,
Apples current iTunes 11.2.2 for Windows comes with the following
COMPLETELY outdated and vulnerable 3rd party libraries (as part of
AppleApplicationSupport.msi):
* libeay32.dll and ssleay32.dll 0.9.8d
are more than SEVEN years old and have at least 27 unfixed CVEs!
the current version is 0.9.8za, see <http://www.openssl.org/news/>
* libcurl.dll 7.16.2
is more than SEVEN years old and has at least 18 unfixed CVEs!
the current version is 7.37.0;
see <http://curl.haxx.se/docs/security.html>
for the fixed vulnerabilities!
* libxml2.dll 2.6.0.0
is more than TEN years old and has at least 17 unfixed CVEs!
the current version is 2.9.1, for the latest vulnerability see
CVE-2013-0339
* icuuc40.dll, icuin40.dll, icudt49.dll, libicuuc.dll and libicuin.dll 49.1.1
have at least 4 unfixed CVEs: CVE-2013-2419, CVE-2013-2383, CVE-2013-2384,
CVE-2013-1569
Until Apples developers start to develop a sense for safety and security:
stay away from their (Windows) software!
regards
Stefan Kanthak
Timeline:
~~~~~~~~~
2014-06-06 informed vendor
2014-06-06 vendor sent automated response
... no more reaction
2014-07-03 requested status
... no answer
2014-07-07 report published
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: java-1.6.0-openjdk security update
Advisory ID: RHSA-2013:0770-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0770.html
Issue date: 2013-04-24
CVE Names: CVE-2013-0401 CVE-2013-1488 CVE-2013-1518
CVE-2013-1537 CVE-2013-1557 CVE-2013-1558
CVE-2013-1569 CVE-2013-2383 CVE-2013-2384
CVE-2013-2415 CVE-2013-2417 CVE-2013-2419
CVE-2013-2420 CVE-2013-2421 CVE-2013-2422
CVE-2013-2424 CVE-2013-2426 CVE-2013-2429
CVE-2013-2430 CVE-2013-2431
=====================================================================
1. Summary:
Updated java-1.6.0-openjdk packages that fix various security issues are
now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit. An untrusted Java application or applet could possibly use these
flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-1569,
CVE-2013-2383, CVE-2013-2384)
Multiple improper permission check issues were discovered in the Beans,
Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java
application or applet could use these flaws to bypass Java sandbox
restrictions. (CVE-2013-1558, CVE-2013-2422, CVE-2013-1518, CVE-2013-1557)
The previous default value of the java.rmi.server.useCodebaseOnly property
permitted the RMI implementation to automatically load classes from
remotely specified locations. (CVE-2013-1537)
Note: The fix for CVE-2013-1537 changes the default value of the property
to true, restricting class loading to the local CLASSPATH and locations
specified in the java.rmi.server.codebase property. Refer to Red Hat
Bugzilla bug 952387 for additional details.
The 2D component did not properly process certain images. An untrusted Java
application or applet could possibly use this flaw to trigger Java Virtual
Machine memory corruption. (CVE-2013-2420)
It was discovered that the Hotspot component did not properly handle
certain intrinsic frames, and did not correctly perform MethodHandle
lookups. An untrusted Java application or applet could use these flaws to
bypass Java sandbox restrictions. (CVE-2013-2431, CVE-2013-2421)
It was discovered that JPEGImageReader and JPEGImageWriter in the ImageIO
component did not protect against modification of their state while
performing certain native code operations. An untrusted Java application or
applet could possibly use these flaws to trigger Java Virtual Machine
memory corruption. (CVE-2013-2429, CVE-2013-2430)
The JDBC driver manager could incorrectly call the toString() method in
JDBC drivers, and the ConcurrentHashMap class could incorrectly call the
defaultReadObject() method. An untrusted Java application or applet could
possibly use these flaws to bypass Java sandbox restrictions.
(CVE-2013-1488, CVE-2013-2426)
The sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly
invoke the system class loader. An untrusted Java application or applet
could possibly use this flaw to bypass certain Java sandbox restrictions.
(CVE-2013-0401)
Flaws were discovered in the Network component's InetAddress serialization,
and the 2D component's font handling. An untrusted Java application or
applet could possibly use these flaws to crash the Java Virtual Machine.
(CVE-2013-2417, CVE-2013-2419)
The MBeanInstantiator class implementation in the OpenJDK JMX component did
not properly check class access before creating new instances. An untrusted
Java application or applet could use this flaw to create instances of
non-public classes. (CVE-2013-2424)
It was discovered that JAX-WS could possibly create temporary files with
insecure permissions. A local attacker could use this flaw to access
temporary files created by an application using JAX-WS. (CVE-2013-2415)
This erratum also upgrades the OpenJDK package to IcedTea6 1.11.10. Refer
to the NEWS file, linked to in the References, for further information.
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
920245 - CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)
920247 - CVE-2013-1488 OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)
952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)
952389 - CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)
952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)
952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)
952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)
952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)
952640 - CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)
952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)
952645 - CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)
952646 - CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673)
952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
952649 - CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)
952653 - CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)
952656 - CVE-2013-2419 OpenJDK: font processing errors (2D, 8001031)
952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)
952708 - CVE-2013-2383 OpenJDK: font layout and glyph table errors (2D, 8004986)
952709 - CVE-2013-2384 OpenJDK: font layout and glyph table errors (2D, 8004987)
952711 - CVE-2013-1569 OpenJDK: font layout and glyph table errors (2D, 8004994)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.11.11.el5_9.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.11.11.el5_9.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.11.11.el5_9.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.11.11.el5_9.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.src.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.src.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.61.1.11.11.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-0401.html
https://www.redhat.com/security/data/cve/CVE-2013-1488.html
https://www.redhat.com/security/data/cve/CVE-2013-1518.html
https://www.redhat.com/security/data/cve/CVE-2013-1537.html
https://www.redhat.com/security/data/cve/CVE-2013-1557.html
https://www.redhat.com/security/data/cve/CVE-2013-1558.html
https://www.redhat.com/security/data/cve/CVE-2013-1569.html
https://www.redhat.com/security/data/cve/CVE-2013-2383.html
https://www.redhat.com/security/data/cve/CVE-2013-2384.html
https://www.redhat.com/security/data/cve/CVE-2013-2415.html
https://www.redhat.com/security/data/cve/CVE-2013-2417.html
https://www.redhat.com/security/data/cve/CVE-2013-2419.html
https://www.redhat.com/security/data/cve/CVE-2013-2420.html
https://www.redhat.com/security/data/cve/CVE-2013-2421.html
https://www.redhat.com/security/data/cve/CVE-2013-2422.html
https://www.redhat.com/security/data/cve/CVE-2013-2424.html
https://www.redhat.com/security/data/cve/CVE-2013-2426.html
https://www.redhat.com/security/data/cve/CVE-2013-2429.html
https://www.redhat.com/security/data/cve/CVE-2013-2430.html
https://www.redhat.com/security/data/cve/CVE-2013-2431.html
https://access.redhat.com/security/updates/classification/#important
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.10/NEWS
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFReB4YXlSAg2UNWIIRApIkAJ9/Kk9e0UPaBMyunYAZ5ZL0yGNPZQCdFwLB
R1NB2qcpqvapX4RyyM2OH0E=
=rAdI
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section |
|
var-200505-0351
|
Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. An integer overflow in LibTIFF may allow a remote attacker to execute arbitrary code. Due to the availability of more information, this issue is being assigned a new BID. Apple has supported Bluetooth devices since Mac OSX 10.2 |
|
var-201910-1646
|
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743. ISC BIND 9 Contains the following multiple vulnerabilities: *TCP The number of client connections is not limited as configured - CVE-2018-5743 *nxdomain-redirect Due to lack of functions query.c In Assertion Failure Occurs - CVE-2019-6467 *nxdomain-redirect Due to lack of functions Assertion Failure Occurs - CVE-2019-6468The expected impact depends on each vulnerability, but can be affected as follows: * By attacker named File descriptors will be depleted, adversely affecting network connectivity and log and zone journal file management - CVE-2018-5743 *nxdomain-redirect If the function is enabled, an attacker may interfere with service operation (DoS) Attacked - CVE-2019-6467, CVE-2019-6468. ISC BIND is a set of open source software developed by ISC Corporation in the United States that implements the DNS protocol. An attacker could exploit this vulnerability to run out of file descriptors, affecting network connections and file management.
ISC.org has confirmed the vulnerability and released software updates. ==========================================================================
Ubuntu Security Notice USN-3956-2
May 09, 2019
bind9 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Bind could be made to consume resources if it received specially
crafted network traffic. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. A remote attacker could possibly use this
issue to cause Bind to consume resources, leading to a denial of
service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
bind9 1:9.9.5.dfsg-3ubuntu0.19+esm1
Ubuntu 12.04 ESM:
bind9 1:9.8.1.dfsg.P1-4ubuntu0.28
In general, a standard system update will make all the necessary
changes.
CVE-2018-5745
The "managed-keys" feature was susceptible to denial of service by
triggering an assert.
CVE-2019-6465
ACLs for zone transfers were incorrectly enforced for dynamically
loadable zones (DLZs).
For the stable distribution (stretch), these problems have been fixed in
version 1:9.10.3.dfsg.P4-12.3+deb9u5.
We recommend that you upgrade your bind9 packages.
For the detailed security status of bind9 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/bind9
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlzUio4ACgkQEMKTtsN8
Tjb1uw/+MdjOu171QHxImVOxln3m0yQUVlBq1LLq5JuiFgPffYu0lVUTujBGINia
T6DUFWnO5Ct7I+B4LIEXTpAY7UYTaBnt8cWxkGqacDxwG21wanJ+EWgo9NtfNmfw
s6Zh1rfBDkvDT1OsOcmw8nuisyvZsWvZrNP+2mzfCTSm7jaqVLp1MfJZDBmXPlAF
VoPvAwDO/XjDxQDUcxwCxRu590pbHrS5Fdi+9IN81Vd/MaKwebsQ4MFtLE5J1miU
nnzWDT7V8JbLFj4KzFn7ugLTVw4e/lLXK3h+Qsssxa5o0emNPRz21q6HqTeFB8sg
pT4F7krQq1lbEI1viTqXChK4Slj6uEnagt0WOzoJ+SLpcY9pojoVabivFf3UNXg7
ceflAcb9jdm1M7KCYy34XCMMwrFiwr078NTj5+158qrXX/I7ydFTkJLCmDrqcKfP
sF738m0XuhnPunycZk6SFZpoRi+bZlbs6oEXyBU3QgFKjz/qkgCdXUC0TO6wxAed
QkeSksPO5/Hwegr/UYDnB77htWmOaXUllDlGicGseFWe0GoeYr0p8AWIUnb1cCa4
YwtNJzEqK0TrN73IWFQd6YJxMxNajRXItnuijxon6vtjCTu+/8ROujqfNz9EYJZ2
85aJ/noHLePNV4MBka0kSBapZRocrcNKjKX8QMDb8N1nEvjSl8k=
=VAvv
-----END PGP SIGNATURE-----
.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/bind-9.11.6_P1-i586-1_slack14.2.txz: Upgraded.
This update fixes a security issue:
The TCP client quota set using the tcp-clients option could be exceeded
in some cases. This could lead to exhaustion of file descriptors.
For more information, see:
https://kb.isc.org/docs/cve-2018-5743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.11.6_P1-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.11.6_P1-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/bind-9.11.6_P1-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.2.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.14.1-i586-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.14.1-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.0 package:
d6835a3a22d339df9ca0afd5ab8561bc bind-9.11.6_P1-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
892265f47674a12362bf821dab2cc9fa bind-9.11.6_P1-x86_64-1_slack14.0.txz
Slackware 14.1 package:
4c55681ae3fb61df7d1af3c92fc53db5 bind-9.11.6_P1-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
932435bf42a652149c5d7a68267696f1 bind-9.11.6_P1-x86_64-1_slack14.1.txz
Slackware 14.2 package:
65779b9f25e221aa3bb1726e331218d4 bind-9.11.6_P1-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
a6b8c6ea2b4abd53b9cb21a77ffc93b7 bind-9.11.6_P1-x86_64-1_slack14.2.txz
Slackware -current package:
c1f720dd751a405a60b8e6b59dcb3279 n/bind-9.14.1-i586-1.txz
Slackware x86_64 -current package:
65a617602a5e83d626d1a7045f346cf4 n/bind-9.14.1-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg bind-9.11.6_P1-i586-1_slack14.2.txz
Then, restart the name server:
# /etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. 6) - i386, x86_64
3. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: bind security update
Advisory ID: RHSA-2019:1294-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:1294
Issue date: 2019-05-29
CVE Names: CVE-2018-5743
====================================================================
1. Summary:
An update for bind is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x
3. Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.
Security Fix(es):
* bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted
automatically.
5. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
bind-9.9.4-74.el7_6.1.src.rpm
noarch:
bind-license-9.9.4-74.el7_6.1.noarch.rpm
x86_64:
bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm
bind-libs-9.9.4-74.el7_6.1.i686.rpm
bind-libs-9.9.4-74.el7_6.1.x86_64.rpm
bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm
bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm
bind-utils-9.9.4-74.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
bind-9.9.4-74.el7_6.1.x86_64.rpm
bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm
bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm
bind-devel-9.9.4-74.el7_6.1.i686.rpm
bind-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-lite-devel-9.9.4-74.el7_6.1.i686.rpm
bind-lite-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.i686.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.i686.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.x86_64.rpm
bind-sdb-9.9.4-74.el7_6.1.x86_64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
bind-9.9.4-74.el7_6.1.src.rpm
noarch:
bind-license-9.9.4-74.el7_6.1.noarch.rpm
x86_64:
bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm
bind-libs-9.9.4-74.el7_6.1.i686.rpm
bind-libs-9.9.4-74.el7_6.1.x86_64.rpm
bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm
bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm
bind-utils-9.9.4-74.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
bind-9.9.4-74.el7_6.1.x86_64.rpm
bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm
bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm
bind-devel-9.9.4-74.el7_6.1.i686.rpm
bind-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-lite-devel-9.9.4-74.el7_6.1.i686.rpm
bind-lite-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.i686.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.i686.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.x86_64.rpm
bind-sdb-9.9.4-74.el7_6.1.x86_64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
bind-9.9.4-74.el7_6.1.src.rpm
noarch:
bind-license-9.9.4-74.el7_6.1.noarch.rpm
ppc64:
bind-9.9.4-74.el7_6.1.ppc64.rpm
bind-chroot-9.9.4-74.el7_6.1.ppc64.rpm
bind-debuginfo-9.9.4-74.el7_6.1.ppc.rpm
bind-debuginfo-9.9.4-74.el7_6.1.ppc64.rpm
bind-libs-9.9.4-74.el7_6.1.ppc.rpm
bind-libs-9.9.4-74.el7_6.1.ppc64.rpm
bind-libs-lite-9.9.4-74.el7_6.1.ppc.rpm
bind-libs-lite-9.9.4-74.el7_6.1.ppc64.rpm
bind-utils-9.9.4-74.el7_6.1.ppc64.rpm
ppc64le:
bind-9.9.4-74.el7_6.1.ppc64le.rpm
bind-chroot-9.9.4-74.el7_6.1.ppc64le.rpm
bind-debuginfo-9.9.4-74.el7_6.1.ppc64le.rpm
bind-libs-9.9.4-74.el7_6.1.ppc64le.rpm
bind-libs-lite-9.9.4-74.el7_6.1.ppc64le.rpm
bind-pkcs11-9.9.4-74.el7_6.1.ppc64le.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.ppc64le.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.ppc64le.rpm
bind-utils-9.9.4-74.el7_6.1.ppc64le.rpm
s390x:
bind-9.9.4-74.el7_6.1.s390x.rpm
bind-chroot-9.9.4-74.el7_6.1.s390x.rpm
bind-debuginfo-9.9.4-74.el7_6.1.s390.rpm
bind-debuginfo-9.9.4-74.el7_6.1.s390x.rpm
bind-libs-9.9.4-74.el7_6.1.s390.rpm
bind-libs-9.9.4-74.el7_6.1.s390x.rpm
bind-libs-lite-9.9.4-74.el7_6.1.s390.rpm
bind-libs-lite-9.9.4-74.el7_6.1.s390x.rpm
bind-utils-9.9.4-74.el7_6.1.s390x.rpm
x86_64:
bind-9.9.4-74.el7_6.1.x86_64.rpm
bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm
bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm
bind-libs-9.9.4-74.el7_6.1.i686.rpm
bind-libs-9.9.4-74.el7_6.1.x86_64.rpm
bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm
bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.i686.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.x86_64.rpm
bind-utils-9.9.4-74.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source:
bind-9.9.4-74.el7_6.1.src.rpm
aarch64:
bind-9.9.4-74.el7_6.1.aarch64.rpm
bind-chroot-9.9.4-74.el7_6.1.aarch64.rpm
bind-debuginfo-9.9.4-74.el7_6.1.aarch64.rpm
bind-libs-9.9.4-74.el7_6.1.aarch64.rpm
bind-libs-lite-9.9.4-74.el7_6.1.aarch64.rpm
bind-pkcs11-9.9.4-74.el7_6.1.aarch64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.aarch64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.aarch64.rpm
bind-utils-9.9.4-74.el7_6.1.aarch64.rpm
noarch:
bind-license-9.9.4-74.el7_6.1.noarch.rpm
ppc64le:
bind-9.9.4-74.el7_6.1.ppc64le.rpm
bind-chroot-9.9.4-74.el7_6.1.ppc64le.rpm
bind-debuginfo-9.9.4-74.el7_6.1.ppc64le.rpm
bind-libs-9.9.4-74.el7_6.1.ppc64le.rpm
bind-libs-lite-9.9.4-74.el7_6.1.ppc64le.rpm
bind-pkcs11-9.9.4-74.el7_6.1.ppc64le.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.ppc64le.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.ppc64le.rpm
bind-utils-9.9.4-74.el7_6.1.ppc64le.rpm
s390x:
bind-9.9.4-74.el7_6.1.s390x.rpm
bind-chroot-9.9.4-74.el7_6.1.s390x.rpm
bind-debuginfo-9.9.4-74.el7_6.1.s390.rpm
bind-debuginfo-9.9.4-74.el7_6.1.s390x.rpm
bind-libs-9.9.4-74.el7_6.1.s390.rpm
bind-libs-9.9.4-74.el7_6.1.s390x.rpm
bind-libs-lite-9.9.4-74.el7_6.1.s390.rpm
bind-libs-lite-9.9.4-74.el7_6.1.s390x.rpm
bind-utils-9.9.4-74.el7_6.1.s390x.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
bind-debuginfo-9.9.4-74.el7_6.1.ppc.rpm
bind-debuginfo-9.9.4-74.el7_6.1.ppc64.rpm
bind-devel-9.9.4-74.el7_6.1.ppc.rpm
bind-devel-9.9.4-74.el7_6.1.ppc64.rpm
bind-lite-devel-9.9.4-74.el7_6.1.ppc.rpm
bind-lite-devel-9.9.4-74.el7_6.1.ppc64.rpm
bind-pkcs11-9.9.4-74.el7_6.1.ppc64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.ppc.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.ppc64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.ppc.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.ppc64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.ppc64.rpm
bind-sdb-9.9.4-74.el7_6.1.ppc64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.ppc64.rpm
ppc64le:
bind-debuginfo-9.9.4-74.el7_6.1.ppc64le.rpm
bind-devel-9.9.4-74.el7_6.1.ppc64le.rpm
bind-lite-devel-9.9.4-74.el7_6.1.ppc64le.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.ppc64le.rpm
bind-sdb-9.9.4-74.el7_6.1.ppc64le.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.ppc64le.rpm
s390x:
bind-debuginfo-9.9.4-74.el7_6.1.s390.rpm
bind-debuginfo-9.9.4-74.el7_6.1.s390x.rpm
bind-devel-9.9.4-74.el7_6.1.s390.rpm
bind-devel-9.9.4-74.el7_6.1.s390x.rpm
bind-lite-devel-9.9.4-74.el7_6.1.s390.rpm
bind-lite-devel-9.9.4-74.el7_6.1.s390x.rpm
bind-pkcs11-9.9.4-74.el7_6.1.s390x.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.s390.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.s390x.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.s390.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.s390x.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.s390x.rpm
bind-sdb-9.9.4-74.el7_6.1.s390x.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.s390x.rpm
x86_64:
bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm
bind-devel-9.9.4-74.el7_6.1.i686.rpm
bind-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-lite-devel-9.9.4-74.el7_6.1.i686.rpm
bind-lite-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.i686.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-sdb-9.9.4-74.el7_6.1.x86_64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
aarch64:
bind-debuginfo-9.9.4-74.el7_6.1.aarch64.rpm
bind-devel-9.9.4-74.el7_6.1.aarch64.rpm
bind-lite-devel-9.9.4-74.el7_6.1.aarch64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.aarch64.rpm
bind-sdb-9.9.4-74.el7_6.1.aarch64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.aarch64.rpm
ppc64le:
bind-debuginfo-9.9.4-74.el7_6.1.ppc64le.rpm
bind-devel-9.9.4-74.el7_6.1.ppc64le.rpm
bind-lite-devel-9.9.4-74.el7_6.1.ppc64le.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.ppc64le.rpm
bind-sdb-9.9.4-74.el7_6.1.ppc64le.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.ppc64le.rpm
s390x:
bind-debuginfo-9.9.4-74.el7_6.1.s390.rpm
bind-debuginfo-9.9.4-74.el7_6.1.s390x.rpm
bind-devel-9.9.4-74.el7_6.1.s390.rpm
bind-devel-9.9.4-74.el7_6.1.s390x.rpm
bind-lite-devel-9.9.4-74.el7_6.1.s390.rpm
bind-lite-devel-9.9.4-74.el7_6.1.s390x.rpm
bind-pkcs11-9.9.4-74.el7_6.1.s390x.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.s390.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.s390x.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.s390.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.s390x.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.s390x.rpm
bind-sdb-9.9.4-74.el7_6.1.s390x.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
bind-9.9.4-74.el7_6.1.src.rpm
noarch:
bind-license-9.9.4-74.el7_6.1.noarch.rpm
x86_64:
bind-9.9.4-74.el7_6.1.x86_64.rpm
bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm
bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm
bind-libs-9.9.4-74.el7_6.1.i686.rpm
bind-libs-9.9.4-74.el7_6.1.x86_64.rpm
bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm
bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.i686.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.1.x86_64.rpm
bind-utils-9.9.4-74.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm
bind-devel-9.9.4-74.el7_6.1.i686.rpm
bind-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-lite-devel-9.9.4-74.el7_6.1.i686.rpm
bind-lite-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.i686.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.1.x86_64.rpm
bind-sdb-9.9.4-74.el7_6.1.x86_64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2018-5743
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXO7KxtzjgjWX9erEAQgq8A//Q5Ol4phAsO5vl4AXPrY/Aa2cPFQAsYsd
twNvcla3/RGtC9lwna+3dJ3WTDfC1Vwtt8Nb8YC0NhiwutxvH4aO3oxB0gcRSymr
xG0tWnNAONa6zFnz4r40UvbV8k62gq2dMpG6KcXpivSXZ5/3RirOZ5tLkaLM7eys
IDkFbdI0B4bkmG6YKj/lgHRlZ0DZ2f0dtIa2UpY5vmE33S3IyZFlWzuqxTp4ITQQ
EdQclzLSAqY3GYiAqHy5nZCM7x9MkUFToqz8jT1gdvalgpit8Ra286o6uXuqgL7J
ho2+FakajgbLhYIUIzF+lxOvM/HjkrStcEVwE7OiCNBcpvi7Rg4L5hultu9QK10v
R46N9fnzwLlKy0qicVIAuSjr/3Vj/e+2B23dSzTuaelkdhMcFd9VRuecOd+TPqlR
hfYSuqQbwVTN6cL3SZDpXttjO3B+ipucYmVVbuoffXCDT9shweTQFGcJFbucCIcS
PXHwIj23QakKWq2bA1OZIEO8tDQyuOgou5X4uAK0iS4p4KOIpv2Yh+LonxyyoTiU
GLQzSr8XJMMhxNMdGmvTyIHcCRd7rlk9vj8EMYuVdhFIgd1MVhXp3XF4L7oM9WLC
M3thS9i9YYSKtvAtVYEdc7JW5zUxmQz7tG41lDOP5/5nMo9klYcXiEOGw+1Rjq/B
dwb7LNgk/TU=2g+S
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-200608-0035
|
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled.
These issue affect Mac OS X and various applications including AFP Server, Bluetooth, Bom, DHCP, Image RAW, ImageIO, Launch Services, OpenSSH, and WebKit. A remote attacker may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and disclose potentially sensitive information |
|
var-201302-0148
|
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. Attacks on this vulnerability 2013 Year 2 Observed on the moon.Expertly crafted by a third party SWF Arbitrary code could be executed via the content. Adobe Flash Player is prone to an unspecified security vulnerability.
The impact of this issue is currently unknown. We will update this BID when more information emerges. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2013:0574-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0574.html
Issue date: 2013-02-27
CVE Names: CVE-2013-0504 CVE-2013-0643 CVE-2013-0648
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes three security issues is
now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security bulletin APSB13-08,
listed in the References section.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.273-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.273-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.273-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.273-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.273-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.273-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.273-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.273-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.273-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.273-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-0504.html
https://www.redhat.com/security/data/cve/CVE-2013-0643.html
https://www.redhat.com/security/data/cve/CVE-2013-0648.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb13-08.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRLn41XlSAg2UNWIIRAnzdAKCaJI07/I1LimaWJ6whuxtlqVukEwCeJrCH
4j7n45GWDCgkUE8CNNpu/6c=
=Knv1
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites. Please review the CVE identifiers referenced below for
details.
Impact
======
A remote attacker could entice a user to open specially crafted SWF
content, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to bypass access
restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
==========
[ 1 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 2 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 3 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 4 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 5 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 6 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 7 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 8 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 9 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 10 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 11 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 12 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 13 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 14 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 15 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 16 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 17 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 18 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 19 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 20 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 21 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 22 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 23 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 24 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 25 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 26 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 27 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 28 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 29 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 30 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 31 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 32 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 33 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 34 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 35 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 36 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 37 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 38 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 39 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 40 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 41 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 42 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 43 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 44 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 45 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 46 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 47 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 48 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 49 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 50 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 51 ] CVE-2012-5274
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274
[ 52 ] CVE-2012-5275
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275
[ 53 ] CVE-2012-5276
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276
[ 54 ] CVE-2012-5277
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277
[ 55 ] CVE-2012-5278
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278
[ 56 ] CVE-2012-5279
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279
[ 57 ] CVE-2012-5280
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280
[ 58 ] CVE-2012-5676
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676
[ 59 ] CVE-2012-5677
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677
[ 60 ] CVE-2012-5678
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678
[ 61 ] CVE-2013-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504
[ 62 ] CVE-2013-0630
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630
[ 63 ] CVE-2013-0633
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633
[ 64 ] CVE-2013-0634
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634
[ 65 ] CVE-2013-0637
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637
[ 66 ] CVE-2013-0638
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638
[ 67 ] CVE-2013-0639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639
[ 68 ] CVE-2013-0642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642
[ 69 ] CVE-2013-0643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643
[ 70 ] CVE-2013-0644
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644
[ 71 ] CVE-2013-0645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645
[ 72 ] CVE-2013-0646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646
[ 73 ] CVE-2013-0647
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647
[ 74 ] CVE-2013-0648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648
[ 75 ] CVE-2013-0649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649
[ 76 ] CVE-2013-0650
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650
[ 77 ] CVE-2013-1365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365
[ 78 ] CVE-2013-1366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366
[ 79 ] CVE-2013-1367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367
[ 80 ] CVE-2013-1368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368
[ 81 ] CVE-2013-1369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369
[ 82 ] CVE-2013-1370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370
[ 83 ] CVE-2013-1371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371
[ 84 ] CVE-2013-1372
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372
[ 85 ] CVE-2013-1373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373
[ 86 ] CVE-2013-1374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374
[ 87 ] CVE-2013-1375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375
[ 88 ] CVE-2013-1378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378
[ 89 ] CVE-2013-1379
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379
[ 90 ] CVE-2013-1380
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380
[ 91 ] CVE-2013-2555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555
[ 92 ] CVE-2013-2728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728
[ 93 ] CVE-2013-3343
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343
[ 94 ] CVE-2013-3344
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344
[ 95 ] CVE-2013-3345
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345
[ 96 ] CVE-2013-3347
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347
[ 97 ] CVE-2013-3361
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361
[ 98 ] CVE-2013-3362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362
[ 99 ] CVE-2013-3363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363
[ 100 ] CVE-2013-5324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
|
|
var-201806-1485
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. UIKit is one of those window view components. A security vulnerability exists in the handling of text in UIKit components in several Apple products. The following products and versions are affected: Apple iOS prior to 11.4; macOS High Sierra prior to 10.13.5; tvOS prior to 11.4; watchOS prior to 4.3.1.
CVE-2018-4196: G.
CVE-2018-4253: shrek_wzw of Qihoo 360 Nirvan Team
apache_mod_php
Available for: macOS High Sierra 10.13.4
Impact: Issues in php were addressed in this update
Description: This issue was addressed by updating to php version
7.1.16.
CVE-2018-4219: Mohamed Ghannam (@_simo36)
Bluetooth
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: A malicious application may be able to determine kernel
memory layout.
Description: An information disclosure issue existed in device
properties.
CVE-2018-4171: shrek_wzw of Qihoo 360 Nirvan Team
Bluetooth
Available for: MacBook Pro (Retina, 15-inch, Mid 2015), MacBook Pro
(Retina, 15-inch, 2015), MacBook Pro (Retina, 13-inch, Early 2015),
MacBook Pro (15-inch, 2017), MacBook Pro (15-inch, 2016),
MacBook Pro (13-inch, Late 2016, Two Thunderbolt 3 Ports),
MacBook Pro (13-inch, Late 2016, Four Thunderbolt 3 Ports),
MacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports),
MacBook (Retina, 12-inch, Early 2016), MacBook
(Retina, 12-inch, Early 2015), MacBook (Retina, 12-inch, 2017),
iMac Pro, iMac (Retina 5K, 27-inch, Late 2015), iMac
(Retina 5K, 27-inch, 2017), iMac (Retina 4K, 21.5-inch, Late 2015),
iMac (Retina 4K, 21.5-inch, 2017), iMac (21.5-inch, Late 2015), and
iMac (21.5-inch, 2017)
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth.
CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
Grand Central Dispatch
Available for: macOS High Sierra 10.13.4
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: An issue existed in parsing entitlement plists. The issue appears to be from an undocumented
side effect of the instructions. An attacker might utilize this
exception handling to gain access to Ring 0 and access sensitive
memory or control operating system processes.
CVE-2018-4226: Abraham Masri (@cheesecakeufo)
Speech
Available for: macOS High Sierra 10.13.4
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A sandbox issue existed in the handling of microphone
access. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-7-23-3 Additional information for
APPLE-SA-2018-06-01-4 iOS 11.4
iOS 11.4 addresses the following:
Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4215: Abraham Masri (@cheesecakeufo)
Bluetooth
Available for: iPhone X, iPhone 8, iPhone 8 Plus,
iPad 6th generation, and iPad Air 2
Not impacted: HomePod
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This
issue was addressed with improved input validation.
CVE-2018-5383: Lior Neumann and Eli Biham
Entry added July 23, 2018
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: A validation issue existed in the handling of phone
numbers. This issue was addressed with improved validation of phone
numbers.
CVE-2018-4100: Abraham Masri (@cheesecakeufo)
FontParser
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
iBooks
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged network position may be able to
spoof password prompts in iBooks
Description: An input validation issue was addressed with improved
input validation.
CVE-2018-4202: Jerry Decime
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4249: Kevin Backhouse of Semmle Ltd.
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2018-4241: Ian Beer of Google Project Zero
CVE-2018-4243: Ian Beer of Google Project Zero
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A logic issue was addressed with improved validation.
CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
Magnifier
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
view the last image used in Magnifier from the lockscreen
Description: A permissions issue existed in Magnifier. This was
addressed with additional permission checks.
CVE-2018-4239: an anonymous researcher
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exfiltrate the contents of
S/MIME-encrypted e-mail
Description: An issue existed in the handling of encrypted Mail. This
issue was addressed with improved isolation of MIME in Mail.
CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to conduct impersonation attacks
Description: An injection issue was addressed with improved input
validation.
CVE-2018-4235: Anurodh Pokharel of Salesforce.com
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted message may lead to a denial
of service
Description: This issue was addressed with improved message
validation.
CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd
CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya
Safari
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise
Solutions
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent account
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4223: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Users may be tracked by malicious websites using client
certificates
Description: An issue existed in the handling of S-MIME
certificaties. This issue was addressed with improved validation of
S-MIME certificates.
CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent device
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4224: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to modify the state of the Keychain
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4225: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to view sensitive user information
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4226: Abraham Masri (@cheesecakeufo)
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
enable Siri from the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can
BIKMAZ (@CanBkmaz) of Mustafa Kemal University
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn)
Siri Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker with physical access to a device may be able to
see private contact information
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4244: an anonymous researcher
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to a
denial of service
Description: A validation issue existed in the handling of text. This
issue was addressed with improved validation of text.
CVE-2018-4198: Hunter Byrnes
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4201: an anonymous researcher
CVE-2018-4218: Natalie Silvanovich of Google Project Zero
CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils
of MWR Labs working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may lead to cookies
being overwritten
Description: A permissions issue existed in the handling of web
browser cookies. This issue was addressed with improved restrictions.
CVE-2018-4232: an anonymous researcher, Aymeric Chaib
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A race condition was addressed with improved locking.
CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat
of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4214: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working
with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4246: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may leak sensitive
data
Description: Credentials were unexpectedly sent when fetching CSS
mask images. This was addressed by using a CORS-enabled fetch method.
CVE-2018-4190: Jun Kokatsu (@shhnjk)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4222: Natalie Silvanovich of Google Project Zero
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 11.4".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUshMACgkQ8ecVjteJ
iCbspA//aVxu/EdiaNxNRmRDFB8LpqKa3xjJdfkK9cJRYZ+eBHJZjBfzj4BzABuG
Xow7FkEE7LSQpCeJ08Ggo6vVQUdR4+etQ2UfjQWGX6qIvLZUXK0lw2x5XdTP0q4m
WmNoZcdK3cmbVXGMWUZRUrYPTWwMnTMsPpPoDoptaQRseN+K/0kdwsQZtdqeN9sq
GN3Qp6AW6WR1gUAgDriIyzFXTxJ8NmKx2+4B5O2w0TbmzxGa/F5ZUjw4D/wwJJPA
/RXAwseJMghPfbi9tNcjUhbGFfcnr5JvyGfY2GESFc7odWt2XSpePHr6qaJzogBr
KeJKOVpgTdS4PO37+KDUfQDIElSnYQVTff8Tinxg/Zojafp0PxYkDYRxw7i16YKU
HsB7R0o5Yi5YD4uG5ioMj4RspQDWozzveVvvtah6/bWChQQwD3XHr6JRM6oJ106G
wNx2EHfRRXFQCY680RfE8hN/98IJRrCF6nIdO9zBbzGM/Ihzr02F0qSrdB5/PXSq
S6EwJi0M5ia/KMFSO7EY5qQ2aipyDC3WPkvQrHtpsqstMrktyJOYGbm/t39WmIBb
gC92rxvNFr5mO8Owypu1/tloGr15zIxPGR6OXA/DVxdRm2/UmW1tsqQfKgporJMD
de6uiZJb8p8X36KC7YmHLTApYL3CaZebJIIOmf8tKjQUxxbR9wE=
=nII0
-----END PGP SIGNATURE-----
.
Alternatively, on your watch, select "My Watch > General > About" |
|
var-201210-0053
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component.
This vulnerability affects the following supported versions:
7 Update 7, 6 Update 35, 5.0 Update 36, 1.4.2_38. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:169
http://www.mandriva.com/security/
_______________________________________________________________________
Package : java-1.6.0-openjdk
Date : November 1, 2012
Affected: 2011., Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple security issues were identified and fixed in OpenJDK
(icedtea6):
* S6631398, CVE-2012-3216: FilePermission improved path checking
* S7093490: adjust package access in rmiregistry
* S7143535, CVE-2012-5068: ScriptEngine corrected permissions
* S7167656, CVE-2012-5077: Multiple Seeders are being created
* S7169884, CVE-2012-5073: LogManager checks do not work correctly
for sub-types
* S7169888, CVE-2012-5075: Narrowing resource definitions in JMX
RMI connector
* S7172522, CVE-2012-5072: Improve DomainCombiner checking
* S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC
* S7189103, CVE-2012-5069: Executors needs to maintain state
* S7189490: More improvements to DomainCombiner checking
* S7189567, CVE-2012-5085: java net obselete protocol
* S7192975, CVE-2012-5071: Conditional usage check is wrong
* S7195194, CVE-2012-5084: Better data validation for Swing
* S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should
be improved
* S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without
needing to create instance
* S7198296, CVE-2012-5089: Refactor classloader usage
* S7158800: Improve storage of symbol tables
* S7158801: Improve VM CompileOnly option
* S7158804: Improve config file parsing
* S7176337: Additional changes needed for 7158801 fix
* S7198606, CVE-2012-4416: Improve VM optimization
The updated packages provides icedtea6-1.11.5 which is not vulnerable
to these issues. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQklqImqjQ0CJFipgRAiNOAJ4qA9L2NTdql1htD7pQDNJrDlPnUgCguupW
xu3AOptE+B1OsUdPAeTUH5o=
=2CFK
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: January 27, 2014
Bugs: #404071, #421073, #433094, #438706, #451206, #455174,
#458444, #460360, #466212, #473830, #473980, #488210, #498148
ID: 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable!
2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 *
3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable!
4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 *
5 app-emulation/emul-linux-x86-java
< 1.7.0.51 >= 1.7.0.51 *
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
5 affected packages
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation. Please review the CVE identifiers referenced below for
details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the
latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one
of the newer Oracle packages like dev-java/oracle-jdk-bin or
dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.
References
==========
[ 1 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03595351
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03595351
Version: 1
HPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized
Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2012-12-12
Last Updated: 2012-12-12
Potential Security Impact: Remote unauthorized access, disclosure of
information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime
Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These
vulnerabilities could allow remote unauthorized access, disclosure of
information, and other exploits.
HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v7.0.03, v6.0.16
and v5.0.26 and earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6
CVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2012-5073 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6
CVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0
CVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
NOTE: The following apply to both v7.0.03 and v6.0.16 and earlier:
CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159,
CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071,
CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079,
CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086,
CVE-2012-5087, CVE-2012-5089
NOTE: The following apply to v5.0.26 and earlier: CVE-2012-1531,
CVE-2012-3143, CVE-2012-3216, CVE-2012-5069, CVE-2012-5071, CVE-2012-5073,
CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083,
CVE-2012-5084, CVE-2012-5085, CVE-2012-5089
RESOLUTION
HP has provided the following Java version upgrade to resolve these
vulnerabilities.
The upgrade is available from the following location
http://www.hp.com/java
HP-UX B.11.23, B.11.31
JDK and JRE v7.0.04 or subsequent
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.17 or subsequent
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v5.0.27 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v7.0 update to Java v7.0.04 or subsequent
For Java v6.0 update to Java v6.0.17 or subsequent
For Java v5.0 update to Java v5.0.27 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.23
HP-UX B.11.31
===========
Jdk70.JDK70-COM
Jdk70.JDK70-DEMO
Jdk70.JDK70-IPF32
Jdk70.JDK70-IPF64
Jre70.JRE70-COM
Jre70.JRE70-IPF32
Jre70.JRE70-IPF32-HS
Jre70.JRE70-IPF64
Jre70.JRE70-IPF64-HS
action: install revision 1.7.0.04.00 or subsequent
HP-UX B.11.23
HP-UX B.11.31
===========
Jdk60.JDK60-COM
Jdk60.JDK60-DEMO
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
action: install revision 1.6.0.17.00 or subsequent
HP-UX B.11.23
HP-UX B.11.31
===========
Jdk15.JDK15-COM
Jdk15.JDK15-DEMO
Jdk15.JDK15-IPF32
Jdk15.JDK15-IPF64
Jre15.JRE15-COM
Jre15.JRE15-COM-DOC
Jre15.JRE15-IPF32
Jre15.JRE15-IPF32-HS
Jre15.JRE15-IPF64
Jre15.JRE15-IPF64-HS
action: install revision 1.5.0.27.00 or subsequent
HP-UX B.11.11
HP-UX B.11.23
===========
Jdk60.JDK60-COM
Jdk60.JDK60-DEMO
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
Jre60.JRE60-COM
Jre60.JRE60-COM-DOC
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
action: install revision 1.6.0.17.00 or subsequent
HP-UX B.11.11
HP-UX B.11.23
===========
Jdk15.JDK15-COM
Jdk15.JDK15-DEMO
Jdk15.JDK15-PA20
Jdk15.JDK15-PA20W
Jre15.JRE15-COM
Jre15.JRE15-COM-DOC
Jre15.JRE15-PA20
Jre15.JRE15-PA20-HS
Jre15.JRE15-PA20W
Jre15.JRE15-PA20W-HS
action: install revision 1.5.0.27.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 12 December 2012 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated
periodically, is contained in HP Security Notice HPSN-2011-001:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits;damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
OpenVMS Integrity JDK and JRE 6.0-3.p1 and earlier.
Background
==========
IcedTea is a distribution of the Java OpenJDK source code built with
free build tools. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory and Oracle Security Alert pages, listed in the
References section. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: java-1.6.0-openjdk security update
Advisory ID: RHSA-2012:1385-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1385.html
Issue date: 2012-10-17
CVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068
CVE-2012-5069 CVE-2012-5071 CVE-2012-5072
CVE-2012-5073 CVE-2012-5075 CVE-2012-5077
CVE-2012-5079 CVE-2012-5081 CVE-2012-5084
CVE-2012-5085 CVE-2012-5086 CVE-2012-5089
=====================================================================
1. Summary:
Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
3. Description:
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.
Multiple improper permission check issues were discovered in the Beans,
Swing, and JMX components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass Java sandbox restrictions.
(CVE-2012-5086, CVE-2012-5084, CVE-2012-5089)
Multiple improper permission check issues were discovered in the Scripting,
JMX, Concurrency, Libraries, and Security components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass
certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071,
CVE-2012-5069, CVE-2012-5073, CVE-2012-5072)
It was discovered that java.util.ServiceLoader could create an instance of
an incompatible class while performing provider lookup. An untrusted Java
application or applet could use this flaw to bypass certain Java sandbox
restrictions. (CVE-2012-5079)
It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS
implementation did not properly handle handshake records containing an
overly large data length value. An unauthenticated, remote attacker could
possibly use this flaw to cause an SSL/TLS server to terminate with an
exception. (CVE-2012-5081)
It was discovered that the JMX component in OpenJDK could perform certain
actions in an insecure manner. An untrusted Java application or applet
could possibly use this flaw to disclose sensitive information.
(CVE-2012-5075)
A bug in the Java HotSpot Virtual Machine optimization code could cause it
to not perform array initialization in certain cases. An untrusted Java
application or applet could use this flaw to disclose portions of the
virtual machine's memory. (CVE-2012-4416)
It was discovered that the SecureRandom class did not properly protect
against the creation of multiple seeders. An untrusted Java application or
applet could possibly use this flaw to disclose sensitive information.
(CVE-2012-5077)
It was discovered that the java.io.FilePermission class exposed the hash
code of the canonicalized path name. An untrusted Java application or
applet could possibly use this flaw to determine certain system paths, such
as the current working directory. (CVE-2012-3216)
This update disables Gopher protocol support in the java.net package by
default. Gopher support can be enabled by setting the newly introduced
property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085)
This erratum also upgrades the OpenJDK package to IcedTea6 1.10.10. Refer
to the NEWS file, linked to in the References, for further information.
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606)
865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)
865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)
865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)
865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884)
865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)
865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)
865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286)
865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)
865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)
865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)
865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)
865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103)
865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567)
865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-3216.html
https://www.redhat.com/security/data/cve/CVE-2012-4416.html
https://www.redhat.com/security/data/cve/CVE-2012-5068.html
https://www.redhat.com/security/data/cve/CVE-2012-5069.html
https://www.redhat.com/security/data/cve/CVE-2012-5071.html
https://www.redhat.com/security/data/cve/CVE-2012-5072.html
https://www.redhat.com/security/data/cve/CVE-2012-5073.html
https://www.redhat.com/security/data/cve/CVE-2012-5075.html
https://www.redhat.com/security/data/cve/CVE-2012-5077.html
https://www.redhat.com/security/data/cve/CVE-2012-5079.html
https://www.redhat.com/security/data/cve/CVE-2012-5081.html
https://www.redhat.com/security/data/cve/CVE-2012-5084.html
https://www.redhat.com/security/data/cve/CVE-2012-5085.html
https://www.redhat.com/security/data/cve/CVE-2012-5086.html
https://www.redhat.com/security/data/cve/CVE-2012-5089.html
https://access.redhat.com/security/updates/classification/#important
http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.10/NEWS
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQftoKXlSAg2UNWIIRAlxMAJ4+4H1sLrKcMHwCn+Dlg2sZc4GxwACfVAI/
p/e+cXPH/rQkcx4meVul1Ro=
=o5MM
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and
Java for Mac OS X 10.6 Update 11
Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 are now
available and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Impact: Multiple vulnerabilities in Java 1.6.0_35
Description: Multiple vulnerabilities exist in Java 1.6.0_35, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_37.
Further information is available via the Java website at http://www.o
racle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2012-1531
CVE-2012-1532
CVE-2012-1533
CVE-2012-3143
CVE-2012-3159
CVE-2012-3216
CVE-2012-4416
CVE-2012-5068
CVE-2012-5069
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5075
CVE-2012-5077
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5086
CVE-2012-5089
CVE-2012-5979
Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11
may be obtained from the Software Update pane in System Preferences,
Mac App Store, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: 2ca7594a6f7849b502715e8473cf46ef73570da6
For OS X Lion and Mountain Lion systems
The download file is named: JavaForOSX.dmg
Its SHA-1 digest is: eff777cdc39b4e3336b3477f60e8ad769ded8532
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJQfZ+bAAoJEPefwLHPlZEwF+YP/iVGN+CqCkLf7SavQUwyTQ08
a6+I34hefvCQcLCQ4EBYOzDXUJIlcH2azcGnvQsrrgWgpoE6ykqyj4fkpwLM0nF1
CfcSGOV8hmC2ZtR2PgJLcaP4FDKyNoOqLtKY6KtZnUQNcKBYcdM/y3OON9Zc0F2/
m/nQGnm3RfuXYXzSmTwJVKjuR1MkhUfZ9N6cwYUfjQC6cQaRs4tjeezd1jaobeXZ
lfk5Mo/kp3KTwAKsjdwqIThGX/UXdHQm9PnGfU9ktNv0429vKTX4VarPjyLsIeiO
GcBjfzRKzWYrbzTyKqKRAmtC/TcTnGJ8AfOjCP6HedeelJEbHB3iBb4ugqHzcPGG
ffZ9rZy8SMVppJyv3NeJJN86Kl3etdShmhj7maxyQUopDanpZQraaarkNlSYyLql
I0z4/IGX6W4Y2HYI+5wRchSewZi9mU9tw1HFZaoINaPBynEC0jihbeT5P9olX7mL
1OrWyPMPeaXtD9VRaSlV1WwPojJp26XrcWFUu6gqCOWRTzL0h83hNJrQJwTW7PrT
g6ryifMGItMkmOuINyniuUbz1PcOiQZ5VhtQn8XbvjX4BpGS6GJ4IAJ0rv9nSeON
PGv6JcpEAdjEdsChnDTGGTyUzQSN+HU/KTd7Jngg/Bu1v96ZAqrmVzFVkZi+6dtN
8KhhmiZ54RdiudmsUgFu
=TWGY
-----END PGP SIGNATURE-----
. Customers are advised to migrate to later
versions of Java at this time. In
cases where it is not feasible to move to a later version of supported
Java, customers are advised to contact IBM to evaluate other options |
|
var-201006-1131
|
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to an "API abuse issue.". WebKit is prone to a remote code-execution vulnerability.
An attacker can exploit this issue by enticing an unsuspecting user into viewing a malicious webpage.
Successful exploits can allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
NOTE: This issue was previously covered in BID 40620 (Apple Safari Prior to 5.0 and 4.1 Multiple Security Vulnerabilities) but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:039
http://www.mandriva.com/security/
_______________________________________________________________________
Package : webkit
Date : March 2, 2011
Affected: 2010.1
_______________________________________________________________________
Problem Description:
Multiple cross-site scripting, denial of service and arbitrary code
execution security flaws were discovered in webkit.
Please consult the CVE web links for further information.
The updated packages have been upgraded to the latest version (1.2.7)
to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0650
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2264
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2648
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3255
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4197
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4206
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
141f3cd181b875d1bb40b67a507b6db1 2010.1/i586/libwebkitgtk1.0_2-1.2.7-0.1mdv2010.2.i586.rpm
054886a3c645b3ce710b9b9daec1d5f9 2010.1/i586/libwebkitgtk1.0-devel-1.2.7-0.1mdv2010.2.i586.rpm
bef556ca3f281f6ef4086292c3b658d2 2010.1/i586/webkit1.0-1.2.7-0.1mdv2010.2.i586.rpm
a1ff7ac638646aeb64e3bbdca9bc945d 2010.1/i586/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.i586.rpm
3f40e3ebc62bad67097a9e102e0e79c2 2010.1/i586/webkit-1.2.7-0.1mdv2010.2.i586.rpm
50875cf1bc8718cedce1a45dc509b44b 2010.1/i586/webkit-gtklauncher-1.2.7-0.1mdv2010.2.i586.rpm
625d27780d1cc9edb935d4ac3521ae16 2010.1/i586/webkit-jsc-1.2.7-0.1mdv2010.2.i586.rpm
8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
5ce57cd6ab823f8084030033c7c230d7 2010.1/x86_64/lib64webkitgtk1.0_2-1.2.7-0.1mdv2010.2.x86_64.rpm
690d8718a97af93f58de3bb2357fbe9b 2010.1/x86_64/lib64webkitgtk1.0-devel-1.2.7-0.1mdv2010.2.x86_64.rpm
7cc1d4aa77e1901ccc92f27faf85c9ea 2010.1/x86_64/webkit1.0-1.2.7-0.1mdv2010.2.x86_64.rpm
2b77a77159529c55f64343aba98c15d9 2010.1/x86_64/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.x86_64.rpm
475cf83c5ddd8f6809c2c73a1f5a71d1 2010.1/x86_64/webkit-1.2.7-0.1mdv2010.2.x86_64.rpm
b0f1c76107c3d54241daa7e61bfb29a9 2010.1/x86_64/webkit-gtklauncher-1.2.7-0.1mdv2010.2.x86_64.rpm
97deff5e94a625a79842b4c240b0b00d 2010.1/x86_64/webkit-jsc-1.2.7-0.1mdv2010.2.x86_64.rpm
8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNbgbemqjQ0CJFipgRAs9YAJ92z2WSC2ijj34b/wr42OIYLtv65gCg7XgL
Yv/ButpYAcXsmnJWUG4ayxQ=
=GRM6
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
|
var-201410-0859
|
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING. Oracle MySQL Server is an open source relational database management system developed by Oracle Corporation. The database system has the characteristics of high performance, low cost and good reliability. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: mariadb security update
Advisory ID: RHSA-2014:1861-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1861.html
Issue date: 2014-11-17
CVE Names: CVE-2014-2494 CVE-2014-4207 CVE-2014-4243
CVE-2014-4258 CVE-2014-4260 CVE-2014-4274
CVE-2014-4287 CVE-2014-6463 CVE-2014-6464
CVE-2014-6469 CVE-2014-6484 CVE-2014-6505
CVE-2014-6507 CVE-2014-6520 CVE-2014-6530
CVE-2014-6551 CVE-2014-6555 CVE-2014-6559
=====================================================================
1. Summary:
Updated mariadb packages that fix several security issues are now available
for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL.
This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-2494,
CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287,
CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,
CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,
CVE-2014-6555, CVE-2014-6559)
These updated packages upgrade MariaDB to version 5.5.40. Refer to the
MariaDB Release Notes listed in the References section for a complete list
of changes.
All MariaDB users should upgrade to these updated packages, which correct
these issues. After installing this update, the MariaDB server daemon
(mysqld) will be restarted automatically.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1120382 - CVE-2014-2494 mysql: unspecified vulnerability related to ENARC (CPU July 2014)
1120383 - CVE-2014-4207 mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)
1120385 - CVE-2014-4243 mysql: unspecified vulnerability related to ENFED (CPU July 2014)
1120387 - CVE-2014-4258 mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)
1120388 - CVE-2014-4260 mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)
1126271 - CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20
1153461 - CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)
1153462 - CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)
1153463 - CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)
1153464 - CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)
1153467 - CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
1153489 - CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)
1153490 - CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
1153491 - CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)
1153493 - CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
1153494 - CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)
1153495 - CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
1153496 - CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
mariadb-5.5.40-1.el7_0.src.rpm
x86_64:
mariadb-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-libs-5.5.40-1.el7_0.i686.rpm
mariadb-libs-5.5.40-1.el7_0.x86_64.rpm
mariadb-server-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
mariadb-bench-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-devel-5.5.40-1.el7_0.i686.rpm
mariadb-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-test-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
mariadb-5.5.40-1.el7_0.src.rpm
x86_64:
mariadb-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-libs-5.5.40-1.el7_0.i686.rpm
mariadb-libs-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
mariadb-bench-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-devel-5.5.40-1.el7_0.i686.rpm
mariadb-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-server-5.5.40-1.el7_0.x86_64.rpm
mariadb-test-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
mariadb-5.5.40-1.el7_0.src.rpm
ppc64:
mariadb-5.5.40-1.el7_0.ppc64.rpm
mariadb-bench-5.5.40-1.el7_0.ppc64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.ppc.rpm
mariadb-debuginfo-5.5.40-1.el7_0.ppc64.rpm
mariadb-devel-5.5.40-1.el7_0.ppc.rpm
mariadb-devel-5.5.40-1.el7_0.ppc64.rpm
mariadb-libs-5.5.40-1.el7_0.ppc.rpm
mariadb-libs-5.5.40-1.el7_0.ppc64.rpm
mariadb-server-5.5.40-1.el7_0.ppc64.rpm
mariadb-test-5.5.40-1.el7_0.ppc64.rpm
s390x:
mariadb-5.5.40-1.el7_0.s390x.rpm
mariadb-bench-5.5.40-1.el7_0.s390x.rpm
mariadb-debuginfo-5.5.40-1.el7_0.s390.rpm
mariadb-debuginfo-5.5.40-1.el7_0.s390x.rpm
mariadb-devel-5.5.40-1.el7_0.s390.rpm
mariadb-devel-5.5.40-1.el7_0.s390x.rpm
mariadb-libs-5.5.40-1.el7_0.s390.rpm
mariadb-libs-5.5.40-1.el7_0.s390x.rpm
mariadb-server-5.5.40-1.el7_0.s390x.rpm
mariadb-test-5.5.40-1.el7_0.s390x.rpm
x86_64:
mariadb-5.5.40-1.el7_0.x86_64.rpm
mariadb-bench-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-devel-5.5.40-1.el7_0.i686.rpm
mariadb-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-libs-5.5.40-1.el7_0.i686.rpm
mariadb-libs-5.5.40-1.el7_0.x86_64.rpm
mariadb-server-5.5.40-1.el7_0.x86_64.rpm
mariadb-test-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
mariadb-debuginfo-5.5.40-1.el7_0.ppc.rpm
mariadb-debuginfo-5.5.40-1.el7_0.ppc64.rpm
mariadb-embedded-5.5.40-1.el7_0.ppc.rpm
mariadb-embedded-5.5.40-1.el7_0.ppc64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.ppc.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.ppc64.rpm
s390x:
mariadb-debuginfo-5.5.40-1.el7_0.s390.rpm
mariadb-debuginfo-5.5.40-1.el7_0.s390x.rpm
mariadb-embedded-5.5.40-1.el7_0.s390.rpm
mariadb-embedded-5.5.40-1.el7_0.s390x.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.s390.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.s390x.rpm
x86_64:
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
mariadb-5.5.40-1.el7_0.src.rpm
x86_64:
mariadb-5.5.40-1.el7_0.x86_64.rpm
mariadb-bench-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-devel-5.5.40-1.el7_0.i686.rpm
mariadb-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-libs-5.5.40-1.el7_0.i686.rpm
mariadb-libs-5.5.40-1.el7_0.x86_64.rpm
mariadb-server-5.5.40-1.el7_0.x86_64.rpm
mariadb-test-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-2494
https://access.redhat.com/security/cve/CVE-2014-4207
https://access.redhat.com/security/cve/CVE-2014-4243
https://access.redhat.com/security/cve/CVE-2014-4258
https://access.redhat.com/security/cve/CVE-2014-4260
https://access.redhat.com/security/cve/CVE-2014-4274
https://access.redhat.com/security/cve/CVE-2014-4287
https://access.redhat.com/security/cve/CVE-2014-6463
https://access.redhat.com/security/cve/CVE-2014-6464
https://access.redhat.com/security/cve/CVE-2014-6469
https://access.redhat.com/security/cve/CVE-2014-6484
https://access.redhat.com/security/cve/CVE-2014-6505
https://access.redhat.com/security/cve/CVE-2014-6507
https://access.redhat.com/security/cve/CVE-2014-6520
https://access.redhat.com/security/cve/CVE-2014-6530
https://access.redhat.com/security/cve/CVE-2014-6551
https://access.redhat.com/security/cve/CVE-2014-6555
https://access.redhat.com/security/cve/CVE-2014-6559
https://access.redhat.com/security/updates/classification/#important
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL
https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5540-release-notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUadeuXlSAg2UNWIIRAq0FAKC2DOhAOg/q+zlOLLV3ztECJ+Gh0gCdEGtr
rmT+kQlZKObKWBl1L2CyGEU=
=yhRc
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. Galera is a synchronous multi-master cluster for
MariaDB. ============================================================================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.1 package:
da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz
Slackware -current package:
f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz
Slackware x86_64 -current package:
6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz
Then, restart the database server:
# sh /etc/rc.d/rc.mysqld restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: MySQL, MariaDB: Multiple vulnerabilities
Date: November 05, 2014
Bugs: #525504
ID: 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the MySQL and MariaDB,
possibly allowing attackers to cause unspecified impact. MariaDB is an
enhanced, drop-in replacement for MySQL.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/mysql < 5.5.40 >= 5.5.40
2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple unspecified vulnerabilities have been discovered in MySQL.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code, Denial of Service, or disclosure of sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All MySQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40"
All MariaDB users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1"
References
==========
[ 1 ] CVE-2014-6464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464
[ 2 ] CVE-2014-6469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469
[ 3 ] CVE-2014-6491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491
[ 4 ] CVE-2014-6494
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494
[ 5 ] CVE-2014-6496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496
[ 6 ] CVE-2014-6500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500
[ 7 ] CVE-2014-6507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507
[ 8 ] CVE-2014-6555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555
[ 9 ] CVE-2014-6559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
For the unstable distribution (sid), these problems will be fixed soon |
|
var-201102-0095
|
Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer.". Google Chrome Does not properly execute events that handle animations, resulting in service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities.
Attackers may exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks are also possible.
Chrome versions prior to 9.0.597.94 are vulnerable. Versions of Google Chrome prior to 9.0.597.94 did not properly perform event handling for dynamic screens. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2166-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
February 16, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : chromium-browser
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-0777 CVE-2011-0778 CVE-2011-0783 CVE-2011-0983 CVE-2011-0981 CVE-2011-0984 CVE-2011-0985
Several vulnerabilities were discovered in the Chromium browser.
For the stable distribution (squeeze), these problems have been fixed
in version 6.0.472.63~r59945-5+squeeze2
For the testing distribution (wheezy), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed
in version 9.0.597.98~r74359-1
We recommend that you upgrade your chromium-browser packages. This issue does not affect OS X Lion systems.
For Mac OS X v10.6 systems, this issue is addressed in Security
Update 2011-006. This issue does not affect OS X Lion
systems. This issue does not
affect OS X Lion systems. For OS X Lion systems, this issue is addressed
in OS X Lion v10.7.2. For Mac OS X v10.6 systems, this issue is
addressed in Security Update 2011-006. This issue does not affect OS X Lion systems. For Mac OS
X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. This issue does not affect Mac OS X systems.
Description: Multiple memory corruption issues existed in WebKit. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:
http://secunia.com/products/corporate/vim/section_179/
----------------------------------------------------------------------
TITLE:
Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA43021
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/43021/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=43021
RELEASE DATE:
2011-02-11
DISCUSS ADVISORY:
http://secunia.com/advisories/43021/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/43021/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43021
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Some vulnerabilities have been reported in Google Chrome, where some
have an unknown impact and others can be exploited by malicious
people to compromise a user's system.
1) The application bundles a vulnerable version of the Flash plugin
For more information:
SA43267
2) An error related to a stale pointer exists within the animation
event handling
3) A use-after-free error exists the handling of SVG font faces.
4) An error related to a stale pointer exists within the anonymous
block handling.
5) Errors within the plugin handling can be exploited to cause
out-of-bounds reads.
6) Processes may not always properly terminate in case of an
out-of-memory condition.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
2) Rik Cabanier
3) miaubiz
4) Martin Barbella
5) Bill Budge, Google
6) David Warren, CERT/CC.
ORIGINAL ADVISORY:
http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/products/corporate/EVM/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/products/corporate/EVM/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/products/corporate/EVM/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-10-12-1 iOS 5 Software Update
iOS 5 Software Update is now available and addresses the following:
CalDAV
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information from a CalDAV
calendar server
Description: CalDAV did not check that the SSL certificate presented
by the server was trusted.
CVE-ID
CVE-2011-3253 : Leszek Tasiemski of nSense
Calendar
Available for: iOS 4.2.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 4.2.0 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 4.2.0 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted calendar invitation may inject
script in the local domain
Description: A script injection issue existed in Calendar's handling
of invitation notes. This issue is addressed through improved
escaping of special characters in invitation notes. This issues does
not affect devices prior to iOS 4.2.0.
CVE-ID
CVE-2011-3254 : Rick Deacon
CFNetwork
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: User's AppleID password may be logged to a local file
Description: A user's AppleID password and username were logged to a
file that was readable by applications on the system. This is
resolved by no longer logging these credentials.
CVE-ID
CVE-2011-3255 : Peter Quade of qdevelop
CFNetwork
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in CFNetwork's handling of HTTP
cookies. When accessing a maliciously crafted HTTP or HTTPS URL,
CFNetwork could incorrectly send the cookies for a domain to a server
outside that domain.
CVE-ID
CVE-2011-3246 : Erling Ellingsen of Facebook
CoreFoundation
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted website or e-mail message may
lead to an unexpected application termination or arbitrary code
execution
Description: A memory corruption issue existed in CoreFoundation's
handling of string tokenization.
CVE-ID
CVE-2011-0259 : Apple
CoreGraphics
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a document containing a maliciously crafted font may
lead to arbitrary code execution
Description: Multiple memory corruption existed in freetype, the
most serious of which may lead to arbitrary code execution when
processing a maliciously crafted font.
CVE-ID
CVE-2011-3256 : Apple
CoreMedia
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to the
disclosure of video data from another site
Description: A cross-origin issue existed in CoreMedia's handling of
cross-site redirects. This issue is addressed through improved origin
tracking.
CVE-ID
CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability
Research (MSVR)
Data Access
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An exchange mail cookie management issue could incorrectly
cause data synchronization across different accounts
Description: When multiple mail exchange accounts are configured
which connect to the same server, a session could potentially receive
a valid cookie corresponding to a different account. This issue is
addressed by ensuring that cookies are separated across different
accounts.
CVE-ID
CVE-2011-3257 : Bob Sielken of IBM
Data Security
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information
Description: Fraudulent certificates were issued by multiple
certificate authorities operated by DigiNotar. This issue is
addressed by removing DigiNotar from the list of trusted root
certificates, from the list of Extended Validation (EV) certificate
authorities, and by configuring default system trust settings so that
DigiNotar's certificates, including those issued by other
authorities, are not trusted.
Data Security
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Support for X.509 certificates with MD5 hashes may expose
users to spoofing and information disclosure as attacks improve
Description: Certificates signed using the MD5 hash algorithm were
accepted by iOS. This algorithm has known cryptographic weaknesses.
Further research or a misconfigured certificate authority could have
allowed the creation of X.509 certificates with attacker controlled
values that would have been trusted by the system. This would have
exposed X.509 based protocols to spoofing, man in the middle attacks,
and information disclosure. This update disables support for an X.509
certificate with an MD5 hash for any use other than as a trusted root
certificate.
CVE-ID
CVE-2011-3427
Data Security
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An attacker could decrypt part of a SSL connection
Description: Only the SSLv3 and TLS 1.0 versions of SSL were
supported. These versions are subject to a protocol weakness when
using block ciphers. A man-in-the-middle attacker could have injected
invalid data, causing the connection to close but revealing some
information about the previous data. If the same connection was
attempted repeatedly the attacker may eventually have been able to
decrypt the data being sent, such as a password. This issue is
addressed by adding support for TLS 1.2.
CVE-ID
CVE-2011-3389
Home screen
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Switching between applications may lead to the disclosure of
sensitive application information
Description: When switching between applications with the four-
finger app switching gesture, the display could have revealed the
previous application state. This issue is addressed by ensuring that
the system properly calls the applicationWillResignActive: method
when transitioning between applications.
CVE-ID
CVE-2011-3431 : Abe White of Hedonic Software Inc.
ImageIO
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted TIFF image may result in an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in libTIFF's handling of
CCITT Group 4 encoded TIFF images.
CVE-ID
CVE-2011-0192 : Apple
ImageIO
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted TIFF image may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in ImageIO's handling of
CCITT Group 4 encoded TIFF images.
CVE-ID
CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
International Components for Unicode
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Applications that use ICU may be vulnerable to an unexpected
application termination or arbitrary code execution
Description: A buffer overflow issue existed in ICU's generation of
collation keys for long strings of mostly uppercase letters.
CVE-ID
CVE-2011-0206 : David Bienvenu of Mozilla
Kernel
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A remote attacker may cause a device reset
Description: The kernel failed to promptly reclaim memory from
incomplete TCP connections. An attacker with the ability to connect
to a listening service on an iOS device could exhaust system
resources.
CVE-ID
CVE-2011-3259 : Wouter van der Veer of Topicus I&I, and Josh Enders
Kernel
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A local user may be able to cause a system reset
Description: A null dereference issue existed in the handling of
IPV6 socket options.
CVE-ID
CVE-2011-1132 : Thomas Clement of Intego
Keyboards
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A user may be able to determine information about the last
character of a password
Description: The keyboard used to type the last character of a
password was briefly displayed the next time the keyboard was used.
CVE-ID
CVE-2011-3245 : Paul Mousdicas
libxml
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: A one-byte heap buffer overflow existed in libxml's
handling of XML data.
CVE-ID
CVE-2011-0216 : Billy Rios of the Google Security Team
OfficeImport
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted Word file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in OfficeImport's handling of
Microsoft Word documents.
CVE-ID
CVE-2011-3260 : Tobias Klein working with Verisign iDefense Labs
OfficeImport
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted Excel file may lead to an
unexpected application termination or arbitrary code execution
Description: A double free issue existed in OfficeImport's handling
of Excel files.
CVE-ID
CVE-2011-3261 : Tobias Klein of www.trapkit.de
OfficeImport
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Downloading a maliciously crafted Microsoft Office file may
lead to an unexpected application termination or arbitrary code
execution
Description: A memory corruption issue existed in OfficeImport's
handling of Microsoft Office files.
CVE-ID
CVE-2011-0208 : Tobias Klein working with iDefense VCP
OfficeImport
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Downloading a maliciously crafted Excel file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in OfficeImport's
handling of Excel files.
CVE-ID
CVE-2011-0184 : Tobias Klein working with iDefense VCP
Safari
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Opening maliciously crafted files on certain websites may
lead to a cross-site scripting attack
Description: iOS did not support the 'attachment' value for the HTTP
Content-Disposition header. This header is used by many websites to
serve files that were uploaded to the site by a third-party, such as
attachments in web-based e-mail applications. Any script in files
served with this header value would run as if the file had been
served inline, with full access to other resources on the origin
server. This issue is addressed by loading attachments in an isolated
security origin with no access to resources on other sites.
CVE-ID
CVE-2011-3426 : Christian Matthies working with iDefense VCP,
Yoshinori Oota from Business Architects Inc working with JP/CERT
Settings
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An attacker with physical access to a device may be able to
recover the restrictions passcode
Description: The parental restrictions functionality enforces UI
restrictions. Configuring parental restrictions is protected by a
passcode, which was previously stored in plaintext on disk. This
issue is addressed by securely storing the parental restrictions
passcode in the system keychain.
CVE-ID
CVE-2011-3429 : an anonymous reporter
Settings
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Misleading UI
Description: Configurations and settings applied via configuration
profiles did not appear to function properly under any non-English
language. Settings could be improperly displayed as a result. This
issue is addressed by fixing a localization error.
CVE-ID
CVE-2011-3430 : Florian Kreitmaier of Siemens CERT
UIKit Alerts
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a malicious website may cause an unexpected device
hang
Description: An excessive maximum text layout length permitted
malicious websites to cause iOS to hang when drawing acceptance
dialogs for very long tel: URIs. This issue is addressed by using a
more reasonable maximum URI size.
CVE-ID
CVE-2011-3432 : Simon Young of Anglia Ruskin University
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
CVE-ID
CVE-2011-0218 : SkyLined of Google Chrome Security Team
CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS
Research Team, and Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative
CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-0234 : Rob King working with TippingPoint's Zero Day
Initiative, wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-0238 : Adam Barth of Google Chrome Security Team
CVE-2011-0254 : An anonymous researcher working with TippingPoint's
Zero Day Initiative
CVE-2011-0255 : An anonymous reporter working with TippingPoint's
Zero Day Initiative
CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc
CVE-2011-0983 : Martin Barbella
CVE-2011-1109 : Sergey Glazunov
CVE-2011-1114 : Martin Barbella
CVE-2011-1115 : Martin Barbella
CVE-2011-1117 : wushi of team509
CVE-2011-1121 : miaubiz
CVE-2011-1188 : Martin Barbella
CVE-2011-1203 : Sergey Glazunov
CVE-2011-1204 : Sergey Glazunov
CVE-2011-1288 : Andreas Kling of Nokia
CVE-2011-1293 : Sergey Glazunov
CVE-2011-1296 : Sergey Glazunov
CVE-2011-1449 : Marek Majkowski
CVE-2011-1451 : Sergey Glazunov
CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-1457 : John Knottenbelt of Google
CVE-2011-1462 : wushi of team509
CVE-2011-1797 : wushi of team509
CVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2339 : Cris Neckar of the Google Chrome Security Team
CVE-2011-2341 : Apple
CVE-2011-2351 : miaubiz
CVE-2011-2352 : Apple
CVE-2011-2354 : Apple
CVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome
Security Team using AddressSanitizer
CVE-2011-2359 : miaubiz
CVE-2011-2788 : Mikolaj Malecki of Samsung
CVE-2011-2790 : miaubiz
CVE-2011-2792 : miaubiz
CVE-2011-2797 : miaubiz
CVE-2011-2799 : miaubiz
CVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-2813 : Cris Neckar of Google Chrome Security Team using
AddressSanitizer
CVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2816 : Apple
CVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2818 : Martin Barbella
CVE-2011-2820 : Raman Tenneti and Philip Rogers of Google
CVE-2011-2823 : SkyLined of Google Chrome Security Team
CVE-2011-2827 : miaubiz
CVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-3232 : Aki Helin of OUSPG
CVE-2011-3234 : miaubiz
CVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the
Chromium development community, and Abhishek Arya (Inferno) of Google
Chrome Security Team
CVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the
Chromium development community, and Abhishek Arya (Inferno) of Google
Chrome Security Team
CVE-2011-3244 : vkouchna
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of URLs
with an embedded username. This issue is addressed through improved
handling of URLs with an embedded username.
CVE-ID
CVE-2011-0242 : Jobert Abma of Online24
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of DOM
nodes.
CVE-ID
CVE-2011-1295 : Sergey Glazunov
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A maliciously crafted website may be able to cause a
different URL to be shown in the address bar
Description: A URL spoofing issue existed in the handling of the DOM
history object.
CVE-ID
CVE-2011-1107 : Jordi Chancel
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A configuration issue existed in WebKit's use of
libxslt. Visiting a maliciously crafted website may lead to arbitrary
files being created with the privileges of the user, which may lead
to arbitrary code execution. This issue is addressed through improved
libxslt security settings.
CVE-ID
CVE-2011-1774 : Nicolas Gregoire of Agarri
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a malicious website and dragging content in the
page may lead to an information disclosure
Description: A cross-origin issue existed in WebKit's handling of
HTML5 drag and drop. This issue is addressed by disallowing drag and
drop across different origins.
CVE-ID
CVE-2011-0166 : Michal Zalewski of Google Inc.
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to an
information disclosure
Description: A cross-origin issue existed in the handling of Web
Workers.
CVE-ID
CVE-2011-1190 : Daniel Divricean of divricean.ro
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of the
window.open method.
CVE-ID
CVE-2011-2805 : Sergey Glazunov
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of
inactive DOM windows.
CVE-ID
CVE-2011-3243 : Sergey Glazunov
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of the
document.documentURI property.
CVE-ID
CVE-2011-2819 : Sergey Glazunov
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A maliciously crafted website may be able to track the URLs
that a user visits within a frame
Description: A cross-origin issue existed in the handling of the
beforeload event.
CVE-ID
CVE-2011-2800 : Juho Nurminen
WiFi
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: WiFi credentials may be logged to a local file
Description: WiFi credentials including the passphrase and
encryption keys were logged to a file that was readable by
applications on the system. This is resolved by no longer logging
these credentials.
CVE-ID
CVE-2011-3434 : Laurent OUDOT of TEHTRI Security
Installation note:
This update is only available through iTunes, and will not appear
in your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an Internet connection and have
installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When
the iPhone, iPod touch or iPad is docked, iTunes will present the
user with the option to install the update. We recommend applying
the update immediately if possible. Selecting Don't Install will
present the option the next time you connect your iPhone, iPod touch,
or iPad.
The automatic update process may take up to a week depending on the
day that iTunes checks for updates. You may manually obtain the
update via the Check for Updates button within iTunes. After doing
this, the update can be applied when your iPhone, iPod touch, or iPad
is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be
"5 (9A334)".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOldmtAAoJEGnF2JsdZQee/qMIAIPxmIiOqj+FMLFHZtPeC/Dp
3s4JliKOOgNnjXkxErfaNvYGmeVbDaUER5jdVrWccTauzlYmy8G4uK0An2GD2YiP
gB5AiCQXpONdBCi38QNdRqrYoYjc8Sa0nUp4r5uWPoiHoj5KfxvBpgygEL+zjHXS
fmnrONOCWhOYp0w4q6mdTg5BH2uJCbXscD/JjbmgHQI0Vs/iUZKSRyqFo2b0Mvze
NiSyzcj/4l62Cxx7xM9VbdrYL7Al2yyHfNYJQsZmoeDUlJQcdgEgEMXvOuhY3sFK
maxYr2oCp6Mtf53fplAeJIV4ijLynEWAKxTuTznAyW1k7oiGrDTfORSFKPEB9MQ=
=LCQZ
-----END PGP SIGNATURE-----
|
|
var-202212-1523
|
The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory. Safari , iPadOS , iOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: webkit2gtk3 security and bug fix update
Advisory ID: RHSA-2023:2256-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:2256
Issue date: 2023-05-09
CVE Names: CVE-2022-32886 CVE-2022-32888 CVE-2022-32923
CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
CVE-2022-42826 CVE-2022-42852 CVE-2022-42863
CVE-2022-42867 CVE-2022-46691 CVE-2022-46692
CVE-2022-46698 CVE-2022-46699 CVE-2022-46700
CVE-2023-23517 CVE-2023-23518 CVE-2023-25358
CVE-2023-25360 CVE-2023-25361 CVE-2023-25362
CVE-2023-25363
====================================================================
1. Summary:
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64
3. Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 9.2 Release Notes linked from the References section. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux AppStream (v. 9):
Source:
webkit2gtk3-2.38.5-1.el9.src.rpm
aarch64:
webkit2gtk3-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
ppc64le:
webkit2gtk3-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
s390x:
webkit2gtk3-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.s390x.rpm
x86_64:
webkit2gtk3-2.38.5-1.el9.i686.rpm
webkit2gtk3-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.i686.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-32886
https://access.redhat.com/security/cve/CVE-2022-32888
https://access.redhat.com/security/cve/CVE-2022-32923
https://access.redhat.com/security/cve/CVE-2022-42799
https://access.redhat.com/security/cve/CVE-2022-42823
https://access.redhat.com/security/cve/CVE-2022-42824
https://access.redhat.com/security/cve/CVE-2022-42826
https://access.redhat.com/security/cve/CVE-2022-42852
https://access.redhat.com/security/cve/CVE-2022-42863
https://access.redhat.com/security/cve/CVE-2022-42867
https://access.redhat.com/security/cve/CVE-2022-46691
https://access.redhat.com/security/cve/CVE-2022-46692
https://access.redhat.com/security/cve/CVE-2022-46698
https://access.redhat.com/security/cve/CVE-2022-46699
https://access.redhat.com/security/cve/CVE-2022-46700
https://access.redhat.com/security/cve/CVE-2023-23517
https://access.redhat.com/security/cve/CVE-2023-23518
https://access.redhat.com/security/cve/CVE-2023-25358
https://access.redhat.com/security/cve/CVE-2023-25360
https://access.redhat.com/security/cve/CVE-2023-25361
https://access.redhat.com/security/cve/CVE-2023-25362
https://access.redhat.com/security/cve/CVE-2023-25363
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
For the stable distribution (bullseye), these problems have been fixed in
version 2.38.3-1~deb11u1.
We recommend that you upgrade your wpewebkit packages.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2022-12-13-4 macOS Ventura 13.1
macOS Ventura 13.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213532.
Accounts
Available for: macOS Ventura
Impact: A user may be able to view sensitive user information
Description: This issue was addressed with improved data protection.
CVE-2022-42843: Mickey Jin (@patch1t)
AMD
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2022-42847: ABC Research s.r.o.
AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed by enabling hardened runtime.
CVE-2022-42854: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Boot Camp
Available for: macOS Ventura
Impact: An app may be able to modify protected parts of the file
system
Description: An access issue was addressed with improved access
restrictions.
CVE-2022-42853: Mickey Jin (@patch1t) of Trend Micro
CoreServices
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: Multiple issues were addressed by removing the
vulnerable code.
CVE-2022-42859: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of
Offensive Security
DriverKit
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32942: Linus Henze of Pinauten GmbH (pinauten.de)
ImageIO
Available for: macOS Ventura
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2022-46693: Mickey Jin (@patch1t)
IOHIDFamily
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A race condition was addressed with improved state
handling.
CVE-2022-42864: Tommy Muir (@Muirey03)
IOMobileFrameBuffer
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2022-46690: John Aakerblom (@jaakerblom)
IOMobileFrameBuffer
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: An out-of-bounds access issue was addressed with
improved bounds checking.
CVE-2022-46697: John Aakerblom (@jaakerblom) and Antonio Zekic
(@antoniozekic)
iTunes Store
Available for: macOS Ventura
Impact: A remote user may be able to cause unexpected app termination
or arbitrary code execution
Description: An issue existed in the parsing of URLs.
CVE-2022-42837: Weijia Dai (@dwj1210) of Momo Security
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A race condition was addressed with additional
validation.
CVE-2022-46689: Ian Beer of Google Project Zero
Kernel
Available for: macOS Ventura
Impact: Connecting to a malicious NFS server may lead to arbitrary
code execution with kernel privileges
Description: The issue was addressed with improved bounds checks.
CVE-2022-46701: Felix Poulin-Belanger
Kernel
Available for: macOS Ventura
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
CVE-2022-42842: pattern-f (@pattern_F_) of Ant Security Light-Year
Lab
Kernel
Available for: macOS Ventura
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved checks.
CVE-2022-42861: pattern-f (@pattern_F_) of Ant Security Light-Year
Lab
Kernel
Available for: macOS Ventura
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-42845: Adam Doupé of ASU SEFCOM
Photos
Available for: macOS Ventura
Impact: Shake-to-undo may allow a deleted photo to be re-surfaced
without authentication
Description: The issue was addressed with improved bounds checks.
CVE-2022-32943: an anonymous researcher
ppp
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-42840: an anonymous researcher
Preferences
Available for: macOS Ventura
Impact: An app may be able to use arbitrary entitlements
Description: A logic issue was addressed with improved state
management.
CVE-2022-42855: Ivan Fratric of Google Project Zero
Printing
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed by removing the vulnerable
code.
CVE-2022-42862: Mickey Jin (@patch1t)
Ruby
Available for: macOS Ventura
Impact: A remote user may be able to cause unexpected app termination
or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2022-24836
CVE-2022-29181
Safari
Available for: macOS Ventura
Impact: Visiting a website that frames malicious content may lead to
UI spoofing
Description: A spoofing issue existed in the handling of URLs.
CVE-2022-46695: KirtiKumar Anandrao Ramchandani
Weather
Available for: macOS Ventura
Impact: An app may be able to read sensitive location information
Description: The issue was addressed with improved handling of
caches.
CVE-2022-42866: an anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
WebKit Bugzilla: 245521
CVE-2022-42867: Maddie Stone of Google Project Zero
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory consumption issue was addressed with improved
memory handling.
WebKit Bugzilla: 245466
CVE-2022-46691: an anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may bypass Same
Origin Policy
Description: A logic issue was addressed with improved state
management.
CVE-2022-42852: hazbinhotel working with Trend Micro Zero Day
Initiative
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
WebKit Bugzilla: 246942
CVE-2022-46696: Samuel Groß of Google V8 Security
WebKit Bugzilla: 247562
CVE-2022-46700: Samuel Groß of Google V8 Security
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A logic issue was addressed with improved checks.
CVE-2022-46698: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs
& DNSLab, Korea Univ.
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
WebKit Bugzilla: 247420
CVE-2022-46699: Samuel Groß of Google V8 Security
WebKit Bugzilla: 244622
CVE-2022-42863: an anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited against versions of iOS released
before iOS 15.1.
WebKit Bugzilla: 248266
CVE-2022-42856: Clément Lecigne of Google's Threat Analysis Group
xar
Available for: macOS Ventura
Impact: Processing a maliciously crafted package may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
checks.
CVE-2022-42841: Thijs Alkemade (@xnyhps) of Computest Sector 7
Additional recognition
Kernel
We would like to acknowledge Zweig of Kunlun Lab for their
assistance.
Lock Screen
We would like to acknowledge Kevin Mann for their assistance.
Safari Extensions
We would like to acknowledge Oliver Dunk and Christian R. of
1Password for their assistance.
WebKit
We would like to acknowledge an anonymous researcher and scarlet for
their assistance.
macOS Ventura 13.1 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmOZFYAACgkQ4RjMIDke
Nxk1zRAAuqDsK19ODzl+oIO6xYMDcbiQV/ibvU9uwLtwTR8Y2wLga9V/vaaPTS6z
qRkTivKEfdLMVW8Xlzl1jb+BMS0+dIjYrPAFatU8A5H2A3MLY5Trl9tTs+D8BgQJ
reLRAyR6qJVwu+VMMjgrUxkQliPNYeumrmLwmKJdByYPzv4GLY5bOIf6siUAIJdB
vs2zzcq6+BnoJkS1iYa+Ub5S3bSryR2i8vrSit6PcYBtLKHxUJaK2YBdA8LoqB4J
wenkEaEhyilm0bpyyF0VxDuvOcotqrGa2ikScrik/N/NueMqDi9duo9kKKVia0xa
Gx2cYLNDG10KBmz9w9B8YC6lNa6t7M5zmCYn8TmXTfndd7fCYbYajZNT0WxIYteK
sXYPkVpqEd4KVZxtQ3MfHlx5y4FwnqBkLACnfsNCs4KatbJPEg9Qy9Mn2ymi/9He
UoVt3XnQVhAgGIRV2qezjV9r0rtgnWpSKvFd9LSDcB9F6b/bzRipbxVnqdWCL1If
ymeeEY8BJ7WJnFqgXzRo42+4bp4R67iNH+Z/JjUy/Z7C3f2O66fFZu2pNL1vLILA
Wi/dprF13SjqCIavwWPbVL8UvfaAwBz53y38gwei6eSdsEO383r0XIIKjErGbWm6
hqHq/QKTWHQZqUFj4kUb4Ajw8Qe0j0qSrCLt4Wl11u/0r5hTRyI=
=C5EK
-----END PGP SIGNATURE-----
.
CVE-2022-42848: ABC Research s.r.o
File System
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Pro (all models), iPad Air 2 and later,
iPad 5th generation and later, iPad mini 4 and later, and iPod touch
(7th generation)
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved checks.
CVE-2022-42861: pattern-f (@pattern_F_) of Ant Security Light-Year
Lab
Graphics Driver
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Pro (all models), iPad Air 2 and later,
iPad 5th generation and later, iPad mini 4 and later, and iPod touch
(7th generation)
Impact: Parsing a maliciously crafted video file may lead to
unexpected system termination
Description: The issue was addressed with improved memory handling.
CVE-2022-42846: Willy R.
WebKit Bugzilla: 248266
CVE-2022-42856: Clément Lecigne of Google's Threat Analysis Group
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 15.7.2 and iPadOS 15.7.2" |
|
var-200102-0021
|
WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to cause a denial of service via a large number of GET requests. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. The SOHO 2.2 is a popular SOHO firewall by Watchguard Technologies Inc. In the case of a reboot, the firewall will be in-operable for one to five minutes. If the firewall shuts down completely, it will require a power recycle. In the case of a sustained attack, the firewall can be permanently taken off-line. It should be noted that this attack does not appear in the firewall logs except for a reboot notification. Vulnerabilities exist in WatchGuard SOHO FireWall 2.2.1 and earlier versions. Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability
By Sowhat of Nevis Labs
Date: 2006.04.11
http://www.nevisnetworks.com
http://secway.org/advisory/AD20060411.txt
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
CVE: CVE-2006-1189
Vendor
Microsoft Inc.
Products affected:
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
and Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 for Microsoft Windows Server 2003
Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, Microsoft
Windows 98 SE, and Microsoft Windows Millennium Edition
This vulnerability affects systems that use Double-Byte Character Sets.
Systems that are affected are Windows language versions that use a
Double Byte Character Set language. Examples of languages that use DBCS
are Chinese, Japanese, and Korean languages. Customers using
other language versions of Windows might also be affected if "Language
for non-Unicode programs" has been set to a Double Byte Character Set
language.
Overview:
There exists a buffer overflow in Microsoft Internet Explorer in the
parsing of DBCS URLS.
This vulnerability could allow an attacker to execute arbitrary code on the
victim's system when the victim visits a web page or views an HTML email
message.
This attack may be utilized wherever IE parses HTML, such as webpages, email,
newsgroups, and within applications utilizing web-browsing functionality.
Details:
URLMON.DLL does not properly validate IDN containing double-byte character
sets (DBCS), which may lead to remote code execution.
Exploiting this vulnerability seems to need a lot of more work but we
believe that
exploitation is possible.
POC:
No PoC will be released for this.
FIX:
Microsoft has released an update for Internet Explorer which is
set to address this issue. This can be downloaded from:
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Vendor Response:
2005.12.29 Vendor notified via secure@microsoft.com
2005.12.29 Vendor responded
2006.04.11 Vendor released MS06-0xx patch
2006.04.11 Advisory released
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned
the following names to these issues. These are candidates for
inclusion in the CVE list (http://cve.mitre.org), which standardizes
names for security problems.
CVE-2006-1189
Greetings to Lennart@MS, Chi, OYXin, Narasimha Datta, all Nevis Labs guys,
all XFocus and 0x557 guys :)
References:
1. http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
2. http://www.nsfocus.com/english/homepage/research/0008.htm
3. http://xforce.iss.net/xforce/xfdb/5729
4. http://www.securityfocus.com/bid/2100/discuss
5. http://www.inter-locale.com/whitepaper/IUC27-a303.html
6. http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx
7. [Mozilla Firefox IDN "Host:" Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x17-advisory.txt
8. [Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x18-advisory.txt
9. http://72.14.203.104/search?q=cache:Dxn-V4fil1IJ:developer.novell.com
/research/devnotes/1995/may/02/05.htm
--
Sowhat
http://secway.org
"Life is like a bug, Do you know how to exploit it ?"
|
|
var-201409-0340
|
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue. This vulnerability may allow an attacker to forge a RSA signature, such as a SSL certificate. Mozilla Network Security Services (NSS) The library contains DigestInfo There is a problem with the processing of RSA A vulnerability exists that does not properly verify signatures. Mozilla Network Security Services (NSS) Implemented by the library DigestInfo There is a vulnerability in the processing of. BER Encoded DigestInfo When parsing a field, the parsing of padded bytes is bypassed, PKCS#1 v1.5 Formal RSA Signature forgery may not be detected (CWE-295) . CWE-295: Improper Certificate Validation http://cwe.mitre.org/data/definitions/295.html This vulnerability 2006 Announced in the year Bleichenbacher vulnerability It is a kind of. Bleichenbacher vulnerability http://www.imc.org/ietf-openpgp/mail-archive/msg06063.html Mozilla NSS Is plural Linux Distributions and packages, and Google Chrome And Google Chrome OS It is used in etc. Other vulnerable libraries and products may have similar vulnerable implementations.SSL Certificate etc. RSA The signature may be forged.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. The vulnerability is caused by the program not correctly parsing ASN.1 values in X.509 certificates. ============================================================================
Ubuntu Security Notice USN-2360-2
September 24, 2014
thunderbird vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Fraudulent security certificates could allow sensitive information to
be exposed when accessing the Internet.
Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client
Details:
USN-2360-1 fixed vulnerabilities in Firefox. This update provides the
corresponding updates for Thunderbird.
Original advisory details:
Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled
parsing ASN.1 values.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
thunderbird 1:31.1.2+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
thunderbird 1:31.1.2+build1-0ubuntu0.12.04.1
After a standard system update you need to restart Thunderbird to make
all the necessary changes.
For the stable distribution (wheezy), this problem has been fixed in
version 24.8.1esr-1~deb7u1.
For the testing distribution (jessie) and unstable distribution (sid),
Icedove uses the system NSS library, handled in DSA 3033-1.
We recommend that you upgrade your icedove packages. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: rhev-hypervisor6 security update
Advisory ID: RHSA-2014:1354-01
Product: Red Hat Enterprise Virtualization
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1354.html
Issue date: 2014-10-02
CVE Names: CVE-2014-1568 CVE-2014-6271 CVE-2014-7169
CVE-2014-7186 CVE-2014-7187
=====================================================================
1. Summary:
An updated rhev-hypervisor6 package that fixes several security issues is
now available.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
RHEV-M 3.4 - noarch
3. Description:
The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization
Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor
is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes
everything necessary to run and manage virtual machines: a subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.
Note: Red Hat Enterprise Virtualization Hypervisor is only available for
the Intel 64 and AMD64 architectures with virtualization extensions.
A flaw was found in the way Bash evaluated certain specially crafted
environment variables. An attacker could use this flaw to override or
bypass environment restrictions to execute shell commands. (CVE-2014-6271)
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. (CVE-2014-7169)
A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One)
input from certain RSA signatures. (CVE-2014-1568)
It was discovered that the fixed-sized redir_stack could be forced to
overflow in the Bash parser, resulting in memory corruption, and possibly
leading to arbitrary code execution when evaluating untrusted input that
would not otherwise be run as code. (CVE-2014-7186)
An off-by-one error was discovered in the way Bash was handling deeply
nested flow control constructs. Depending on the layout of the .bss
segment, this could allow arbitrary execution of code that would not
otherwise be executed by Bash. (CVE-2014-7187)
Red Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271,
and the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges
Antoine Delignat-Lavaud and Intel Product Security Incident Response Team
as the original reporters of CVE-2014-1568. The CVE-2014-7186 and
CVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product
Security.
Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package.
4. Solution:
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
To upgrade Hypervisors in Red Hat Enterprise Virtualization environments
using the disk image provided by this package, refer to:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/ht
ml/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Ente
rprise_Virtualization_Hypervisors.html
5. Bugs fixed (https://bugzilla.redhat.com/):
1141597 - CVE-2014-6271 bash: specially-crafted environment variables can be used to inject shell commands
1145429 - CVE-2014-1568 nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)
1146319 - CVE-2014-7169 bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)
1146791 - CVE-2014-7186 bash: parser can allow out-of-bounds memory access while handling redir_stack
1146804 - CVE-2014-7187 bash: off-by-one error in deeply nested flow control constructs
6. Package List:
RHEV-M 3.4:
Source:
rhev-hypervisor6-6.5-20140930.1.el6ev.src.rpm
noarch:
rhev-hypervisor6-6.5-20140930.1.el6ev.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2014-1568.html
https://www.redhat.com/security/data/cve/CVE-2014-6271.html
https://www.redhat.com/security/data/cve/CVE-2014-7169.html
https://www.redhat.com/security/data/cve/CVE-2014-7186.html
https://www.redhat.com/security/data/cve/CVE-2014-7187.html
https://access.redhat.com/security/updates/classification/#critical
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFULad7XlSAg2UNWIIRArccAJ95pkvG2fyfrI6g4Ve/+fAdnbQq2QCffmYR
IH3VLRMcNTi5Gr1GmWlBiFg=
=DD5a
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-200904-0800
|
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file. Xpdf and poppler contain multiple vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Xpdf is prone to multiple security vulnerabilities. Failed exploit attempts will likely cause denial-of-service conditions.
These issues affect multiple applications on multiple platforms that use the affected library.
The updated packages have been patched to correct these issues.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SUSE Security Announcement
Package: cups
Announcement ID: SUSE-SA:2009:024
Date: Wed, 22 Apr 2009 13:00:00 +0000
Affected Products: openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE SLES 9
Novell Linux Desktop 9
Open Enterprise Server
Novell Linux POS 9
SUSE Linux Enterprise Desktop 10 SP2
SUSE Linux Enterprise Server 10 SP2
SLE 11
Vulnerability Type: remote code execution
Severity (1-10): 8 (critical)
SUSE Default Package: yes
Cross-References: CVE-2009-0146, CVE-2009-0147, CVE-2009-0163
CVE-2009-0165, CVE-2009-0166, CVE-2009-0799
CVE-2009-0800, CVE-2009-1179, CVE-2009-1180
CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
Content of This Advisory:
1) Security Vulnerability Resolved:
fixed remotely exploitable overflows
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
______________________________________________________________________________
1) Problem Description and Brief Discussion
The Common Unix Printing System, CUPS, is a printing server for unix-like
operating systems. It allows a local user to print documents as well as
remote users via port 631/tcp.
The first one can be triggered by a specially crafted tiff file. This
file could lead to an integer overflow in the 'imagetops' filter which
caused an heap overflow later.
This bug is probably exploitable remotely by users having remote access
to the CUPS server and allows the execution of arbitrary code with the
privileges of the cupsd process. (CVE-2009-0163)
The second issue affects the JBIG2 decoding of the 'pdftops' filter.
The JBIG2 decoding routines are vulnerable to various software failure
types like integer and buffer overflows and it is believed to be exploit-
able remotely to execute arbitrary code with the privileges of the cupsd
process.
(CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799,
CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182,
CVE-2009-1183)
2) Solution or Work-Around
none
3) Special Instructions and Notes
none
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST
Online Update (YOU) tool. YOU detects which updates are required and
automatically performs the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually
and verify their integrity by the methods listed in Section 6 of this
announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing <file.rpm> with the filename of the
downloaded RPM package.
x86 Platform:
openSUSE 11.1:
http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debuginfo-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debugsource-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/cups-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/cups-client-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/cups-devel-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/cups-libs-1.3.9-7.2.1.i586.rpm
openSUSE 11.0:
http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debuginfo-1.3.7-25.8.i586.rpm
http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debugsource-1.3.7-25.8.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/cups-1.3.7-25.8.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/cups-client-1.3.7-25.8.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/cups-devel-1.3.7-25.8.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/cups-libs-1.3.7-25.8.i586.rpm
openSUSE 10.3:
http://download.opensuse.org/update/10.3/rpm/i586/cups-1.2.12-22.21.i586.rpm
http://download.opensuse.org/update/10.3/rpm/i586/cups-client-1.2.12-22.21.i586.rpm
http://download.opensuse.org/update/10.3/rpm/i586/cups-devel-1.2.12-22.21.i586.rpm
http://download.opensuse.org/update/10.3/rpm/i586/cups-libs-1.2.12-22.21.i586.rpm
Power PC Platform:
openSUSE 11.1:
http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debuginfo-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debugsource-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-client-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-devel-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-64bit-1.3.9-7.2.1.ppc.rpm
openSUSE 11.0:
http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debuginfo-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debugsource-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-client-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-devel-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-64bit-1.3.7-25.8.ppc.rpm
openSUSE 10.3:
http://download.opensuse.org/update/10.3/rpm/ppc/cups-1.2.12-22.21.ppc.rpm
http://download.opensuse.org/update/10.3/rpm/ppc/cups-client-1.2.12-22.21.ppc.rpm
http://download.opensuse.org/update/10.3/rpm/ppc/cups-devel-1.2.12-22.21.ppc.rpm
http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-1.2.12-22.21.ppc.rpm
http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-64bit-1.2.12-22.21.ppc.rpm
x86-64 Platform:
openSUSE 11.1:
http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debuginfo-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debugsource-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-client-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-devel-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-32bit-1.3.9-7.2.1.x86_64.rpm
openSUSE 11.0:
http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debuginfo-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debugsource-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-client-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-devel-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-32bit-1.3.7-25.8.x86_64.rpm
openSUSE 10.3:
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-1.2.12-22.21.x86_64.rpm
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-client-1.2.12-22.21.x86_64.rpm
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-devel-1.2.12-22.21.x86_64.rpm
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-1.2.12-22.21.x86_64.rpm
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-32bit-1.2.12-22.21.x86_64.rpm
Sources:
openSUSE 11.1:
http://download.opensuse.org/update/11.1/rpm/src/cups-1.3.9-7.2.1.src.rpm
openSUSE 11.0:
http://download.opensuse.org/update/11.0/rpm/src/cups-1.3.7-25.8.src.rpm
openSUSE 10.3:
http://download.opensuse.org/update/10.3/rpm/src/cups-1.2.12-22.21.src.rpm
Our maintenance customers are notified individually. The packages are
offered for installation from the maintenance web:
Open Enterprise Server
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
Novell Linux POS 9
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
Novell Linux Desktop 9
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
SUSE SLES 9
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
SUSE Linux Enterprise Server 10 SP2
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a777264f13a7d9d882a7d024d831be1f
SUSE Linux Enterprise Desktop 10 SP2
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a777264f13a7d9d882a7d024d831be1f
SLES 11
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLED 11
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLE 11
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLES 11 DEBUGINFO
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
______________________________________________________________________________
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
______________________________________________________________________________
6) Authenticity Verification and Additional Information
- Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web
sites. The authenticity and integrity of a SUSE security announcement is
guaranteed by a cryptographic signature in each announcement. All SUSE
security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file
and run the command
gpg --verify <file>
replacing <file> with the name of the file where you saved the
announcement. The output for a valid signature looks like:
gpg: Signature made <DATE> using RSA key ID 3D25D3D9
gpg: Good signature from "SuSE Security Team <security@suse.de>"
where <DATE> is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can
import it from the first installation CD. To import the key, use the
command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
- Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the
world. While this service is considered valuable and important to the free
and open source software community, the authenticity and the integrity of
a package needs to be verified to ensure that it has not been tampered
with.
The internal rpm package signatures provide an easy way to verify the
authenticity of an RPM package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, replacing <file.rpm> with the
filename of the RPM package downloaded. The package is unmodified if it
contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on
RPMv4-based distributions) and the gpg key ring of 'root' during
installation. You can also find it on the first installation CD and at
the end of this announcement.
- SUSE runs two security mailing lists to which any interested party may
subscribe:
opensuse-security@opensuse.org
- General Linux and SUSE security discussion.
All SUSE security announcements are sent to this list.
To subscribe, send an e-mail to
<opensuse-security+subscribe@opensuse.org>.
opensuse-security-announce@opensuse.org
- SUSE's announce-only mailing list.
Only SUSE's security announcements are sent to this list.
To subscribe, send an e-mail to
<opensuse-security-announce+subscribe@opensuse.org>.
=====================================================================
SUSE's security contact is <security@suse.com> or <security@suse.de>.
The <security@suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular, the
clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever
with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2 (GNU/Linux)
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
=ypVs
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSe8qrney5gA9JdPZAQI4aQf/e938Hr+O1QYi9y5cm9ycOcaFHWx0oZED
yyOc4lUYZrb7qjmErPHfpoMR9c2XZlmESwKY0RZjddxe+vINDrOcMuI4nrp12ObP
uYvSAAz3xgpXzVtW5B/90ihHJAqHAnwOsdO8adt6PtKCt7T2gMPuQV0RSz3BRy//
qtBHDNyTBRPK7ex/YKUyQAbNENQUa3r9BaHpTHWjscfCoQch4Wz5hmLKv/n7eYdj
CFetsr6zu3hn3isKD8EPTIMbkpaYBMxp53UnNiRmVRy0Gb7zlBz5ByYQaYY+YKf/
OZ+ZHRTuDsNbAT03QtkvML3yqr3Yobb39DFa+cSsH2c9xTdwWdzSAg==
=ZnS5
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ===========================================================
Ubuntu Security Notice USN-759-1 April 16, 2009
poppler vulnerabilities
CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799,
CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181,
CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libpoppler1 0.5.1-0ubuntu7.5
libpoppler1-glib 0.5.1-0ubuntu7.5
Ubuntu 8.04 LTS:
libpoppler-glib2 0.6.4-1ubuntu3.2
libpoppler2 0.6.4-1ubuntu3.2
Ubuntu 8.10:
libpoppler-glib3 0.8.7-1ubuntu0.2
libpoppler3 0.8.7-1ubuntu0.2
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that
poppler contained multiple security issues in its JBIG2 decoder.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.5.diff.gz
Size/MD5: 21822 ee2672a9c709fc45bba20251d742228d
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.5.dsc
Size/MD5: 1734 417df81720e8d5ee948378e46344266d
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1.orig.tar.gz
Size/MD5: 954930 a136cd731892f4570933034ba97c8704
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_amd64.deb
Size/MD5: 728824 02bafb241059bb00d7dd179a7b3f87f8
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_amd64.deb
Size/MD5: 57680 5e71a261e7d45ac974ba5339e83fa1f0
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_amd64.deb
Size/MD5: 46832 b26c23473c2f7fbd5772a2293e728bd4
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_amd64.deb
Size/MD5: 52460 fe6720f5744cb5dc4c364cd261debe61
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_amd64.deb
Size/MD5: 43064 04aaf723c5840483dce9c9419514f119
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_amd64.deb
Size/MD5: 545476 c2026df404f7454ea0f88bc5a13adcbb
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_amd64.deb
Size/MD5: 100770 05bc58055d3c0300a21e586f1a1d9d6f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_i386.deb
Size/MD5: 660556 c03de988993f8e6ed1a70f51dc5c0b85
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_i386.deb
Size/MD5: 54376 f4dc07023877e1b401b5bfcc6f449f0e
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_i386.deb
Size/MD5: 44844 c3546e678a1e15a402117fc651ef0adb
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_i386.deb
Size/MD5: 50346 70b487ce1c48eb9bdf54bb7a6a48ebb8
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_i386.deb
Size/MD5: 42032 2c4464ab324a0487a1d2d0320dfe5bf9
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_i386.deb
Size/MD5: 504680 a33ec9d754e2fa60613433c6360e8852
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_i386.deb
Size/MD5: 93734 672f71f41022667bfafd3cfc35a2d8d5
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_powerpc.deb
Size/MD5: 768550 6a4ee0ca5f076dde8095d69676069673
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_powerpc.deb
Size/MD5: 59710 5e6283468477fbccd2d35a03bb16b8e4
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_powerpc.deb
Size/MD5: 46982 0a24e869e3271baa354347e890ba094b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_powerpc.deb
Size/MD5: 53716 ca80ec1ce07d2f80ce72f053328c909f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_powerpc.deb
Size/MD5: 44322 b52d2a5e9f69b16ee6d943b6ec0f3681
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_powerpc.deb
Size/MD5: 551552 0bd6cd9e525e8e36f9eee210950a7ae9
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_powerpc.deb
Size/MD5: 105340 1d853eb7bc4d4942bc0711eca7fce7e9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_sparc.deb
Size/MD5: 689740 faaa3864bd2adfb03cfdaa97c1d48319
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_sparc.deb
Size/MD5: 56040 1c5727ec6910483ffe1b20fc0ee36bc0
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_sparc.deb
Size/MD5: 45534 dcb43680133e29aa8079431a11351f12
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_sparc.deb
Size/MD5: 50792 c37cb4dbcff7bedcde1f580324114122
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_sparc.deb
Size/MD5: 41792 ce947a407a81d27fb3f57759f1d65f8a
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_sparc.deb
Size/MD5: 516936 d2531d698776d806c337a64fb08a7a24
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_sparc.deb
Size/MD5: 93294 7f2affbaa297a4ac7187a4b22637c50e
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.2.diff.gz
Size/MD5: 17557 9956cc0feade9f57e318b5bfdccdc4d1
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.2.dsc
Size/MD5: 1191 d8a44cb7ba34a831de069bd443674f2a
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.orig.tar.gz
Size/MD5: 1294481 13d12ca4e349574cfbbcf4a9b2b3ae52
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 894720 77f633ead72bc1dab33d6a8070f9ba13
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 109116 eb8bdbe2378e703991451e68ba383904
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 54834 3a7d5fc5a01c1b9d7dc2be64308c8d62
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 45612 88fd64b195260ca983e7d43b07e390ae
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 25526 e12cf3455212e63cc1e038f96f99c88a
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 146700 af75603f105efd14c1b02f14963c3d34
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 200830 3be91ed2b26826fb05a743dcf3d72451
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 647120 fcebc612ebfb30bf448ee7b933f3edd7
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_amd64.deb
Size/MD5: 79032 d064240469a5fbbaf36337ff986c279b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 838872 9a493778231377e881330829aed9e699
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 102856 cdcd1e4723a89f4e1323cee86d7d80fa
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 52338 2adc861c0df4bebc596a5dcb03718315
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 42010 5cdd1f923759c1994f8d80704c146d4c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 25052 c2d49f200955755334b69d5a37d66895
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 143524 32f70c716ca24e23edbb1e5924539fd2
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 189408 c29f8901fdce5a0f57a9cb065f9ff1af
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 621946 5cace5c938fbe9d8d8bd118be900a92b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_i386.deb
Size/MD5: 73694 54cb7ac393b179086a4acd9ddc3cd905
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 859272 95b9dc7995dcf151aa121b65981f2dff
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 103808 bc83498bf086f011403f0a134f328f38
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 52598 1bbd83ca4051ebb24bd868dc693392a0
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 42440 5cd495884ee2ae1e9a4b79e705f7c93e
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 24800 266f88db5b42dcb94278b88f4c0826ae
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 145068 7afffd22188dae40a39619f1d1aa1bc6
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 190710 0e5622fd37fdc7c843be8ba11b3040f6
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 635616 5ccd9d05916c38e1605d80bebc4cb2c4
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_lpia.deb
Size/MD5: 74708 3a703841d66a5bf44b46cf48a6894d03
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 956650 018a8af8ddafcf05943faeac06bedd3d
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 115806 b1529f575c949c2d6583629bd8d37c4c
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 58450 650386a0cc9c7159efa0b928a1a89700
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 45538 4b602025e65e9780a2ba7d011c835b6b
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 28860 509df8d62136b867dc220f81edff6338
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 152692 9637c628b9111dbe9894ddaf79e8dc40
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 208860 5c2d657a5cb8b3d48d3ae313bde8c89a
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 682708 42e6c86a4e096c09159c9afa7a63d8fe
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_powerpc.deb
Size/MD5: 94440 d9d0ad1f5d57864d93ca5701a7a8159e
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 859434 c8c968ec2fadf9d79930adbe82456494
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 104150 0d3adc8f783a0e8b279b12998455d0ab
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 51414 995a2ad8cc3b87493392ef0242b6f946
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 41422 fbd7d3dddaef15fa79658ca138effb39
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 23900 b7d5b2acff322f4851720e509d729efc
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 145336 1af69f410bf023e5e9b8e2dcfadf47dc
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 192594 090a4e5d9f508209aac5d8b23655abc9
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 630572 88fb1279950befc44aa3c0807e67e3e6
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_sparc.deb
Size/MD5: 72996 2fb8dadd275f0f53c3a95c0593afed9a
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.2.diff.gz
Size/MD5: 18843 e2d09ee9d90d327212bec87804d90265
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.2.dsc
Size/MD5: 1600 b75e9b1fcb0f3745cf3116b74aea82d9
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7.orig.tar.gz
Size/MD5: 1469587 9af81429d6f8639c357a5eed25583365
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 966242 6f6cb37e5bd6a49c9f0c22b490e285ba
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 123224 2fda4eb60652c3d15cc27295e2458c29
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 64122 3686ab6935365d008fab4c2af6cf13b9
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 47432 d2a40ee897a569f5e4a009bfc0fa2a58
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 25634 b1e0a2f742c4606875c48a6ec18f8f47
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 159060 ff062d8f9570abd3fdb115634c44e218
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 221316 eece0a0c1b5e1df3807a67a31803dd06
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 694472 bcba4f632dadc9667622e6a328650630
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 3010340 8286ca2bbd3889a2a33d73d93f02a909
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_amd64.deb
Size/MD5: 79510 94e74ec03e257dc25f6317eb31b10a8d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 899730 58af3f0799ac6bb90be401c57bcf4347
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 116042 124e0a697a9bd0efabd4bc8d9defec75
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 60960 b5b4232fb307dca0059ce18a4c3fca99
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 44248 5c9350ce672fe85f1fa1e66883e4199a
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 24982 79c4101c39e3f02f2dd0a54a041d5ea8
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 157484 3f63fdc1dd2d892f52003345d7d8dcfc
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 207238 39283f443a396487f8528286fdf1cb18
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 667526 ea020610b90389ea1bcdf82ee7fe01f9
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 2923292 27ae061875a6a1ceb3a13441db372677
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_i386.deb
Size/MD5: 74880 ee2d2abe02acd27ce13fed13ccbce0a3
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 919118 a83374b620e00264407296f579b0548c
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 116666 1c08e6a53b66a948f529e3177fabaefa
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 60938 d2f38eb926826883d651211913b8b2cb
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 44492 0426c36b92c70c950e74c3bf68876e9a
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 24642 bb5fa901ab47e008de3bdd9f6251f60a
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 157960 b55e5bcad635f4ac94fa357a9a2c8575
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 206984 8283809c638c1d7066a68f36758f6d94
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 677578 b448c5cb4f08e46c1b431e2481c66352
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 2955400 9ecef1af0bf52940be2e12ae17b949aa
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_lpia.deb
Size/MD5: 75868 34aa6515643f0f66f32bb9dcd7f0a876
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 1028420 278655a5a31b50093ebbd185adff5faa
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 130934 229a04497213f731752fe05575ee8815
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 68654 09ec34fc785d5769556226502399391d
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 47702 0088fd41a51480e81dfaef4a14270648
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 28480 fa340df42efe8084892fc7c2313a4b8f
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 163314 44d9561205bbeb66beeefa6cf0fdcf74
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 224374 9dd31f95a8907cca6d0cbccfbbd598aa
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 727622 5cabcdf6871d0a227ce07a6b023866ae
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 3103848 e91e2c97387cec5501e506a6c207c6f9
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_powerpc.deb
Size/MD5: 92476 78062e0b827c00df87316a269be3c34a
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 922376 2e63ae9a566aba990b0640d2444006ee
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 119570 6b293091030d45fa6c1bbe55c6872ae7
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 60760 3d03ff89ed7abd54add409390d290a31
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 44072 51a729a6a171b5177e8d5c7d0ce4db03
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 23882 35bfdcfa52d8c9de0d53aee686be574b
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 156180 50f88e2842f028230dc39c75e7eae7ce
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 211922 f691ed631e29966dc3456d40f68310e9
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 674560 9260e9b69be74bed00147c89e1d7baf7
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 2871332 11739833f2d4cc07d786f38b701c69c4
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_sparc.deb
Size/MD5: 75294 997f050aa9d4a53bb6ec015d15cbf6ea
. Xpdf is an open source viewer for Portable Document Format (PDF) files. There is an infinite loop vulnerability in the JBIG2 decoder of Xpdf. (CVE-2009-0165). NOTE: some of these details are obtained
from third party information. NOTE: this issue reportedly exists
because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603). NOTE: this may overlap CVE-2009-0791
(CVE-2009-3605). NOTE:
some of these details are obtained from third party information
(CVE-2009-3607).
This update provides fixes for that vulnerabilities.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
0b4c544fea742c847cb56b9fbc33f412 2008.0/i586/libpoppler3-0.8.7-2.4mdv2008.0.i586.rpm
b991aecb282a882f6ee5640bcc832e5d 2008.0/i586/libpoppler-devel-0.8.7-2.4mdv2008.0.i586.rpm
afe27149192bdca20b911965febc5ee2 2008.0/i586/libpoppler-glib3-0.8.7-2.4mdv2008.0.i586.rpm
379d7bdd3dde6cbf9bd43c7b9e2723c3 2008.0/i586/libpoppler-glib-devel-0.8.7-2.4mdv2008.0.i586.rpm
d7f58c500ff93f75998e1a0ba8e05c9e 2008.0/i586/libpoppler-qt2-0.8.7-2.4mdv2008.0.i586.rpm
64a5f31e3feb593c1ce0be10a24aec43 2008.0/i586/libpoppler-qt4-3-0.8.7-2.4mdv2008.0.i586.rpm
5e3182c22daabbf93056b8a94545fbd9 2008.0/i586/libpoppler-qt4-devel-0.8.7-2.4mdv2008.0.i586.rpm
9eaa15826e2ab184de24cf0b1aeda2e6 2008.0/i586/libpoppler-qt-devel-0.8.7-2.4mdv2008.0.i586.rpm
53fa179984dc9c0442292a77bab496b0 2008.0/i586/poppler-0.8.7-2.4mdv2008.0.i586.rpm
c8146a94a038650fc5a1704196b1b087 2008.0/SRPMS/poppler-0.8.7-2.4mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
ebde9bf055ba6854f7348da4dd2ba7b4 2008.0/x86_64/lib64poppler3-0.8.7-2.4mdv2008.0.x86_64.rpm
c200ff892641cebd5e49ebc2d05fb1c0 2008.0/x86_64/lib64poppler-devel-0.8.7-2.4mdv2008.0.x86_64.rpm
6ee35af2904995be70a1d83adc2a2d86 2008.0/x86_64/lib64poppler-glib3-0.8.7-2.4mdv2008.0.x86_64.rpm
a4ad93d7caf1bfaa25f1e511da8c9208 2008.0/x86_64/lib64poppler-glib-devel-0.8.7-2.4mdv2008.0.x86_64.rpm
86205b42fd719dd722799de7f215d021 2008.0/x86_64/lib64poppler-qt2-0.8.7-2.4mdv2008.0.x86_64.rpm
523f9debc4c5db056eb5484aa066960e 2008.0/x86_64/lib64poppler-qt4-3-0.8.7-2.4mdv2008.0.x86_64.rpm
79a6a65ada1a4e4573d9ca50ea1995f0 2008.0/x86_64/lib64poppler-qt4-devel-0.8.7-2.4mdv2008.0.x86_64.rpm
ea0e41c890b571f6bbc217983aa2f3ec 2008.0/x86_64/lib64poppler-qt-devel-0.8.7-2.4mdv2008.0.x86_64.rpm
2086f89f02c674a8428f9d88d9e3c8d2 2008.0/x86_64/poppler-0.8.7-2.4mdv2008.0.x86_64.rpm
c8146a94a038650fc5a1704196b1b087 2008.0/SRPMS/poppler-0.8.7-2.4mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3.diff.gz
Size/MD5 checksum: 432182 2053275597413021f87e328af7f43d0f
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3.dsc
Size/MD5 checksum: 1536 57806c433333025933014631c41e518a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5.orig.tar.gz
Size/MD5 checksum: 9012930 944e16dde53ffdb8c25a90d951a9d223
Architecture independent packages:
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.5-3etch3_all.deb
Size/MD5 checksum: 156348 10d47436c7ad315663e54f5bef6956fe
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3_all.deb
Size/MD5 checksum: 19940 c4a51eb3d3eaf0de3e401e66d77093dd
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 82940 279fe5e4b03666f881f1a9d53fc49be9
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 198562 ee1af15d9d521f7508eda61000500330
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 856558 319b936aa8bbf8b2e7f38b16871d504c
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 780850 34e264cffbc7acec902cd985c1580d82
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 1146416 948e35d1a8c6a39b63ad036c8ac4807b
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 114074 a9ac69d9ffbdcc89146f990b16fcdc81
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 509372 cb5a8055bc0af7cbf33566d8147330fc
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 251380 4503f766d0a0fba671df9c45b632d6e6
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 255340 9b7321ad4b356ce7024bf9044c3ac0e0
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 887210 61802ba3026c338444c39e90daa2cfc8
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 152524 fdca706a9c72c744347851b3b1dabab8
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 19778 46e1c53f720d1113d760de97d7959e14
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 119238 9502ccbf2d0c6138758223ad4be3e602
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 439306 761c97f184e4b5b5f6561217f304cab3
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 67738 3329566f1606c4a5b22876d2e0b43f64
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 97698 1d545e748c4c87f690fa5b97d15faf43
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 100252 50b05eb39a39bf9ce9088d4082b169b6
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 179954 89023dbb012658381c434e6d3b7bf701
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 329172 77265d59ebfaa8c0fba02bcbae5e5cb5
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 153144 c23d64d5d6b3003c3f981888f5e3b555
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 34302218 2ab32f3faab33ad6777055cc60809084
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 2374958 14c5f1b7af6dd98e6e8c742e544d4cbc
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 548672 f2f2cd6115df10055485a49ba026b7a7
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 1365378 5ea34f18f684eac4c47b7883316ec002
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 1221106 7064667752a9ba80fbb01ebc97159f59
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 1100682 51a7a1d62eaae040b089e5044e9a2171
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 499030 84d8d310e996083df53e67708abe71f1
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 149576 50488742c48273f9c487a38c1aacd018
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 243014 0b9688f7dd1d7ba64f17cbe2b750a3a4
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 292926 071bce4faeaf81992111cc71ad31b50f
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 111860 b38ef5ee22f8b4a99e3c54cebccd35f5
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 109344 eb13d634f9546fab21444ecbbc2c72a2
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 240432 14a1facecfe3fbd543733814a8dd9940
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 768332 7475be7d9f5dcb52d354f3087cae44ce
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 540444 23fc287b643cd057027ed6c3c3892c06
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 423860 b4bac054eb6c187f06658f686ffc284a
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 2290492 91008033d6ea0404baad997d070d8499
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 93608 73239125281fd9ab71e0e2c003f64c16
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 829848 cf8f0faecff0e9cb457d8e7876c5cb3c
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 144850 0523fe801015d735b533ebeb1d42af0b
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 19770 c15b3117e8f9d3ebad285f6d9fd30369
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 25829340 99731d961c5da4b33206b5d8e5ee6e65
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 176602 c4d728cff49c6378eedd7e6d51f08d89
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 792056 4bc31d4602b1f388176d679342e3b2e9
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 80366 595d9816ff2496d6107b300dad1d00a1
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 69172 a010e8f0752195840577f74225d4b8c1
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 184414 82a45153191311a867e8987b6856ac3a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 102092 49474d1629a1a8ae7f4440af50eeb386
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 557078 f93de4d9f6491d01219db0c8824c5995
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 1427090 89ecc1a0f7237c37e05301e357c920a7
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 178114 7b29a4e451f3baa76c3c8d31df45092e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 101166 ab806cba6cc35d39fb99e4d9ecd5e623
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 111690 23250e8035e9a0f49d240adf4fd8bed0
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 190006 b1843a4fbe215c53099147bb4f5a499c
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 257218 140d3302cce2559f5bccca89d5d9c201
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 114510 5a914c1e0d2c44214bbfebac69e08f28
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 509576 a005951109ac32f9b3584328779f539b
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 1140932 d21a86fecc36400d19a5de668cb64113
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 67148 f837bc6a3e66a9d099a5b4665ec075de
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 19784 306bb35c95f55610ef54d4ac33b3d48a
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 150288 25372b68f1f04ebc7292399a82e6494b
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 860146 350bf86e1b9f1fe54f0d680c28dfc5d3
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 890216 45cadf66a4ba3ade00599a5424e31488
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 84352 38c1b63ec876bc1c7784fc115c42463b
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 97706 1fa7077224617b0c5316b2c650ce11f7
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 26248636 8fdef26d69949764e5622f092680e37e
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 445242 955cf320ee94cfff3d5dc57a32c3c960
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 152216 13ca704189205e2cb60d111e4570f6e6
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 316704 c474d130f7ab6238079c760b89b6fee1
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 253848 790ad439aa7bf2ff386cb95f30fd7dfe
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 769756 efb373759e1a813f330c57f570ade3ad
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 2454094 159ffc0522b53414294b36ea2e9c829d
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 785190 14ddfe9a0d86cc8b93506d9202ebb242
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 103970 621234e9a9ce4a2241375c4ff8407b23
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 146376 4c1747c88b264290e38ada6514218775
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 108272 9394db8868121992889a43502841ad84
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 234612 d04cd6cecb73f366e88b7aa483241e4a
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 68122 885186d94cd806016d01d88e9fc82c0f
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 135552 68aaf8c0424a3e25594360ab58ea60ec
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 532588 8bc752bdbd54e298afd3f37a20f56d18
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 262490 a07ac3d740f874006b7e7194f5719e28
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 173904 80757bd6f6f56c4abd597accb87eaa06
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 90496 363d4446a465d740fd23c728469bcab1
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 177684 d508e51f067f10665f1edb78c8871c29
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 2228302 61201ff71df3528e30ddf66af532b604
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 401376 870948b3120613ab4b13cfc8bcfe33b7
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 223606 4f5e08323a73c2b5f100dac01c949d47
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 493804 569e64088add9c21e567b94b14372315
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 78866 09ccb537e64fbdbda588562666f8c5b3
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 19774 d1fb6a85662301ba752d8381c138270a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 25359080 c907475dd78c8f69d8c099d140689ce7
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 758452 1dd0cf90b6f07059456eadc0cdf75a5d
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 745290 1cc39477c0ba3f8dd36346cdd8136033
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 102640 084fb69239a6e3a7d226f403153052f1
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 1074930 44e0e1869192fcb275e5e46b0aa9517b
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 1221078 e3b837e7596791b4da1377770822e122
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 73408 f6c137631b46af9aeb03ef7dc557e4ae
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 1471968 9131e67370a77e3806bbe0b919e1c3c5
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 220710 87a5463ac72906486a2b61c63a0d53db
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 291172 9247413922248b0eb5857e2614a39770
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 179016 0a214cb3c31f671bbe9a1f2d02c4eb2a
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 126772 36898efcdac049a8b923bd96485fa2c4
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 110466 f32a799db30d10fe0d313c8262295681
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 187896 a53bd37b6cd540610fc083f1328357e5
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 93782 bfc47bf81b97d8ee8be88c67a296a6e5
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 1120834 26b9f4873159ca602d18e45fd6c1b01e
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 2666616 1649d62de1f45e635a6d761694728d35
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 811332 f79b79ad7a99264c46c2d1e139ecf6f9
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 19774 f6a8d49b4d5eb2c43265af3a6ee973ac
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 1255290 30cb556975cb30d8164ff32ccd844dee
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 290436 f6845967d61901acd012d9a12f2e4f20
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 129184 040328f294b680724ca530e6149502fd
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 533796 1b89fd4d86619aebf1609232f2f077cb
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 25336890 686b93159840f28ffdce7e5e82f08660
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 100236 3af187da099b7aca0334955984b99f2d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 603830 7905bac6125e1fd01d1e74a18456d71d
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 166168 a4acdefd377c2a1cc6fa1938cdcfab79
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 487248 068a09550168dc89a4a0428b6c602392
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 1060540 eff88d6d0eb489a6f4a68787c2541ef6
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 391544 ba2c14c80e15590f2cce94e4f2cb85a2
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 1140412 183b91083f50b9ecd20196a19b17a19e
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 1131892 697dca14c8d94da8622322da6d3f1a5d
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 224632 18c48a36ac6629e9f4d0000b9a4e3b21
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 106302 ef9532eec779bb232b8deb8e03c0d660
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 519186 134af4a9d045880db1a50b65f9414502
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 188952 d60afec10dfdf6157e63699051228a64
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 754164 a8b24bb88ad52bac0ff4a06e40fed131
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 484610 ec756e2ffdf5a487c28c18fb27cbc296
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 767296 d526803bc8c09994edd1eb2a05263301
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 111414 0aeab8e50e1253f5099d4b1a603110d0
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 102602 0c57ec0a1b067b1918550c173b6b21a5
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 395164 83d122b792d35de525d7724056b5b39b
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 19776 3f2b0a6019e3c490e8eba7824ad0daa7
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 65262 5b48ff15fc2cfb2228813ed2522043a1
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 258664 04ab740de032ab6a15d230060edb0d07
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 26688298 399b3ace615307b865d2ac7b28602314
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 148536 a89b71306d1c2439a8b4f4ea09641fdd
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 211842 cd1b7934b50965cd91987642432bc7df
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 85204 7a5398cf57ac5df20abd9b91e8ceb77f
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 746558 4bffaca1db892452457b347155490cba
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 2106260 242385ba891ff767369dfa0e553166e0
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 128312 655cf40af6ae1d9107c64c77ba31fb34
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 74840 e47588f9745762c725c78ec8df2f3a81
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 178492 fbc899ad97cc13e1b693b17017d2e0f9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 765926 66ac1d44f36f66f5fc64aced39103018
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 126342 2df55ff9ded124c6c4bdd8563caca849
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 65136 adeb54549cbf126af571280665ce91b6
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 188586 2184d4314971c76ca2036b5d08a7dcf0
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 517384 a564f7c7950337b46a5a3a3e149fdad2
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 100260 2051cc2952825a122c8a715e86dfd6d2
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 2091724 ec2d2ef066fd31399b2e68fa0a50e7c3
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 392068 5a46b0ec571b097850d737294dceade9
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 25821848 62f1b3c168ca0900cbc1e5fe91cb677e
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 148710 c47307bd43cce7a5c1916320cb5ba4cd
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 86010 456bc6b22580b6648ce45245d22ceed2
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 111438 eaad2c8bf2fb34160ea6cc15468ad8e3
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 177088 99467b0da643b13132fe39ce7f2e5a67
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 740870 ea9e815617e440490f79ba1bd9ace8ed
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 483584 225a1ee8ee0d0afd0790c09e2294602d
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 212046 978663fa001e40d159ac1003ca78f053
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 1106774 19a1d2cda4d5fcd5eb558a7ee1028c6b
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 107066 44bcfffcfaa4823cf7d590c016122460
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 223106 4be634e792cfae60f42063d4e00d07ec
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 262140 c88c8c912d26c5a90c140801471ae7e5
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 74882 b6825dd8a5ad1bf35123b1d0270f3e6f
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 743422 05848461c45b05bbf753d01b144903c8
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 19782 a87762a1c50fe7e358fa22036f72e1a2
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 1124846 f1984135dc5a75073ed9e840d6b86cb3
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 66434 5d7e6b9b3895069df8fbd4a768c2d4a7
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 19786 a9c97bde6ab30865ebeb593c8acec132
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 26599596 027c80f613185fa622c93e95250c697c
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 786912 b5e0b40caa836f2a74a64e6266e8c49c
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 134132 162ffae039b9e5283ee21445c472351b
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 90144 30d8dcc2e081b974234e6aa433e610ec
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 174226 48af80e053d76475082ff1cbec398208
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 765332 079f6eef570f24e529c9b69fb91bace9
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 2202446 4d47bdad70794e3c882fc4296d2ba18d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 100256 c8093177108326e854f146d34ebf8e0d
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 1061814 30592a399b78d85cf5fc2ace2d2c8d5c
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 172598 94c7f49aeb4fb4e0214c124e7eef7e74
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 530444 03365cfc737ac8ae07067929fe330f7d
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 492880 87d3097a7517f81f969bf115d166446e
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 755036 1d068a06a2f60664beaab450d89651ec
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 110202 e076dfd2f42789a1dbc0ca61c6694c42
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 302834 6766f873a95247728ca9a323fb9ea405
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 1227622 b574aee279585aa73caa69ecfa1cedd4
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 104590 430c7964ac2f7f4ee5a6fb4d2923b6cd
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 233080 f5bacfe4df0d05bb9933e8f2613e4e9d
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 231012 cad8ae3f95fc9ae0c59bf32e9adb288e
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 421698 e67212c8312c1c0620218cde58e25753
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 78888 b220d49b9d56e8f65096830edac215db
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 146460 65fc9d9f6c8294cd0afee917b3efaa07
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 859602 162c7179b64c33ed4480d2ceb56123c9
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 96570 b209dec1a05647b0ed570b0685adbe85
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 246814 b955e5bd82b6531f747a733443bc695d
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 107550 914eb556b3bee056ad327b15faf75612
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 19772 77aa27185dbf6f757408a5271c0c623d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 26250586 6076a92e94d95c1d8fa8bb002cbc7071
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 801650 6658c0396e5a8d6de1c4e7d193c75820
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 182526 457701e03be7ce20eecfe99bda1ecf2a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 100238 2acaaad4b522c4dfee1209b88dd18074
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 1171508 cc07637979754d4dd5b255a378f88338
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 505052 8868f290a2d31aaa74f48e53271ade1f
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 67208 584f1d5fac81eb5c526cb60e2b5125be
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 276418 05b61198aa566973e9ad986298cdad59
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 150620 83109755c2a70e8ef6c29817e0b55597
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 2250466 8b8773e5ecd69a4e10ad13042294d382
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 113778 d051e12246ef62c0f8809827ccaf4c95
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 766286 7a30be4271d302b78878a65532e8ce4f
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 79622 bf684b7d281c51e0d67a0430292b9dcf
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 176910 5f54ebc13b4a83a485c20d2a23e3ecea
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 248970 026d08cbe5c1431167bc794b425aba35
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 422500 ad06b70ea11f632709ed8246166f0095
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 1098754 d7825b822af7b9ca66c00810dabbe411
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 538932 e4b9c7f2bc708be2c605592cb633c6d8
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 145720 44f93bfb197287ec7198abe597b8110d
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 383580 3aec5293af185ce63568093ba0ecdbba
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 1296694 1abb2d0b4fc69f61ebc9190db630ba50
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 744888 225c0c9143770806b1f82de218b1acb3
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 230828 09999550bed069c70073b7d14d4757b8
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 221344 5e174102b75e4d338b33d7352e03c99d
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 171278 192db1c34ab0e6c7610c8775b9c3381c
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 106054 3d842568d12a723a553746befc70edce
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 145126 85b00b723dc0c92eb2ded3f2ece3042e
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 490852 ab051db510616bcb892bcedda94f70f7
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 65438 c1dc639e2599e02c4cb5f42d6edc59b5
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 86980 6755b05a8d58e22bba56da8a3e46bb46
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 1048614 3910bb000a345f210be4d4d951d6e9b5
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 533764 782f0dbe17452fdc10fba93bd1dd8e8f
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 2248190 1116c0e7763ef5390751d9176316044c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 100258 b3c912581052c899686bd480d5abfa14
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 25245436 0bb867fe36dcccd3b230db6b15980172
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 171400 83d446e4e9fb59ba9da3fc8e37729ae7
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 77462 f8c0bc452b55b77e9cc5cf43b04470c2
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 19784 fd3cff889068ab768a8e6851377de7b7
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 753538 86fb1612d658529d367e74f9b370a53a
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 782990 e61a5358cd8f24f7dbbbb6f5ac66ce04
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 100440 0e1cb47681f1401845f58cf8006a7310
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 131564 14f98cbc41ad2857422cb3c1cabe391c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 258514 1239f959b9c4db19eee511c7e2497ef6
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1.dsc
Size/MD5 checksum: 2091 ada949f67070c17e401e4069e31b44c3
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1.diff.gz
Size/MD5 checksum: 328042 62c2c36a87f6a011ed95a6e0083d8b6e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9.orig.tar.gz
Size/MD5 checksum: 9058343 d66472f22db2dc5b706ed4f52d9b16f5
Architecture independent packages:
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1_all.deb
Size/MD5 checksum: 13668 37dd4bb1589c1575023096bbd084cb83
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.9-3+lenny1_all.deb
Size/MD5 checksum: 150940 184b6fbb24202904bbf133dfd5880dae
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 442440 23e94dae017d3764c0bf93fca72e82c9
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 34271278 1df447459e0d937df008ddb38238c19a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 97004 eb230ee19599ce456b08f0f690e6eec0
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 902240 f03678d83d0bb84507b4d19931a4cee0
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 62312 5951b2a2ae85123ac8fbaae36f83296d
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 772520 9955c1ca6950e6946f624f0f0100f56e
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 507224 9535798d64ca04cb92650c866475ca11
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 325884 b638b44dec11e5f6100b20c7088aa23e
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 1137860 36f1bf84aa9e72bbf2f64e5e5593e3e7
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 2415800 3738bd20e7f5ee1159d486d2a1cc1449
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 173662 f5a0f6b40ebc32514b00d97c2b2ab706
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 108646 792d1c04b977a23384b26dda7f443689
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 251922 02ee3f3fd45701241dac17bef1bd939c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 546038 3a01a6b4cbd04342f518b214ab2cb562
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 1423914 7a67f9f923be83bf18be43d856cc0a32
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 113182 1e868d40f4504086f67958a92c8a0db1
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 93610 27c1fa3ba86ea4a81b5a128aa33a60c7
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 13494 04226fff334a9e1b6381a9c996c5a537
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 251638 a03ec2971838a966b7da491f9bfdcad2
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 950210 94bbc7d26039b9b1db22f5f8ec061676
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 77394 6d8660712f339f6c95b5c06ea66b2192
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 152360 cb76fefb8a85723b9455c5e3eb36f691
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 146284 59518001e9e3e6785562f29c84163ee1
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 191566 1f006cea28fb9b12198e19dd2d44d689
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 1259102 4cfb0f1b2eaf2dba2e9c3e6a640fcb3a
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 183128 094fa14ad31bd95267e3a928d991a1f3
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 97108 994f9f367a563d15bdd799a6a386e1bf
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 241680 6a1220eb96a4e7640050d29a294fc46c
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 775400 bf0034e90256362258717e6b703a7c06
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 111294 ce334340b229f3cb66d5d7bdffa1fca6
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 247618 6119ac5bc223c81f06fba8c2e36f1c9f
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 13496 2ea8f9c5e57ad1f733f7d8b9c6c435c9
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 498278 f9a2e73f68133adc851e486664b4ab30
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 428276 fd6a4cf0f983ad0cee84443f0825007b
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 865506 a41a1dfd291f0ff30a465aa13db97280
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 64964 08e58ec64b3cd2008b586ef199ec6de7
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 172310 ac98973651c4b21edfb1871c4f4a00f3
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 899882 d3f89ab3f243e18a9eae140973e62da2
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 144930 cf79dcd65d6348b95135e87a14112231
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 1108136 0866fa5aa82bda7db5a8e5d06fbe45bb
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 25780436 25d5f9b45eab024572b513ebfcab1be4
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 287518 5c5e1eb46b216c6024ad7e30cfe50f25
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 144434 f6e80b8ef8183fe832d0a086f7302f8d
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 91372 53247974541b625d0bab5cbd70c26c76
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 76498 bb76e2a1166128926db84ec16b004192
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 106418 083becf2d57374e2518a52b95944cea3
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 2352368 ecb0bd500e99705b68db4a932be13692
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 548418 d6df60b59871de20041b0153be6ad1da
arm architecture (ARM)
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 137458 8947d28932b7e4b5ab7cd89b6f81af08
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 101784 5725e00ed074682989c117fa8bd92bc5
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 391402 4464da8ddcf38d9c8196281dba608817
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 93836 964e161125a57b810f86114bca5e0555
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 746896 1d8ec12876b8b0ff8042848ff9189768
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 251798 300c55676681bb2fe11ce4e8a0e9a5d5
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 771096 8fd79382983a8b0a54ae4a5c608f7798
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 217932 e723ae36a2166880c5bd78ef192376a4
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 227632 252d9b6fcfc5154873aaea6b98a95087
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 526474 b91266ae395b249999a0d9c1dda08477
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 95612 402304685fac9beb7caa8acb89cbf4b0
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 123774 e1682b257a10e6115ab6d0302c9fd89d
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 163216 657917d64364cc2d87e3c82ff76918e8
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 754250 b8a6d2dc5b5c3ba601ba2b57f99def39
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 13512 038d2a27526f2620eecfdb2bdf507bce
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 83670 1e67c97765872cb33bf5fd8e6eb90994
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 2149602 e2dc467200af7059898eb9bb6c02c731
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 59756 3a74eb67515deb50cf2bcbcc0c91ef51
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 33565006 5d18ca0a4ae08914d58072a2349c649b
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 1223718 0d89da9c8976bf02aefe770e9a4d44d6
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 163926 51e346e2965d3f8777d69c38f528361b
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 1043130 16786b91a1edaadf7e3b2d036bb46f08
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 71382 95376cb88e8eb5d74e8d13a75171576b
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 482022 5c4e4e73dcf11e64865b9e2ceae9d7da
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 1050934 6d71fcb10454858355d28dbd90bf673b
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 136534 2943609b5a2f0dca57af7da9715cedff
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 13498 4b2ef9fa59e854c13264c415063c7858
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 482670 1b8abfb4d374527d2b02d5897e573520
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 83180 d5f62ad7602d4107bde68bb47381ca35
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 239546 097d24409aa70e1d4c86f56cf212347c
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 94288 6376a998f0a8352f7b906b74d968ee9f
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 386010 cdf39f24dbb3a34d58f87f959a20ba11
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 101458 58b67ac4f21014f2a89ecbf5fb21219b
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 227752 616e16119964046edd39ab94f4ba5295
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 527498 4b21ce4f9a57c56f22bedebc7f3764e0
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 71116 758667c7255452fc232577d14a834047
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 755684 a81fd2f6420afd7d1f07f0aadbb551e0
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 166162 351295a1937a81b7fb106ed888f6188a
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 124784 d0582fd6e9bb93273cbf9eaeab5b45ca
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 33006582 e352bebb68dff27df5a682cc80fda55d
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 59148 3980a9d0e717e584b0aab1be5087a134
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 747902 01ebc2692aa241aba7928cfbb2e9b03e
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 163658 b6a957488fdd938a2fb7f4f87c7a9ed0
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 803006 43cd282daefb7fea09f525023d0b4517
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 2170166 d25f3885f0721742e8ae066b62dfbe08
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 217648 5f76ce6485c81b9ee391270be92a2ae7
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 97638 67317ea8846a1f9675a10decc4a6bc15
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 1047420 9d6bdc51966950176f7d811ec1eb7fcd
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 60154 33092de39ee55c6189ca80c35da24405
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 300822 8b613712f554898562536e1e42f0a63a
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 101628 5b79a214b553d0c73c38edf68b58517e
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 760688 3b6fe31dcaf90d5441835bf3caf2b079
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 252780 41804512331d4903ccfdd22f5bea840f
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 79794 407be7817d2fbeadc9a2f1fca29e47d3
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 508388 6fb14c245fddf2ce919e7ca9ac51f792
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 95362 3b3991aed4739cd4b849112aea36ee09
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 449548 84ea2bacf837ce9ac7f808bc81a9b363
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 95770 ed1884db40b3971a0440c89c99184374
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 946800 cf4eeb0fe421ebc3e12a87873504595a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 26286170 63ef41719ab12d66209beac43fb6cdb7
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 558726 0133793613690399845d568b647cbd95
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 110650 4d3c5c34ce026d1f0a88392ea9aec2cf
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 257908 73b2d5ccdc123436a21c40621115bffb
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 1382332 279a6810a9ffa21617a56577e5c155aa
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 176908 b12e01dac140811818480429a93eb2e3
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 169704 cbebb7d5083f6150203de697af3bf097
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 140626 f9cdc207f477b2a37c167f4eb2024f36
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 151306 29d5bcccbeffdbfc35a47e0b33183844
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 13504 59f49cb9881f15e337403ebd2e876bd2
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 888706 70be229ede5060052c7d5ab61b16cab6
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 1131082 84c09613d81e0e5d40b5a0599f57cc02
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 2469602 6839152140bb071d7a7bbb84bac03e97
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 97078 9d3c94eb6cabf6a7f998fa9ffe954bfd
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 222912 b0854f86ada31ae3f908d9c077fda44e
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 88412 d177bdb59f8b4cd4286d6c6a7b9bb189
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 75186 a85996e931e769833905e4af3b29ce55
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 13496 47f3b944d8aa7cd0873e1702c48c92ba
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 405590 f3f7d8da99f00fb2906497e4f1a8b1f9
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 539406 ebe1c7685acd074513dcb1e7aaa27ca0
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 489702 ce7020623d559eea8668f9e1b884c54a
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 63090 861612b37ee2c706066a36f05693012d
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 141308 41a4f7ef14dc3c662b4a3f65920b731a
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 236202 2039aac262f83e800f51ed0a485eb139
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 107838 257d1703fe08a582ea097704882faa3e
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 172890 bdf4976a68ea1cf5c44fc1f589d0a5ef
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 808976 bd754e226c29c6d1fb977c4ea3f15d5c
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 167820 9f01143cda19e189de887a3b490cd49d
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 2256720 ac367b07e89f8e099b1d395f70d28c01
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 843108 50525329754e920e30f8bbbab4ee75b7
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 132234 ab1506f7ec28abd98e1498a9d907331d
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 1071012 98f28dc0ddaa53209108f0030dd7fb8e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 25293598 1b962c64c9ccfe0850cdee4bee7b5c8e
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 99602 81c1fa875a2f5ba6a7d2e0c1bb57d340
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 1232936 11f8797743bbc344204f666ffe3647a6
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 760512 2be01413a549a4fd0ef635ed292a3a02
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 257816 55a8b05afdf2a5473040ca825ee1c777
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 818366 d4798a87cecfd7d9b927b41d772764c0
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 488828 328e215091b06ce8fde8cd1605609d43
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 25364564 7270883396b5744cba3add99df542ed6
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 89560 e656b7b87d96cc0e92694cd668f64859
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 531926 fcc8042638d887b979d8c83570e56320
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 2750750 0f6d8bb0ae98135a8f3b8a14fde8ef6d
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 182090 bfb4546bdd8f439d6fdb90f78c39b3e0
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 300348 424b48c496d4cbe8d0e0c24e6914fea8
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 215548 09024b64587df6ead69c5204e6255bea
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 111806 43f7401cc5dc7964205a3b5788529f5c
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 1171068 de964dfda59dba1844443e475356520d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 616282 aa2e8fd43795d6807615aa44af520fc2
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 1256546 49be44462041195e17b979e1f172adf7
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 1492244 88db5646f1dbdfe2351f78140a91fa45
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 124244 d06bd039b56fbd39c389c7230645f6eb
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 294308 eda4f9d4887d37efea0c0606bd5e2630
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 178556 e1f5810ec224e47acfbbba53d6992b36
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 66722 1a8b5d1357c5bbb89e1b9a2616eca0b1
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 124302 79df484c9931c2183ebc7d5b501d8d58
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 94362 26fcdc67c6905f2490f5580a139556bd
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 13496 dbd590c1646ced4ce34062ef7f4bf0d4
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 1210464 f6a178b7a71c3696798b8815b8903b75
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 159082 e8507c229564e74fe446b51c10ab1c09
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 383092 0f45cebe1880296fa1758cf4ddd6304b
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 102730 c09693e44150f94ba81d3210a9785b92
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 221564 8bf49438dc5b071f3b22a4e16fe145a1
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 1109202 7ea76e3bd1760775f57cc305286d3f9d
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 1089090 bef1dc08c615a5253f20772d4c150b2a
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 69894 28f5898a643a5da9ffe7f299d1f129b5
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 828526 d7c0696846f61ef882456cb442baafae
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 480092 9f8149b8c84fa4e95ec3ca5ea2429da5
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 757340 0594ca7f417410b4f99bfd32e8910fdb
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 99964 2f14d8446f2593375e7e73e8c7830555
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 517638 8b7e724ab60ab74a301e3a8573c2dde4
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 244618 d065664867e7fbaa1e79c140dca57a23
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 26705680 dc864930cacd486a2b90026cdce7bf63
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 13496 626c6009eb8ce9dd5025fa69c007ea36
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 94366 e573484ce71e9340767aa5130824df50
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 168490 b31fad69d903af2d994d3f39a02c4fb5
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 748942 8f97407542d66a31c66b5ac6d7a88039
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 82976 7c51b8a5c15110178e97955f62ec4b34
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 123894 8f637d55657e633ba57302191ef6abd1
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 2114234 dff1727a5c8ea95cf2657de32642c49d
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 177190 a99bd78ff7ffec4aeeedcdedb87e9e9f
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 138954 ab684399bfe4d3d0dda461978fd42f48
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 57942 d75a095256d0c00cea5452d794fcbcd1
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 390348 4b9456cffd018514a937ed5cb4124f13
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 206684 7132c18d8b6fa9535e0db252e91ad69b
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 138708 537c781567de6c7fb455f8c82883d95a
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 745694 4bae4c1456f675dab10bbfbfe691ecfc
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 94376 32e82a5d66a85afba17f2a0eb9a6bb0d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 242664 a3430b75167fc0ce419ba2891fac8e3b
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 99282 0ce02e74c990a7472e3ab77aa7cdbc65
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 122230 9b66a2f3aa0f7a67b490b8688f80561a
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 13500 716a62675374a3d52f41e32ad571c1a9
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 1061316 5c56f881eb6aa0af1752f6bfe7bfa9aa
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 2097486 0e0f300f5a1f4f2c84aab6b12672aa14
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 82654 320a0e06aba597cfc568981ddddc2f5c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 25680530 9c4205f7927bb3116bb1e31ee15d168f
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 69852 21f1eafbff78f8d424acceb1463b90c6
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 517148 b159a3acf0e49f9514a5381b35659497
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 168106 20e31b3080ffcde4901f808a91cfc161
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 57864 10a5d266e861d9ec35b9c4dd78cb4913
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 478516 03f90ba32184e87c561ac355ccec49ae
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 388378 1efa9ce64cf60b0795901bf35dc4e53f
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 814058 10769b430175e802c632b03dd6277e73
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 755640 e3b75cf4f593ec7d307989d77a5ca1ca
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 176084 33dcb7ee545a8b9eaa99325b06c928e5
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 1105362 085d429a8938af2babc1650db41b11f7
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 102568 30223561a7999ac53260ec4b4d32af50
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 205558 221c78de0ad22c2847c58cb74285a376
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 219406 2a3403fec05145529cda12b588a17a1a
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 320010 141601c2883cd7ad11185ca59557c171
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 138992 b8d9d86bde0921fa183afe0122812024
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 1331390 125ce1b459d937091bbf8df72cc5beda
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 96436 ce5725e282720dfbde022c37d56b4bf4
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 115882 1c3660d4430f874b5df972f8d65fc89c
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 245392 faf6f0c1d73faa7b18b567a992bf0ccf
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 77460 00437705fa464547d477e5787c5c4ab6
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 1079000 7ee79717437c23727d538d9be311fa1a
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 860746 1fc710f8ebd8bc901085239d9239a461
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 174706 69ff9738d14e93a08c0cf99610c272d9
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 499304 935611522d88526bbab0043a201fcc7d
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 2379254 0c4096e5f4ec0a2436e4e6cb4d0e964f
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 148264 f0a54f4705a85ba4872eb86752d3a3a1
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 109152 311f4ae4a6e389b74bbe402c025f6335
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 774148 22fe7312a5fb51ca29bd2aae9978e2f2
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 13502 50d978d665a3bf11d9b2ae3cfe0bb5a2
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 445506 1d14d9a19d25e0093cfdfba05fdfa297
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 889946 66918f0179c15859f58acd07960dfd8c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 26522042 341acf33eaea52e3cc7ce4c0496be4f6
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 245192 49f4712771d91fc8334874622107c10a
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 92960 786b5a1faa9ac0b064e3f7c034cb1750
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 552320 c9152403f7f15a9e9f50b81955327851
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 65902 43acaf29b90c9b2ed6b20804fdab4d9e
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 183444 2cd74fcaa131e77772cd6246f30a6787
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 545552 5ecc4b81ed5a666b2d1badfd5f37ea2e
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 2316640 4309c27dbe563f7472cb21da7586cae8
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 63226 2b3694eb878128f5dae3d6a6468103fb
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 144820 d2f466e5d021e43f4c60abe73cbe2aa9
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 270630 d2d3bf53a18c1f77a505f891150a027d
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 113006 44e08268dad122fa8014081807c5bfb4
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 106236 07d0235cb8a47e3a67d771870fae0b32
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 251268 7640117e7b3ce3de2b6a8c4d4b8164dc
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 147742 9802165843c32f9a6ff6e8370ca87cbd
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 93564 b8bd35cb52760b51b37d66eb76e05dec
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 424942 5b80b03ae1a98c75b2fe456fcdbe9f21
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 877384 188e4a2bbf7cf70c2c0fda370134f8f7
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 775834 a6cc496f2aae5971bf22c7eb7dcef33a
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 75214 730a24933cf8b75b91ac20ceaee56611
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 247912 07fc597207d506959b1a06b24e72d22a
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 1107384 a295fb93c4dac09f9a811a7d657d953e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 94358 1164bcac53e6fb3e441668d5d425f3b0
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 501788 558e7489907c25459d7f6f71e84c60ed
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 1201460 b69c1b31d59a0dbc08613a257126d31a
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 13494 6802989fced5f26ebbefc76a524c37f1
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 26212182 6c365927ca3b530fac689af8c251aa2d
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 901164 97b49f6789d8f0d1b4fad1c43a736b24
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 183490 51085c635eab8f84d823e130c104a7ec
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 174622 23f2c760e59c4f16618567bb05808c06
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 142312 4b95d21a81fe8acda3948b18a17e255b
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 387444 ad8be325a6c214cfcee83e6231ebe282
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 536484 14c7fc971a39c76034938ed20e282d0c
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 487168 54a3ea6ea8e479c29ce6de334d20fe12
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 2295810 886cc8756b8c88ae9f39a5663da41b66
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 251524 ce3fcf5dcea8dadb8a8340a9c8369484
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 835054 fc902a88b1591c1167c7e15599262a7c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 25134110 54499557e99be3114d2253c30878dfb8
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 1054274 29c9a4b66b6ddadc214b26d4ac001a4d
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 61522 51ac0faa96ec2a9a1ed408ccceded01e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 94364 71b741e9b9c864678bee978b9b782d13
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 1288616 0efcba64c49ff8dee826fd5d19303389
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 99064 8ab8e3cdb467a8f6012f44be07cdc6f2
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 83342 cb6b0bd4e7b384500a5f061bcca852c9
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 13500 afd2790ea28d4edad211a7bed2817ddb
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 791016 00c6dcd665a995486002f019372e19e1
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 169150 cc6d29090b9d1eb1bc92bf4201d9eff8
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 129360 f71a036c5a2a24fbf9f8e3923f00f0c3
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 761142 885e60cc1694fb40f9ffe6280c756984
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 230038 e03caca49d68f845ab81eab6a3a4e666
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 105244 84f033793d4a42f0b6235565ad963251
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 72270 c175dd0ec48337d70f3d1dc5ba26ed53
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 172602 ee221972ebbec5844c3e8b5e112c1138
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 218246 35ef9dd3d2970b90341da2302cbcbdfe
These files will probably be moved into the stable distribution on
its next update. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,
as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to g*allocn.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201310-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Poppler: Multiple vulnerabilities
Date: October 06, 2013
Bugs: #263028, #290430, #290464, #308017, #338878, #352581,
#459866, #480366
ID: 201310-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Poppler, some of which may
allow execution of arbitrary code.
Background
==========
Poppler is a cross-platform PDF rendering library originally based on
Xpdf.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/poppler < 0.22.2-r1 >= 0.22.2-r1
Description
===========
Multiple vulnerabilities have been discovered in Poppler. Please review
the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Poppler users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/poppler-0.22.2-r1"
References
==========
[ 1 ] CVE-2009-0146
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146
[ 2 ] CVE-2009-0147
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147
[ 3 ] CVE-2009-0165
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165
[ 4 ] CVE-2009-0166
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166
[ 5 ] CVE-2009-0195
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195
[ 6 ] CVE-2009-0799
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799
[ 7 ] CVE-2009-0800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800
[ 8 ] CVE-2009-1179
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179
[ 9 ] CVE-2009-1180
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180
[ 10 ] CVE-2009-1181
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181
[ 11 ] CVE-2009-1182
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182
[ 12 ] CVE-2009-1183
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183
[ 13 ] CVE-2009-1187
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187
[ 14 ] CVE-2009-1188
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188
[ 15 ] CVE-2009-3603
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603
[ 16 ] CVE-2009-3604
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604
[ 17 ] CVE-2009-3605
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605
[ 18 ] CVE-2009-3606
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606
[ 19 ] CVE-2009-3607
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607
[ 20 ] CVE-2009-3608
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608
[ 21 ] CVE-2009-3609
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609
[ 22 ] CVE-2009-3938
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938
[ 23 ] CVE-2010-3702
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702
[ 24 ] CVE-2010-3703
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703
[ 25 ] CVE-2010-3704
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704
[ 26 ] CVE-2010-4653
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653
[ 27 ] CVE-2010-4654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654
[ 28 ] CVE-2012-2142
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142
[ 29 ] CVE-2013-1788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788
[ 30 ] CVE-2013-1789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789
[ 31 ] CVE-2013-1790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201310-03.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10,
which brings many bugfixes, overall improvements and many security
fixes.
Additionally the kdegraphics package was rebuild to make
kdegraphics-kpdf link correctly to the new poppler libraries and are
also provided |
|
var-200901-0726
|
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers.". plural Apple Product WebKit , And other products include DOM Since there is a flaw in event handler recursion, arbitrary code is executed or service operation is interrupted (DoS) There is a vulnerability that becomes a condition.Arbitrary code is executed by a third party or service operation is interrupted (DoS) There is a possibility of being put into a state. WebKit is prone to a remote memory-corruption vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1988-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
February 02, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Packages : qt4-x11
Vulnerability : several vulnerabilities
Problem type : local (remote)
Debian-specific: no
CVE Ids : CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698
CVE-2009-1699 CVE-2009-1711 CVE-2009-1712 CVE-2009-1713
CVE-2009-1725 CVE-2009-2700
Debian Bugs : 532718 534946 538347 545793
Several vulnerabilities have been discovered in qt4-x11, a cross-platform
C++ application framework.
CVE-2009-1699
The XSL stylesheet implementation in WebKit, as used in qt4-x11 does
not properly handle XML external entities, which allows remote attackers to read
arbitrary files via a crafted DTD.
CVE-2009-1713
The XSLT functionality in WebKit, as used in qt4-x11 does not properly
implement the document function, which allows remote attackers to read
arbitrary local files and files from different security zones.
CVE-2009-2700
qt4-x11 does not properly handle a '\0' character in a domain name in the
Subject Alternative Name field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
certificate issued by a legitimate Certification Authority.
The oldstable distribution (etch) is not affected by these problems.
For the stable distribution (lenny), these problems have been fixed in
version 4.4.3-1+lenny1.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 4.5.3-1.
We recommend that you upgrade your qt4-x11 packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3.orig.tar.gz
Size/MD5 checksum: 112939803 376c003317c4417326ba2116370227d0
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3-1+lenny1.diff.gz
Size/MD5 checksum: 113988 44e1d7b1418a2ea5811b2ba390c6e5e2
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3-1+lenny1.dsc
Size/MD5 checksum: 2517 a643e142a0548df25f447e5147e36434
Architecture independent packages:
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-doc_4.4.3-1+lenny1_all.deb
Size/MD5 checksum: 52927996 d4f9f1f38e28b02b57f77631c80936c5
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-doc-html_4.4.3-1+lenny1_all.deb
Size/MD5 checksum: 26654448 7e65171932e77223aa5b1393daec55f5
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 30804 242795a7b4b6b75655d0c2a1900b4f96
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 256632 ea070e02a8243c8b73463820aa18c16c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 194438 7639b8b9266a76ffa2880e10b265bfd0
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 64780 2e260f7f62771c80884a2a35dcb9b449
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 1642920 05ec919d8ff16f4e5bc9a3e3b0ce6718
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 54143826 a8112a75ecbdf5bf5fba60c5ffcf6639
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 493846 ab8a83e873d4b4df0353b24abdfde772
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 90539672 57d2f91d1b32c724e8ac67fa185f08ce
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 4748512 dc56c050f7fd6162b5ea5b4a862e47ec
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 248966 0d4ee203a4eeead29a21142cf5f5f36a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 2227462 3298ca0048afc6ba038e2173f76ad99b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 45958 5c05bee20ac16e347b4df914df0ba573
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 3824480 fb0afb2adf09e056ac1b2a952f923f82
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 14064920 9b168b2fe8e39d65a5de4ec66d98dbb3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 41942 02c839761d645d29e364fa9d585e0155
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 1510874 55bcc0f38bb98aded16cd3d058948f1a
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 1842134 cc1c00d45977cdafc257a38a19c9f3d6
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 148296 62a149e29e40961eb3ee9fa3f71e46cf
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 4747984 5940af0438fa7982819efc9361d4d218
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 10853838 1b534f13f38e5c4d6d3a6605e27ca5ef
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 986808 4008560ed1b894058f5f7f793224470f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 194846 393eb42698732905ee322c2e88ea3cbf
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 149118 0d473109c91d1a3deb7af4bd6edd7975
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 74138 a395afc4c7c8ba3dad39322d08c9dfd2
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 30798 05efcfccb419463c2b61fb1f3ca29a95
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 506180 e6d0197c68897fe67a908077b2784533
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 2208902 3898119a8c37a4f40ec3e16269fbf32c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 50888 fef3650e86c4153c7247d2846d000431
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 428680 f37d8592f6211e98858663bc7da5aa11
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 62188 6c0c7762f36acdb31cd172cb8d16746f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 41200 39bc11946cc3e99f9f54c2c0381e6dd4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 144382 c12f803d4285afc61380fcdf04fcd4de
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_alpha.deb
Size/MD5 checksum: 59926 eaa5395d210bfe708d015c176d207481
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 50214 3cbce693aef71ebfc94652571f581a16
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 61290 76c1ba9c1cc77a714e491ec648ac2d49
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 134690 bf94e92323e68a1b948b7983e8883154
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 458816 2625fac9bd465f2267bb7cf3ca9b12b4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 1377026 0bc2e8c416723c12a1c2b5325f1d255d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 87591154 684110dfa018fb12451fade881f2b258
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 70622 c3d8b1eae3557735e3d2cffa1c27a943
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 456012 31697e41896daf771dcdcb4c342b9c06
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 10553896 068c89d9d205cce3c972849793ddc8c6
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 42370 21d5c9fbb91e60d69bd9ce720da2e459
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 58260 0fd799b66c8bdbcaefa98b9924f888ec
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 30802 83b99b7cb51bd621183483db893bbeec
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 1537710 cc75e5bc1a0c87b20ed7100d4a293039
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 2079558 559afbeeec5a3d3bd9df5c2dbc6d0896
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 4274120 97907f0117b368f4b9f23e8599473261
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 30814 7e47a757325b8476e352b03a5c5aec78
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 185344 f9f81022af95cf86541b7a21ca68c220
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 62948 51bc553e17ca6d1f015faf7a70705e45
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 53394502 984acdfd4d9573bedbb1cb9fdea32099
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 3448144 7d523c3c7fcead5b0debdf212ab4b0d7
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 1625680 3bf0cbca2bbd44cb0c84ce0c84ef51cf
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 42656 0ae1f63bf9d2776f6e4048d790ff0fb6
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 237786 b0240806281af4bde43a18ca30beaf9c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 4306138 060500a3c0fd9443305bbc3833a2b2bc
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 186262 bf6a12b3e66e84a41c27cc64d8b9222b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 828912 cb315956769fcb6630164a2cc0db2a9f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 137534 f7afd2dc5df6ba81c2e8aacd05263288
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 72788 a96bc474a1dc453038d3e20b91e7da26
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 46088 4a2e8968fc286fa45456feb782501e49
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 2093718 97bc8a55dba288d7d8238b7c37242acc
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 411410 25d97c749070beb820016b63e3275ef0
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 13411206 ed59b0df741ce51e3fd53a20c0d2460f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 132960 bfd90128e17d45d3d1a9e275cf9b8484
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_amd64.deb
Size/MD5 checksum: 240992 baa32b82cf072af916cf54f348ac8b21
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 1490244 b7f5b5521e518f8195a93eaa64a47a6f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 246778 c578bafdc84117e2e0489f345d63a328
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 4090556 c364c817a98b4b55de7db3124d201a3d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 13976018 09b344b3f55cf804b29c7b902f358a66
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 30552 3d452b1bbe742911a2c49f0a0533c9f8
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 4302420 bbba102425af53a59e362e8f8ed8a176
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 1559374 b39af442b4a69b9e5ed26f3c949a8c45
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 2051900 8b58466730fdfc163674f8ce67465ac1
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 850514 7da47a92f793e4e87d5cf6ddac563a39
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 42030 ae1f63cdb4c19c090c6efe685bfae0d6
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 72300 1b5f88254367f44211bdfdf921c39305
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 182426 a39e968a814382611f19a5834655cdda
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 57682 874b69bbb0a4e184ccad60b18cf71e80
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 60030 8f8a1faf24aedb8c7db0d349ea894837
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 1291440 cce8b6f8f434f8bc1ccb32779cf74644
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 178792 e7b00a6eed81bd71d2f5277e2595bd4f
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 10208362 5bca5461f7ce8a51e55f130fd4c5d852
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 49814 8038cb08e95871bcdbc6eed747729874
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 30542 145c03d402a1d9cdeb105acc4dfd9add
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 129170 a5cc1ffd87f255b17187b9116a9a902f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 417314 193284b6d133efd2ce923c4c3498b76e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 457766 b8337c15ad7022f03a339d76e288e510
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 51245582 f28d2c30200aa4c3dfa1c658aa8194c3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 42882 2bb5d6c5158c98e0e753118653e100e6
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 405660 1cf50d4eadc18a9ec58a0b64a57e4bb3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 89502610 17620beaf7eb7648a6e76bd3b6ef5b81
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 2052626 9d52d385b4dfe5b3e84e9f37f6a5262d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 62778 96b4ad6c7002d4b5d6e0d29b8c3c48c4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 139982 0e82833ffd6e4370103a67002551850e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 2935026 7a1986aa9702df21c770f4b66477e0eb
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 45656 b41efd29606c780b4fde733ca7fadd2b
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 133334 79223e7f554a07aec91ee2dd23683edf
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_armel.deb
Size/MD5 checksum: 233960 e4fddb32150f6d343bfcc85e7b58215a
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 76570 d8ed6f1595b23cdff3874e2bc9bc16ab
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 502954 af0b3cc8554f302f8e0a8837b2793499
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 88102392 6910957cabd74c068fb43581a7654495
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 1047740 bce5cbb0da6e22a8e3fa9d82faf69a48
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 65002 d54455c037071dfa191e7fa774068345
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 164024 271f70ccadf4536f0168be44d2edb617
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 272194 5ceba67ab66f9c687ccd5aa6dd9a2a42
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 52802 ee752bab39d48e9ed3aa9ac22b459fdc
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 139864 4f5c9f13f9b53d7174ed75bafd186490
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 269716 8c763165b42e2e7fcc2163fd61229a96
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 43398 b7b64dfe8ceeb67d551faee74f8e8184
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 534088 2c2ab2681f9b1d71fa6cc7f16c4aab66
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 1733748 7c2e5e485e341b2440f08cd720d63ee5
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 10984260 b721e64df219e2afda07c0a9dae77bd3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 48060 ed2b04165cfb65391efbc5a857ef925a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 42290 27850d5246ca6fd752d8391adb686d48
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 5050272 9788f089c1d28f7b5daefc7948aa0d93
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 13472070 1ef74506e71dfe9d4f54eea5f17888cf
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 1634402 5314d4d81ac19f5645b1e1675ba6525e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 4753614 7c5f9e9415a58b065b593228bd8cac77
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 2311948 368daa9ae5595e3b01fc46c3d772d5e8
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 440934 dff816abb46a6fd0901aa7b46df70978
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 216320 06af895bbc34177ba07a54640fcd82f9
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 4111644 ba7285e1ab7763143616162c647f9c1c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 30560 7179e8bfc10ffba15f16fc489d6c8767
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 54867760 f3a6306eb7868e2051c9133ae13001a5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 2482204 99df86846bac3b9ed311d208e3d60052
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 1674078 b3a41e98392119d6f18714f2cd30c620
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 30556 4deae2df41ac92447aab4a19f28f449c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 67256 918f264f290aa032321eb41ffe3fb470
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 61638 d43df02948f52ae0ade58491e4e01184
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 215604 1368fdf3f01f9c6c8fe1f9ebf692aa7f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_hppa.deb
Size/MD5 checksum: 150290 3e019e50412c7053e59210d23558ff3f
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 60056 17379341e284a38f644c3ef48f3d153f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 4308318 f66dac39c8646b5d6f86d687d14876a5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 86425734 45941d60457519d748df891ae9d6fb3b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 49540 53ef1e6bd36093d87e3a9ae9e4f8f25b
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 1525530 086e6751de436355a09962c886622f5b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 41558 610999d2f201d4aa2dbe2a8a7b89a297
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 30562 eb0de8312c4ae39517ce301513321433
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 134916 39a04c32712484b7afdeb8b18e9eaba9
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 1577902 c4e82a4d23e9d82fc3d03df912075dfd
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 132728 9f0b09e83111a6747b398ae769a58838
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 42696 c35fed94056e8b19ef711354aa2ec581
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 444694 f1a39c9137fb693c29296b8e253b13bc
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 780670 23067bad00a58f4072ca1af9a41af2ff
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 460070 a63dc401216e6c27d9047f1a755d2ca0
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 10386438 2591e51461f3b4a7247007cf45267135
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 3249592 ee8c1c0aa94c466ddeaafb4bd1f491db
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 61966 72d831daa19c34c59051845b4cd58a16
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 181350 9f48c0dbab6bb86cb5c59a9024493036
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 2083758 009fd94d4fac6f73eada4d20f91e88a2
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 1389528 c80b6c53b187a323ecdfd3f4cfd5b44d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 53025666 29e651bcb5703a6bfe40a0800e36df1f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 30570 1e680aaa186d52d2a2242dd19b76ffa6
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 185196 c8e779b2db03670eb05556887dfd0fc3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 72576 15f2f845993e5fe2dfe38cf4202e0070
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 236816 c6dfeb8fd01d4405377e4ccdda4131cb
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 4282456 35848f6936fe030424f44e71992631e5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 57054 ead8f282f8104e070642dcced8ec9bdb
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 135448 6c28e942bcdbeac060e8e8a0a84ddb90
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 45662 7902e7c821865035758a060acc06d1b8
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 13273488 dfd26b502ae2ec0b07ba5c8c3009f47b
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 403720 dfb3f85f19b28ae30d4fb8d7a70b3101
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 2103050 15bf7f0d013780dc6644c598cf9bfc2c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 70224 7292d01857e2e63c8d9c2a7559ce5e5c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_i386.deb
Size/MD5 checksum: 240438 0677fbf3af429aed4042035cf5fe3174
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 1117582 626119564af23bf1502e7356f21b6915
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 44950 b77dd8bcdd872ce53477addc87e837fe
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 6027574 84ed0cba631580c23c512ef0528ce6a3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 30550 67930c8d0685ce81832a8ce84c0f7a24
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 68624 068eb1b54b047f52435a2020e206ae5e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 53396760 3d187d9ea8c05ec521440f2b30091fa6
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 2575384 59b7a007a62ff3a30631333384f4ef15
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 487778 06aca6786068692ae811409418122138
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 295098 dbfaa938bdc60534692c34ffb94abe4c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 2668608 9e82b0b6dfcba94112666fe8ea9c8d9a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 66094 4cfea5eee8f72a9ac230fa6a460a6d5f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 41242 1777cf6df5b2dcfbba2d6408e64cc03d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 54168 5ce5f187a81716b59d8f21bb5b574946
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 233336 53f4577c6bfc5ac24e83a9351f52cb57
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 302362 cc74da836c1676844082c818ed1186a6
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 172432 d240749108d8900be7a1845294bff484
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 89080984 bc9e19f29d3e5528bae6c65f32b716ed
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 579478 488c9c35a86921e6190c0e4955536b37
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 166064 d7731426876b36221566f86a0a0e2453
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 70086 16f96b3e2676c23e80c968753e82784a
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 11526082 37f059728643cfabb94d9733655bac61
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 146634 8327e828736c91db0177ba6ba042cabc
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 1806196 15600b5f7f3d78467e2781fe84910620
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 4894148 f2ace07dc909157d021948dac7fc3bf5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 13971058 8a29679d1abf4a4e2df783cf1a861a1e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 250056 54ad40eb2b043e44bc0cf72cb82f99e6
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 83468 49e601ace7fc68fda06d2ea501eb79a5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 49078 2e01f8e5b543ed924286fbb75fa2efd8
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 661268 6d6858547004e307d140d694f27431d4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 30558 f2ce47b00bc67df9b185cc270a87e47c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 1873218 0e559bc2e24169cd62289412e0453f00
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 5244556 804c0718a2caacf6d26fffdbf006adae
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_ia64.deb
Size/MD5 checksum: 2208414 069ed40aae3c456f06c81c06da3460e9
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 13731026 2cf7a5b1603540351b28ea37a98a681b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 61884 19402e470dd403395446a6e5c55626b3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 445328 4d20e4060988521dc63cbf37c30f100d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 232750 0754ed2ce13641874a5fcc696cca9fd7
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 45358 dd4b5a28a81306956a47c03554cc8d59
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 2076344 cc317e6f6ef542e9ef43691e0cdfe625
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 238704 fab119df8f0826eb2c25a090f711b45e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 30564 2c816aed7bf0e28f6b425de26929e419
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 4384714 7900cddfa51331384db080a6040c7f74
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 130570 60d8c58cbbf93fbf0ce8a8df5aa1fee5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 138014 9e039fbb1238db80bab9e04ecea71a80
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 41614 e05888e3d7f0138c24fb20a5a422b4ca
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 3291732 5a8544c976f02858283c26ba43bd109a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 1353820 3cd3c7a8b0a56f081f3bca85a27a76ef
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 1997940 54b5e8e103e38cd53a13bfbd27559328
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 1548658 a8a9cc3cc9115c75a45bc0cd694134b8
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 193882 2bf228574df6a2835552b4815afc696a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 186294 d88d65e6a85ce57bcf9e81fa4fd04b77
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 30556 05b460890a55a81ba0f192235a3c0192
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 4351110 afac1e4e3ac405e1bbe8283e37d20b45
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 49412 ca97fb0c6d14a2114885b2cb87786e15
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 41262 7f4bb9e46d585246ed69e7da595570bd
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 10432216 ef271383ff6f2600b966955f21d75dc1
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 1599606 3e088686e99b421f9f531ea7d5baa162
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 796818 a4a24e95261b29c8da07f3b5b61a14c2
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 57742 1350b3cc65918433cf9974be12129405
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 69750 dc570d8cf67f8ae2f44df459f89a7704
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 60274 eabf99068a0d0182eb1d95bc231d9c82
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 431144 e23f8d941bf2f10c1a9ea53f01b19261
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 55251700 eedba6f66975bbb0433c6e650d33071f
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 425568 c4936529fc1fcb1d135cfc01892ab40d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 131324 0a867f9ea1ea1eb906d46f43c180fe05
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_mips.deb
Size/MD5 checksum: 89596300 6d22a177a7c1ef7e457a75756990d604
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 229968 e7876664a0ea2577213f6dc854dc7beb
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 10376684 ee440eeb5d00ea1a8e1172d3b3d00aff
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 4347292 f4cd4c89a0f7537f8e26f6879a0f893e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 191406 9f015ddc9e3e9c718cb97ab11296c6e5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 41540 7661ae54a10a2d2ca44875d123705870
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 30552 3d0751fdd9aed771e4912c211bea089e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 1958868 43fc237fccc7979cb4328769a9712b44
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 236330 f39a7a36d1d13e6cabc183b54bc8a541
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 135644 50bb1a918ca208dbb524211ca2f1fd72
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 4290348 10ad0e19a2388acc31a88f8ac25ad2e5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 57452 e41274c827e5cf94498772b74579d58e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 30570 f48d279ccdd49c6e519da7df2f910b1e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 86262916 279b30139f7d4e7a24bc3fe3873d802e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 130074 20a9cb3f067bb663cf6b9e5500afc15d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 3144304 18c39b4efe29da0f6698f7cc1662513c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 759628 8bd9c81c6160c6fa73955e6eb7589143
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 129280 0d196ba45f0f25957b28519063fec79a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 59950 ce633cf5f8ca612bdea81d98eb984c39
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 69248 c26886682df753907b8c6e32167135e8
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 1585390 09d818aafb7331444c5f799390a5ab61
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 49176 34549e52d8e29ed02c7d469145c47391
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 1532608 37e6e25a50b4f9823a5455c51966c8e3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 425456 5883cd14a56c3bc2903f72704231a0bf
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 439666 5fbc5af909dc395f49f720542f8735d1
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 13194092 ea7674bd0c4b797d0295b17dd1ed3e85
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 45182 8ffbc7bb8d565ddc3fe773a2c099a523
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 422618 b1edf41f7dc0214b2dac0c3395fac73c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 52871332 be96377a4b5ebdaddef10c5001895cbe
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 2048016 8569e3fdef2371d07a123344e7ef8abb
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 61554 bf0effb3185b92e7eb0de5729f1be76e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 41254 70f58c78b610e1937e52eb34e5809d2e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 1327318 de6c4ecc2baf7e28b8705dca4f3606a7
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_mipsel.deb
Size/MD5 checksum: 184066 ff313cbda6b9bcb6dd71dc7cca3c07ec
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 13997058 d47bbbd31efc9282a917cc48d921c1fb
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 140650 f0f469b814443d6113365d6ac8c01b4f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 42212 81d51c4361750df38e6dd7bcb7f294e4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 4435166 cd8b0b45170ea1ccb5af66a2a037f9ac
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 196810 77aa5a519b4bbc82fac8ea9d7086ede4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 60652 8ce4b23af0fc90b90d9c4d53d1a50bda
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 30802 69317bc289e10bf016e6df959f364f63
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 2182738 31201b8165db906fb338c217aaf7b835
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 44858 e2f7113b7b7c00a86caf179c2a8042b2
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 90556268 8acc67fe335daaf799bece65ea6ef2e4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 2149626 93b142c76b1c8e1fba0f2d5c5e1f52b0
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 75792 97ae586b12501133f0f3c2139fd55620
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 64864 33f39474f447957c77cb1eca2188fdff
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 251222 2b12af171e0b6bc3e01a2d169f8e9ded
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 4545642 fb808821c12d59490d232c1573ce9425
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 140016 deb24263775b117ef8367bc89d4d68be
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 3497416 0f97f950fb49a399532694aa6ab40b8c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 459192 5ee6a6fbfa1548358ca2ad801e033340
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 144158 80581254defdb7d7b7d3af7069ff14b2
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 72716 7912412d5e675fb673132200d9d9117d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 480786 60e389b50aae477531b50dc2905f20b8
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 1594040 395947773b25b0692d566f9c6e47e0b4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 48414 9056405b51e0f2cad816e071a36776f4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 194714 caad1a28959aa7fea561dc06bef55346
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 55217666 f4f0f246c07a7ae1b44497fc00dbd8e3
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 244830 f074a00e007903e3771c66df7f3efcfa
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 30790 c1dec1bf28a20e1bd2a24833d2384bec
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 52576 c783203cfb164e0013fbfded1c1d0052
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 854404 560ba73fc55690189a271215f3ef2c2e
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 422532 b0ffc9c56df7f7f2445eee291c820749
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 11235082 9a80f5e8649a24c8c4da3b4f77f2d924
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 1597838 597ccee014ca55295e45cc97f98cf73c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 1455288 bfd8f94f8a4f65603cf0c3ad7762ab78
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_powerpc.deb
Size/MD5 checksum: 65100 8d6ca22bb24e9304c2030e99ac38279a
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 852900 ab84bcde1321f0b33c04686edbdd7f1d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 42392 47c06dcbbd608394b79a52ce13befe24
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 4336914 41015bf0edea53f8df86a3f0892b0516
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 186528 f627eabae0217449b946acbadd9d2885
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 245080 5d54afb9b1998f0cbe571c2d4bc63d98
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 4317764 3c3bf66ecd2a332dcee92f90ce8c7e76
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 55245590 565b4ec96fbf02ac81f9e08cf3af205a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 63496 ac31ab8ec8679251afc06f54d49aa4ee
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 1548988 516a92fd4db89942aa6b8e6a21ce02d0
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 10492564 9fd10fe6fd84eb14d3b23832eab65124
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 192324 f7ab5380c677edcf15ebdd8e4f184a34
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 45234 66f5a114119c904ad46e6e848154ecd2
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 70528 708da134eee0742b14bdc76af09c1627
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 449388 ddfe9418c152ae4a55042d85d69c9c37
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 1417152 806724b858f8c693c582360f544ee5de
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 1475076 3d24017f5b062c615f490301ac27214a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 14296138 9aeeb16c17f3034e55a0b7a82643417a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 142528 d836b52cf73b72199562d684a8eeb2ed
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 30558 8277d0f9382a8f7a4867d6a87711ea87
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 414206 91ad7bda75d6664b197485977a8955f2
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 30546 632c492577c5af53fc01161de449dabb
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 2154792 5b8fe3e7e176155dc97e5ffcfe7426fd
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 91685948 b8b0e9db0180b1c47c16bdd5746598ef
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 62314 c47784c1587ea7e4425a33495c9de617
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 2095460 145b66848768e0f8330e2edbc88db858
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 138826 7a8a21a09786137a9c13ab56988488ce
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 42386 64c89d29b0f5d0d84536105c6beff329
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 59058 a6cecbd3d78430f46b0317e2c9e0ea45
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 129886 76b18008de98800aed1777ddaf1d0a86
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 246406 43de5e12b7dcd643850775095b120a1c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 49912 e42ce220d1adfac8630ee0eed70ce2b9
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 3378234 976ddc4073eb8acbbd4bdb2d2fb3cf83
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_s390.deb
Size/MD5 checksum: 477090 d2fd78ee5b1d8b1b93830e5b9d10cea4
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 1612394 aeed09e1c797c6f3c78c2db6adddbd66
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 13513910 e11a313d02af5a5b79733f13ad5a9627
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 133442 e42268cd2ac22a6e0af50701d289d81b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 138466 b789834cb08512d7f2cf779cf00e60e9
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 62244 8d8fc29313a6ecec4863bc1eaf20b0a7
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 86626712 cbe2e0a6baeba262cf0f6134aca47998
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 238238 3fdf41c36cce556577084517cfe63c6d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 245044 919c3190e38c7ba7be27bdc24db75653
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 69856 a06755c7fc2a9974ab129bc02b2d7e5c
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 418010 5a8a929c3d633524085bac704917ab55
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 2098292 d926ce20c96607548bfbef73bba1ac8b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 180832 32e134535beccec0979de7d105ff7490
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 54687724 1088d3a4524de00036f2c88559c7ec07
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 49476 aa94973518edb2faaad42c2205aa930c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 45524 0fb2f6c5e15d90e2aeaaf96289a6ba17
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 60184 9e22d62c7c2d77a7d75644680ab9811c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 30810 45cf6b13c45cb2811780530b8a60f04a
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 1582588 ff25c993d3d60e229cef37321692a1fd
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 10547182 7243f1579c193aec7c3d472b65383861
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 1376686 edcdf57e4e38b4f3b2937de6b808a0f5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 3692006 a01a7f3e016589c2eba628a72c554064
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 186504 b008a5e95976305e9412c286195501c1
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 69522 29dfe86fa6214e7dedd4caa3e89f6fec
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 451670 cdd73f76458886fd7fc787d4c7145622
http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 4302930 65d8e1404fc0d9cfe0fb1f0e94be0900
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 4349116 3867bd57ca4431d98fe4a476c3580990
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 30802 9a791075b2a61d609b00964e08777ad4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 457166 c2ffc3b9e5128626418b082aacff0dcf
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 2110668 e01397334eae0b1520ec76d179f4b10b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 42510 e72b9f8cc81106c60ea68e600166b903
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 138498 c32afba000ebf7e606381e014ac6a424
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 42218 882c929eb6b8334340f3483c89e17eae
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 57508 590be78cb50ec0134ef9f1bfbc0e3595
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_sparc.deb
Size/MD5 checksum: 1053648 28d8a618c3eaf32fb797fa56e00a8f81
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAktoqrUACgkQNxpp46476apXlwCfX4/NGKODvpcR0lKw69TjHNlV
0CQAn37Oz00Rq3T2OwNDVTcTpYzDyCMJ
=yUgH
-----END PGP SIGNATURE-----
.
This update provides a solution to this vulnerability. (CVE-2009-1687). (CVE-2009-1690). (CVE-2009-0689).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.1:
c08161eacba6cdb1b0ba26babe5f8cc5 2009.1/i586/kdelibs4-core-4.2.4-0.8mdv2009.1.i586.rpm
933468cf4109252dac5119edd958f73d 2009.1/i586/kdelibs4-devel-4.2.4-0.8mdv2009.1.i586.rpm
96703a0ef0baf299647ff27d64cb0680 2009.1/i586/libkde3support4-4.2.4-0.8mdv2009.1.i586.rpm
e5f60ba41e5919fa77c313b204e1f712 2009.1/i586/libkdecore5-4.2.4-0.8mdv2009.1.i586.rpm
cf8af6e467cd1585c44e1cce01362526 2009.1/i586/libkdefakes5-4.2.4-0.8mdv2009.1.i586.rpm
1c9c04b5f6c0c59d2e5860b077e0c6e3 2009.1/i586/libkdesu5-4.2.4-0.8mdv2009.1.i586.rpm
89fe7c33c7e5bcc23595560ae4664bf6 2009.1/i586/libkdeui5-4.2.4-0.8mdv2009.1.i586.rpm
30b73ef58ac3a45ff86756ad09d0d555 2009.1/i586/libkdnssd4-4.2.4-0.8mdv2009.1.i586.rpm
a1f00af00ea7e52d9f187f1fe5ccdfe2 2009.1/i586/libkfile4-4.2.4-0.8mdv2009.1.i586.rpm
553486988b945307ee038cb41dcb76e6 2009.1/i586/libkhtml5-4.2.4-0.8mdv2009.1.i586.rpm
9d9501ff70e709c5ea32b35aa985688a 2009.1/i586/libkimproxy4-4.2.4-0.8mdv2009.1.i586.rpm
a2ec3f440eb6cf545abbc63a3d34c1e5 2009.1/i586/libkio5-4.2.4-0.8mdv2009.1.i586.rpm
4168e955b60a5a69d8f1e085b30d0424 2009.1/i586/libkjs4-4.2.4-0.8mdv2009.1.i586.rpm
bfcece9c73348c6415c48ec266877908 2009.1/i586/libkjsapi4-4.2.4-0.8mdv2009.1.i586.rpm
228ca7dc2a86fdc868a5937b16a7a08c 2009.1/i586/libkjsembed4-4.2.4-0.8mdv2009.1.i586.rpm
f6297ae0630eb6207895df9f2f971eb6 2009.1/i586/libkmediaplayer4-4.2.4-0.8mdv2009.1.i586.rpm
cf6113c17858d5e6e3c0e04622f8a66c 2009.1/i586/libknewstuff2_4-4.2.4-0.8mdv2009.1.i586.rpm
da55a2f428ad020834f7b91c0023ecf6 2009.1/i586/libknotifyconfig4-4.2.4-0.8mdv2009.1.i586.rpm
9fef466138ff78a3d6d3244998a9ba30 2009.1/i586/libkntlm4-4.2.4-0.8mdv2009.1.i586.rpm
4f7c0ad254ec1990f5dab1c0b959629d 2009.1/i586/libkparts4-4.2.4-0.8mdv2009.1.i586.rpm
8c58d6a9a6ec7fc21f287b2f4c2e9858 2009.1/i586/libkpty4-4.2.4-0.8mdv2009.1.i586.rpm
8ed500d050b95560d7eff6db26fa05ee 2009.1/i586/libkrosscore4-4.2.4-0.8mdv2009.1.i586.rpm
2d8d12d8a7bbfe18f6b04b9807795077 2009.1/i586/libkrossui4-4.2.4-0.8mdv2009.1.i586.rpm
8cc5c226e381b122983440b3440c1476 2009.1/i586/libktexteditor4-4.2.4-0.8mdv2009.1.i586.rpm
3c53941130fb8cc6d12b8cdea488f536 2009.1/i586/libkunittest4-4.2.4-0.8mdv2009.1.i586.rpm
3996bfcff0b2465c39c6ccdb8367f401 2009.1/i586/libkutils4-4.2.4-0.8mdv2009.1.i586.rpm
129a26ab20c792994113b5db00b7f7c4 2009.1/i586/libnepomuk4-4.2.4-0.8mdv2009.1.i586.rpm
0b88090e1cba0db59a3fb85c34e6b726 2009.1/i586/libplasma3-4.2.4-0.8mdv2009.1.i586.rpm
79b484a6c8e20db156fbe130c81e2001 2009.1/i586/libsolid4-4.2.4-0.8mdv2009.1.i586.rpm
ddd09e03af15f421b2e38b6f06c0247a 2009.1/i586/libthreadweaver4-4.2.4-0.8mdv2009.1.i586.rpm
fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
89f77418ccda86b51c7d32d011e88e9b 2009.1/x86_64/kdelibs4-core-4.2.4-0.8mdv2009.1.x86_64.rpm
d0b009e595350648b12cca1ee094802e 2009.1/x86_64/kdelibs4-devel-4.2.4-0.8mdv2009.1.x86_64.rpm
03db494c356e0b0823ddf697d42c0f50 2009.1/x86_64/lib64kde3support4-4.2.4-0.8mdv2009.1.x86_64.rpm
6d98531ba95a096fd49801f7df452776 2009.1/x86_64/lib64kdecore5-4.2.4-0.8mdv2009.1.x86_64.rpm
bf3845f586eeeaafab5e25442f4d8950 2009.1/x86_64/lib64kdefakes5-4.2.4-0.8mdv2009.1.x86_64.rpm
b9767fb69262886d60a7844ad6569e27 2009.1/x86_64/lib64kdesu5-4.2.4-0.8mdv2009.1.x86_64.rpm
d709c9fb8874c432d1b4e415e9c06858 2009.1/x86_64/lib64kdeui5-4.2.4-0.8mdv2009.1.x86_64.rpm
6d062780a7629eed7e93ab9e66daf633 2009.1/x86_64/lib64kdnssd4-4.2.4-0.8mdv2009.1.x86_64.rpm
f39c44bc7572d06921061c0ac5ef78c9 2009.1/x86_64/lib64kfile4-4.2.4-0.8mdv2009.1.x86_64.rpm
90f8ecd4967830ebff3b81732162fe33 2009.1/x86_64/lib64khtml5-4.2.4-0.8mdv2009.1.x86_64.rpm
005d7de69a0063a8dc396b9dffdf20ed 2009.1/x86_64/lib64kimproxy4-4.2.4-0.8mdv2009.1.x86_64.rpm
3924d83bf43990f7a7ba5d2eea29ef5d 2009.1/x86_64/lib64kio5-4.2.4-0.8mdv2009.1.x86_64.rpm
9124f0ce5f1643e4310ef0bfc5fda970 2009.1/x86_64/lib64kjs4-4.2.4-0.8mdv2009.1.x86_64.rpm
573504d0c305e757b3c163b9132264e4 2009.1/x86_64/lib64kjsapi4-4.2.4-0.8mdv2009.1.x86_64.rpm
917e5b175a3a5480e848dee6201e99d9 2009.1/x86_64/lib64kjsembed4-4.2.4-0.8mdv2009.1.x86_64.rpm
604cce29c11b2452b2744ff72e248b7c 2009.1/x86_64/lib64kmediaplayer4-4.2.4-0.8mdv2009.1.x86_64.rpm
bd75d3e4feaa98a3659ae5d113fe45f6 2009.1/x86_64/lib64knewstuff2_4-4.2.4-0.8mdv2009.1.x86_64.rpm
0a7d48b91c673f5908ce2d47a77746e2 2009.1/x86_64/lib64knotifyconfig4-4.2.4-0.8mdv2009.1.x86_64.rpm
a91967cfec8b470cc7520ac17590d41b 2009.1/x86_64/lib64kntlm4-4.2.4-0.8mdv2009.1.x86_64.rpm
0159bb033c507f20fb8bd77a7a8be43a 2009.1/x86_64/lib64kparts4-4.2.4-0.8mdv2009.1.x86_64.rpm
a062d0124cdea9dfcafb82ed2c5dfd54 2009.1/x86_64/lib64kpty4-4.2.4-0.8mdv2009.1.x86_64.rpm
8c0950479a23531a03836f7744d6b90d 2009.1/x86_64/lib64krosscore4-4.2.4-0.8mdv2009.1.x86_64.rpm
ca61efacf989bd4421d2c88abc440e3f 2009.1/x86_64/lib64krossui4-4.2.4-0.8mdv2009.1.x86_64.rpm
bcd31e87995de0f86ad9c363e87ea0d4 2009.1/x86_64/lib64ktexteditor4-4.2.4-0.8mdv2009.1.x86_64.rpm
23a0f2c640a20dd1be2b4475a9102cd6 2009.1/x86_64/lib64kunittest4-4.2.4-0.8mdv2009.1.x86_64.rpm
e49987a6d8016b6ac39011b6cac0b570 2009.1/x86_64/lib64kutils4-4.2.4-0.8mdv2009.1.x86_64.rpm
90d6806fa9dcd2ac1b71fc3b72dd4f81 2009.1/x86_64/lib64nepomuk4-4.2.4-0.8mdv2009.1.x86_64.rpm
4808080c578223d0bcb156e78f5d661f 2009.1/x86_64/lib64plasma3-4.2.4-0.8mdv2009.1.x86_64.rpm
e8cecb137634dfc738617b67a6d34122 2009.1/x86_64/lib64solid4-4.2.4-0.8mdv2009.1.x86_64.rpm
35c8778eaaa5465a8f15c27a57d8ed60 2009.1/x86_64/lib64threadweaver4-4.2.4-0.8mdv2009.1.x86_64.rpm
fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLX/3wmqjQ0CJFipgRApr4AKC7I0w56Y9GFgmZeeNIeUDGaXgxHQCg6N5C
YuntVxGlOXktJ3qUQl1SZ1Y=
=5Avg
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ===========================================================
Ubuntu Security Notice USN-857-1 November 10, 2009
qt4-x11 vulnerabilities
CVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698,
CVE-2009-1699, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713,
CVE-2009-1725
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.10:
libqt4-webkit 4.4.3-0ubuntu1.4
Ubuntu 9.04:
libqt4-webkit 4.5.0-0ubuntu4.3
After a standard system upgrade you need to restart your session to effect
the necessary changes.
Details follow:
It was discovered that QtWebKit did not properly handle certain SVGPathList
data structures. (CVE-2009-0945)
Several flaws were discovered in the QtWebKit browser and JavaScript
engines. (CVE-2009-1687,
CVE-2009-1690, CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)
It was discovered that QtWebKit did not properly handle certain XSL
stylesheets. (CVE-2009-1699, CVE-2009-1713)
It was discovered that QtWebKit did not prevent the loading of local Java
applets. (CVE-2009-1712)
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3-0ubuntu1.4.diff.gz
Size/MD5: 116770 f73a330179df7d453f50b286ea3a2c7a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3-0ubuntu1.4.dsc
Size/MD5: 2506 711cb90dfd206bd6553dbe0fb8ecd1e2
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3.orig.tar.gz
Size/MD5: 112939803 376c003317c4417326ba2116370227d0
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc-html_4.4.3-0ubuntu1.4_all.deb
Size/MD5: 25758932 0b783fa95d4d41487e58d43823806355
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc_4.4.3-0ubuntu1.4_all.deb
Size/MD5: 52821772 7d1f3762baf09178176e99e41a502a2b
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 19104 bdc4880e85e007e64d6c5fe8c7c1d81e
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 7560 b65d2d20cdac05a7e8a04c7b51bc6417
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 87571534 73643e89deb481e7a42785d6c65b4594
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 216798 85994fe5c3b286b137ec4f8f3ed9d55a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 2046478 9f4f973c93c20f88838b3b0e48548c75
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 5880176 87946243b9f91e6421a8275417bbecd5
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 7548 df209948939090506a2f3315aa8bb63a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 213524 556f130d7e1c1ec8f3c427888715807a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 432962 a8f5b6db939fd74616b7e666d32dbcbb
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 42350 6281fc06f2395d8462c2fd30ea3f1883
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 162238 3379fc614bd58cc9647b8c40782a45f3
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 1352676 528c9e209ba652d994292fbfb461cb60
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 435712 af2919097110286db882cba8c40958e1
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 34384 438d61efc4b1ec7af46ff7aaf15b9a8c
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 47234 692ccc3fdd023fa61b1646b3a1073e29
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 39112 cf94d41a0a91e71d3e6a7905705020c8
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 22452 4a020d5b8e2ff02532af056a6765af52
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 26432 5492f45d25d4dfb271318f662db0e50c
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 109136 0bde853eb0fef921984e5b9b24695a65
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 160746 b8a19545836d673dda2d1cad49901e5b
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 38064 61ee9cd2c51286c698ba738fbd8e4d13
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 53511494 25179f43545ee4f15fa70ff1c4211c66
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 3427782 f3c50589e42291ac643390b3b5056ad3
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 114482 7858ea28ed0ae9e48ebe2d5ebca219ab
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 13447008 3b146e17a13acfa50bfa6759232821e1
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 805718 d14b956e7b2c494ef5e359dff2bdb8fd
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 2094928 fad1c4be4f9242977cbb6c191ec19f09
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 4249322 cefb0f909b1913edd97aae55a4ef09c0
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 10502594 4af5ca52a2316f9290d0a99bd1683127
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 386118 35fd3567e5eaf2ecaefab37fe3f21701
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 1507998 8254b4ed13728d957ebf41f74d391c6b
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_amd64.deb
Size/MD5: 110220 8e379f1af97edacc7f40037fa342af7b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 19202 2303fd6083a47fe5b85ee1e46ff1ff7c
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 7556 30aabb9f249114d86f823795f7e621ff
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 86379828 eb07fdc2dcecb0f26707148362bb70ce
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 216268 96e19c8dc017357682acac62896c5b40
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 2072946 2fc1d9101e2132e43161e2fb600f886a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 5705332 24d5a30fd21ecae4ca3d5bf570b8347d
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 7548 527eb6b3bc6fc6fa3d7a4d26c967c919
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 212706 7bb944917c1fb9be6ce6b1cd056afca1
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 437368 f086dacfa27998d93fd8f093b0bacce3
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 42348 a2427fa3317fe01341ebe66ee3388c47
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 161130 2c4ebc05d22e3299359b9c64bcb8c3fd
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 1366348 68fef30b16caa835cd6330eec7c5c346
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 420458 ac91fb37161830ba3e0fd4b884639afd
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 33724 868ace8cd8b514b367db48a95217035e
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 47056 c918217593ebc473fc3d050285bec49d
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 38336 650d40a12071e2a04316edc5860788d1
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 22002 9087daddd7762b1df7a4b9df34166521
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 25898 06bcb1cfcb2df47e758bb89946f9aac6
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 108838 3f80ec6192ebdfd8807450a8aeac928a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 158310 24cf265a2f29818beb73709197bef2c3
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 37122 b536ef0ebc0dcfa6167cd4285e2ec19d
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 53126238 bc4c62409883fd6034f07baf1a765853
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 3241850 27d0122caabe919c984b0ff1f59334f9
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 112012 130f929f42286ce4927feb7f3dbd8d18
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 13302092 2deee7794c76d799c789a56c38147d8a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 758112 980c7e2f807f29c95ef51feee1bd6f87
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 2086300 e1d521ac4ef50e82235b61b0b0309c2a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 4285842 f79cbd461f5986a686e35b77e8838c7c
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 10346058 cd6b5dd99cc2496e60f65303a4d861e7
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 377632 0adfcc3c280368f734658d611c7f0c69
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 1487606 2f2e1e5f10fb8a9bbd94c647ae355135
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_i386.deb
Size/MD5: 109322 661b18bee424dcc2a108e960dbe51188
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 19118 975962361f82c04fe938397d732d5679
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 7556 5e9705e3675d4882a9040da75d934db7
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 86616234 5f8f6362ef3e45674f8c1480933f4714
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 218292 d89f63624713a3e9f34a7622fd754830
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 2075540 088236f1cb51516af7efb07eb9e859a5
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 5791558 693f36209c7728b4da4b3e2a310a2730
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 7546 765882dd4710771b9f01801c34173f17
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 215380 3000fb6b96014944c85f69d9be1e9314
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 439662 ca410c727f89f68f88ed7c32f08c7496
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 42346 d8670500e205ba66ca588d2020eb6e9b
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 163154 044e27e36b057295b8312b3326bb6d70
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 1369342 9945efb11009af3f7f875f4aa70c7fd1
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 429370 47ffb00ebb1918ae6b638872a76412b4
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 34006 b11c44e3a7e1d5ba2277e981de8928d5
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 47638 803c079d0a531b0a84043fc1f7c87d58
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 38608 054c5fa2ddbd80efd168dc072e951e0e
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 21992 ca7ada6adc17a99b713920b6452b2f87
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 25962 547542c994e3777e900287da869be0e7
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 108930 48566fe567ab5e3ae14185608cc5bd3a
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 159630 48eb3c78b4c28d745ef6862e9f5cac17
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 37444 695be042708d936061c289d78c86cd77
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 53250108 4e06206559a3470bad0730e8aec7e615
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 3227648 acbd67fa1648ca9ad1e10f021e66f8d2
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 110938 bae7d2f0c2c13b33123357102f19cba7
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 13316918 c5c409330384ba74489646dabbe9e1a8
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 749270 375901cd31337ffcce0677bef73b8e2b
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 2086296 46b733dc7e08126af4b343287396b051
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 4299788 efc7837ecb1aff0917414f020f4f7710
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 10380362 ee64ccc2462a1767363119ab130f86fb
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 382986 c5c48c0dc497b68bd661eea92b5678b8
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 1501518 06d78b9cb426e70bc1823f755b47cb16
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_lpia.deb
Size/MD5: 111312 2d5f5829685d661dc3b7408c99233f57
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 21316 45b1ea5b5050b2c0c876872af540089a
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 7562 4dea3a46b67dca117f5c8924389b90ef
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 90621650 d41925c8e7b667daed298626937652ab
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 226524 48a6eaf02c23089cdf5271b81386ac8c
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 2127276 685f37c1fdc371cfac83711b1dcbe425
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 5876318 f9777dc66d06e8a241a1a08171eca1ce
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 7546 446de6e1e94e17f515641bd91bc34e0f
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 221776 ed54fe99be13d94c994a8dc27a16d0e5
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 459056 586952d7ae2b7729d95db536f40b87b1
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 42336 2d51e9ef35064b75b94ff171ca51cbd0
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 173132 a8dce02d86a0341b4e73830baa2ff6ae
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 1435512 9fe6abc1dbc92dba076b088154406ae2
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 438202 72b3f451ee05252b81ff73fa22071b71
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 36940 2ff0cfbae3265612c7bfe005333dee20
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 49810 f6ba70b43ec1b6e504b047dad346eb25
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 41498 9d558baba4e4fbae203a9f72c1c8c150
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 24746 af57d713a5d1e216e350dc70ff7e76e0
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 28826 709982084d93ca6f9eca9e8554cac7ee
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 117160 56cb8f90e619174bde6f8da70d7deb21
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 172392 9598ce1608394ee2888309a6d2c4c943
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 41680 5cd082858ca6bf4ed2c67556508ff8d5
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 55519220 92115cc894051fa7bdb29eb6a2f8f088
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 3486770 24e725bf0c47a1108692f4bdd46d23fd
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 121160 944ca0755f1b8057c286f6d3c2e1f8ec
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 14047876 e1523a10c866ca8dc124947a25aeb34c
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 835254 d7dda3b37da92ca6cba70f941964a371
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 2188324 66bd658c0d8f80205ce8aa741a5c25d6
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 4537294 211ff93e7c8e41ee2881baec57f87b32
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 10999204 84090af5c87a89d7d696d00baaf87493
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 391756 7ebc072d2a2750262bb6cb1587c5505d
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 1530908 3fe67007771638ba35c2935a3432d1e6
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_powerpc.deb
Size/MD5: 111696 1a4f101db96d252c9a93b23f9c20f1fe
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 19006 53bc0f17fdc2e7e10938a259b30710c3
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 7560 3b86547b62162ec391f7945b0a71bbea
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 86584472 1490ec1af2900f0515fadf3d10b1c8b1
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 214836 b52c445f198c5d4c2fef5d0110862ed3
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 2082186 a59e474cf1aea5faa97d3c2f38b79768
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 5813064 0b29c127800c828ad782ea08f9869b95
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 7548 9784e2fd6bad6b99dec68f28bf95c013
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 221416 98421a8a2735b28ec69a79dcb12bc36a
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 434660 08d518f50779ab7696a49d5789983d08
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 42328 c483fc06c701a311895a8f912594d0ce
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 162370 6a1a2f6940287071f83b69dd0a2074ff
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 1351514 4971ee99b0763cdb1b95a350ca97b725
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 427020 65ee12f6a206cad658d7b4b51cac1c36
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 33654 125d67bc7a3343e16141209ae295f51b
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 46336 97bf93bcf238fb612b6db5254e72bf4e
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 38482 3e45668f681c73fe5b2f487e76af92bd
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 21700 6ee8cccd7f120782d7ae07d799adea37
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 25726 14c6e1834745ecf8c24d215bacc7273b
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 109626 46c957419dcf1328dc6e625f5044e087
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 157736 a15b042b86fd9af64e5818867a7bc971
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 36972 2e4f695e58caf79d93f7f929a3f5154a
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 54818118 ca0d50eb86ac4c4ed69bbfaac082b78d
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 3678126 639241e858bdf4bb280b8c9e24b945e8
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 114956 a7d5d4e9c6eb7a28d607a40b72563279
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 13545692 049544460c82e22450aee8e5d9db6110
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 1029752 3fefe6c4a287a6a59acf2494882e8757
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 2101436 2589e4a81b28459d1e1b9002b5402674
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 4283628 d2ed704202357f329e22cf5995f62651
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 10561886 6cb80130934f4dc83f3449c788251372
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 393816 50f8e31568a792c275dfb5dbbb75d2ab
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 1542060 e2e1180c629e4d08a56c506b482e2ca3
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_sparc.deb
Size/MD5: 113046 ca0bdbedc0b649fc9745a9c356c2f6e3
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0-0ubuntu4.3.diff.gz
Size/MD5: 113724 cf59da7b0c09550ff78b6164e87ee131
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0-0ubuntu4.3.dsc
Size/MD5: 2606 d75ba3f2a8b7a0fc5f17a6d013fd3466
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0.orig.tar.gz
Size/MD5: 125349021 ffbb1aaea2d538df7ec7694cd68750df
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc-html_4.5.0-0ubuntu4.3_all.deb
Size/MD5: 24035224 db61f130680cbfecaee7b2076d9b5b4b
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc_4.5.0-0ubuntu4.3_all.deb
Size/MD5: 51777244 2c5967ae92de35d935f22bb8cefdb7fb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 11622 737452fbf1eb644732601da4afe86d56
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 2310 4ab7edba7c683c4cd436ca6f6e43cc07
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 49977848 5a39a981a5a46f5b9833856aa8bd75ab
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 175462 33f715129fcbb8fe17cbf233afdd2735
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 1798666 b0abe77a5b60e101b8a4f796cee35b9d
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 6442006 3ec2ed8e896375977496d8aaba00fc0f
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 2442216 55bcb4ba4d60f160adee52790f282bf5
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 2300 b0ee4bbf483c8037799882f47a9ec95b
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 169046 f5cec0a5df796752c97289a7599a547f
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 379932 4a675e3de3c9ffeda60720b389dded9b
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 31006 6e065ba12e303945dfd4969c7b0e6108
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 150338 1389003b28ca5f92e5bb8c9577a36fbb
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 1033060 00e3845cefc2c24d676c64215cd3c1a4
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 349792 3a0b31c3ad9667c03ecd37efc863e27c
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 216816 66d2b7a90f14393d259bf12068f44a0a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 24020 787039fb8afe166961e56b21020c45c4
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 38326 8363daf729bf199a14566ed0054cb110
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 27504 cb2ea2f84ea939edcf662024a81187bf
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 14198 087d5a3f0143d20d87b346e1ef04b2e6
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 17152 4ec3302c7e7b40f41f276883eb1f9cf1
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 85832 94f0d14fcfc19c8dfd1a36a29a2d5825
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 129138 a32e5231e108b2f1c869b3631fc98dfe
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 41274 4450aea1e1c1078de1d6d43a77d80ef4
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 58479264 76487ff20906b41662cacb4cd8c4eedc
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 3635668 5d869921403fc9d4e1994b81b92ef122
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 87132 e9da8588cdb3f8995cb440d172f39a56
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 5521678 207d3c7382e7f7dab949b4761c819b67
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 653750 302a9fd3b69b1d41b8e65cd00a4a38b7
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 1490876 a5d562105e8c1d6f14e6c9e38f2f7c1f
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 3589934 59404b3094771d8d30fa4085456661b4
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 24216220 10b8cd267a0d68a7a2a08327e1db059a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 5480184 36ccc9b88e638cf13f3cfce9610d778b
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 247710 0021d694f10622ef0faac30d8f05ed6a
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 6913490 044d9347469b06b3b5c9a52708fb22d6
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 1826192 35ab7279b9e9fe1e93d8c754e0a53f73
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 1301118 10986e4c5ec819a976b7e49161939a16
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_amd64.deb
Size/MD5: 81282 14ffbbbb5b74a10ff0337d6a08fac291
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 11598 8db87ef71449e31c1ab389e26e305793
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 2314 ed908ab64c8ddc432935230e227df32c
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 48872540 78c072e9fc494fedd3e56ba2e6c5b14f
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 175422 3d97854e70da9c80dd6187a43c273da2
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 1821098 5c0b22bf30f5c0ad3e8e9c35fa29241d
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 6222664 8dc2d38b512ae20cf6c0e48f35446e55
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 2426558 bd753136ff81b7879b6d26bd5e6ccbeb
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 2302 96334f4e93762dd1a28ce34f6b6855dd
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 170522 4f124c0feff569d3a7aaf7a537fa5ede
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 386636 39614ce0a48380ec9c9b82b52d46fc48
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 31006 b8e6ffba684bb6aecfe7cf547d069591
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 150268 fd9fc1d937cc2186a241085727f69e45
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 1047674 917768ee99ad30e46d8ea162ba2a55a0
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 345124 783e3146d1d15e7e4b56177c2551dc8c
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 219532 dd4402ef905fe36edc219977b8b56522
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 23490 e3ae808d9546d39b318f2032a3efb2ed
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 38370 c3912b46f9819db92995814578905aaa
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 26944 6942237ccbe925f91da83a58d80257dc
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 13910 24fd6fdd62a853df103ccc5eb23f3ae9
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 16950 224500aeec4ee6c0bda83f1979f556b7
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 85482 35f8861a0f387877d757af2a4bcb74fb
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 127134 74b396cfbdfd52fc01a5b44feafddf40
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 40384 850f651e7b3692dd8f0359e1f6fa9912
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 59567434 bbf0c15e2947f809171025aecd169bf2
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 3642492 ccd71c16c7d07bd4883700a95a7e310d
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 85662 fc005d23610c7815031ccf67e44d57c2
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 5446004 9ceeb69be14e99aa371c34c48e0dd8e1
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 631616 58a2c5664efbc4969e273be8d3e51cb2
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 1495212 280e8771adeb6e48a31c1c00c65d097d
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 3638476 617f09457809107814b139fdaa11b2cd
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 23695874 19d12080a314954ef6184589c6e6ef64
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 5411704 8ffd319dca0814ec7bf90e392c79d75c
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 242498 cf300d706f60b14c9bdb26d38dfca4fc
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 6733760 802cb485899ba1684255b4189383e2a2
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 1801834 c95b326cd5047777a9b62cf96b842dfc
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 1275490 744e112dc6d57749d4e7c66043162d48
http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_i386.deb
Size/MD5: 80198 e4025eafa9ef6f848712cbb5d305da0b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 11586 35392a8aec66b9f6a80a3f37989a3e84
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 2310 bba9237a24419b96e34626f301cb53a1
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 49102028 35a51944c0b80faa25212c2e5d42af3a
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 179254 4dad09ed33bbf71e210fe99628eb8e5d
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 1845654 a3ccab02027a27ab368b4d76961f44d8
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 6301482 e970557325b93c7d3c82fc04e051ad5c
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 2460502 bd49c126c36b95c63b6356728557cdbb
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 2300 24c70a2289d01c6f1a675f18bd83fb0d
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 174932 e0b29a559a038c9e52d450d3063ae1c3
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 392598 cd76e9d7fbb3946eed667e73ff44350d
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 31002 85d63a39a01b18e425b60aa7f70fce23
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 154532 5d40f8b45c5cc367eb56e35680b3f81d
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 1063636 29e972e6c664c9d7f49f6ecb57b7249e
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 349202 6e483f50400f9bb3322d12d4cd2088a8
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 221612 f5cf566f6fae3460c4ffe038a2ca45eb
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 23800 a5e1ba153e219d5de887ab2f4c331724
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 39248 e2a9bf4f5860c536b5f6bb2dd36080ff
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 27270 6757ef004282dbcb41911519832e665c
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 13914 60e0b2ff89e2fcb170a9bad22fa5a426
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 17028 dc8248f423afcf49684aff36461b1928
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 86128 0013e3a3d503cd8930215ced2bb7e781
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 129896 502e1b866f8b4c93557ccfe37cf84ffd
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 40860 42258f710eafde8ba98cf0d70ed62bbe
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 59829124 f5e6ca21fab5632def632f1980d72968
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 3663718 3c60d09c9701b8583ee9b3ea63df1e09
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 85456 f4cd1db01939e7bea4cf1a14350318d0
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 5462674 73f928cbc1e2ab2a8b0cb35750e33363
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 635968 2ba32c9934c37fb858ef293861296660
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 1503558 71a10407ee8e2b0d8faca71803516543
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 3703968 70254633149e0177b8f40306e1c40119
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 23831210 a47cc662c799d56d39a098a55c7ff860
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 5460356 d0f2731a66583fca365275b4bf15bd43
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 247224 45221df9fac6b935e70f3d49f1641ec3
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 6766074 699d8557725cbc1d98b3facf908aa1af
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 1843474 1c07f5258466db532f77d046fc0464b4
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 1316972 524683da13e66e47fa34a6ddb7067473
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_lpia.deb
Size/MD5: 82774 b3f8e382739f03da9cb94626a2f5211f
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 12608 f70d7f88f98c710f00b8dec826a14945
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 2312 fc55af80a812eb5ffbf75ec3a7ee62aa
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 48136850 2863a8886de595c43068283ff45beb90
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 163234 3d9febce56214962ba436358228df2d4
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 1623414 d8dcdedae518133907c850aa8230bf56
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 6172098 8d8f8518ff54c90933966fe61729c7dd
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 2264658 67bb52a5f6d6b60300adfb85423c76ac
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 2304 30e86f2760dac7fd3f47c476447bd941
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 157492 6739e773252eb1cd70806bdb96665439
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 360428 215dd6ef03babb6a638c45781bb26af2
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 30994 4b457917bdeb91ba6cfcc02d9e0f1e77
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 148258 ebf113910c60bf1e199cd0e76f8b3115
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 957976 4d49fb9926a4219667b31b76fb75f58e
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 313972 4def22b0b2bf687f3d2f6a2f669230d5
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 203240 d56786ea920eb436f4ccbef49260eb4a
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 24312 b935bc753bd5ffdc7c97e542e55e0e6d
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 36972 a4079076c4edf8f0f2cd22be7866f2f6
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 27426 b36d025e2cf5335c15f6ee7d2314cf9e
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 15134 3be81591afc0f3e5614d582a982e17e7
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 18100 dffa427f519211a592132e1d2a5a48e7
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 83246 0c963279944d17e32d467758e84728ec
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 124342 f21e4e8d73ec525468ac0265c1c6ed3e
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 40800 721a48d0c19c7036ec6f7f3e8a1796e4
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 56672370 a1b88f4ee8294b49ebaab9ddd5fcf2df
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 3283702 f46252f44921409a43fa89af3a5b7e6f
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 83654 02ea31ab550db40086f5419daeb8bc24
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 5444754 86c71dabb153ac371a3a878a5bfa017f
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 582304 4ef1ec5872ab6fb0cfc33aef011dd051
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 1431880 fd055110524b4102c88431c9a094b6d5
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 3356692 414febb0dcdc2224bbc4d322bf071471
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 23665304 69d7736174682533b91910e9e9c4e221
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 5394298 4f88263c866b42b011ac6f70b999aa63
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 234970 a30574534ddc200af008c4aef6f830c9
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 6719304 be9f1a32584792b598c76560e7d4a75b
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 1681322 40d865a463a5d25a076bf6f55af65b90
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 1135018 91e9ded3076f1f141d29895358b062fa
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_powerpc.deb
Size/MD5: 76466 1c75a4de6f3f7a61c41dc97c1ed3bc56
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 10942 a7a4483b64af47318cdabbde9976a65b
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 2308 b0258f54da89aeda6b40cd6798e6f3ec
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 45231402 d00aea2071e583a895b6a89ff0234e12
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 151694 be8ca9b3ee9a1d47a98867c0aba4160e
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 1577576 93f34052ac88e45426f7e45a9c12d206
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 5656966 83e7d65e9aa03882c9a0e20605230a69
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 2225980 eac4944686a27b18f3d0e3a0dbfacc17
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 2302 c318da351836628e9c671eae39dafa9a
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 151930 3adca0e45ff6ad23b8258a6717e645cb
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 339444 4bf57591f2c0cc91b69ec0dd1ad0fd30
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 30998 80ecbcd1452055000371a473d8d5fcf5
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 132308 d31962f23a576d6ed29b81d92107d353
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 895788 305fff66ad3943d35384fcb245391228
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 287534 0b5d15fd5302e8430dedad0a002a2503
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 195514 8073d183a54598751563df5efe14f135
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 21426 a8e378abcf5f61aa9085346481b2c7e0
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 31290 d18c888585cfc914c046777d61de2189
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 24464 1a69a86a46673d987ccd6d85f578ee0e
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 12748 5538aadc52d0481f0512e2d87289dc15
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 15496 27b6dde8f85dda5c9bdaa7c165b639b4
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 75964 31c5dbb4d87a23faa146d7224df6fa02
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 109566 79711b8ffb0fb8ea2afa7582375449d4
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 36522 c2f8d5c388c435d666a7339ecf4829df
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 56966338 c120bb1bb4e2edde9bd6349db63bc76a
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 3409284 28669d24488ef04d5bca9220839f7767
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 76352 70dd584dc3c8c9964b427ce0ed3fe5a6
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 5165042 73f9ba9346195ffacf82f84d1ba44c03
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 660376 90e3f41308b8bb4188314c4ec57069a0
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 1352448 0661edc6b955441c5feeb681fe740831
http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 3175982 7a704629253865d41165a33e60a57763
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 22594146 b071a350741d3c8ee3094c887839108e
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 5333208 d0538ce1add58ae9eb2709a28aace8bd
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 233350 bc5b53dfcba69468f73eabd6988a3a62
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 6177274 233d55a34a9c290561f714970196859a
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 1678528 27d97ffe2e9c93cf2412004d03a793fe
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 1093456 20100354350ea3a0150400a593fbb401
http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_sparc.deb
Size/MD5: 76636 6aa6be976ebfa14c11ef8ae811cfb711
. iDefense Security Advisory 06.08.09
http://labs.idefense.com/intelligence/vulnerabilities/
Jun 08, 2009
I. BACKGROUND
WebKit is an open source web browser engine. It is currently used by the
Apple Inc.'s Safari browser, as well as by Google's Chrome browser. For
more information, see the vendor's site at the following link.
http://webkit.org/
II. DESCRIPTION
Remote exploitation of a memory corruption vulnerability in multiple
vendors' WebKit browser engine could allow an attacker to execute
arbitrary code with the privileges of the current user.
The vulnerability occurs when JavaScript code is used to set a certain
property of an HTML tag within a web page. When JavaScript code sets
this property, child elements of the tag are freed. However, when an
error in the remaining HTML is encountered, these previously freed tag
values are referenced. The freed memory is then treated as a C++
object, which can lead to attacker controlled values being used as
function pointers.
III. ANALYSIS
Exploitation of this vulnerability results in the execution of arbitrary
code with the privileges of the user viewing the web page. To exploit
this vulnerability, a targeted user must load a malicious web page
created by an attacker. An attacker typically accomplishes this via
social engineering or injecting content into compromised, trusted
sites. After the user visits the malicious web page, no further user
interaction is needed.
WebKit is used by multiple applications, including Google Chrome and
Apple Safari (including Safari on the iPhone). Affected versions are
listed in the Detection field of this report.
IV. DETECTION
iDefense has confirmed the existence of this vulnerability in
WebKit-r42162. Previous versions may also be affected. Additionally,
the following applications that use WebKit have been determined to be
vulnerable:
Google Chrome 1.0.154.53
Safari 3.2.1 (5525.27.1)
Safari 3.1.1 running on iPhone 2.2.1 (5525.27.1)
V. WORKAROUND
Disabling JavaScript will prevent exploitation of this vulnerability.
VI. VENDOR RESPONSE
Apple Inc. has released a patch which addresses this issue. For more
information, consult their advisory at the following URL:
http://support.apple.com/kb/HT3613
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2009-1690 to this issue. This is a candidate for inclusion in
the CVE list (http://cve.mitre.org/), which standardizes names for
security problems.
VIII. DISCLOSURE TIMELINE
04/13/2009 - Initial Contact
04/14/2009 - Initial response
04/22/2009 - PoC Requested
04/23/2009 - PoC Sent
05/18/2009 - Apple inquiry about Safari 4
05/21/2009 - Responded to Apple inquiry
06/08/2009 - Coordinated public disclosure
IX. CREDIT
This vulnerability was reported to iDefense by wushi&ling of team509.
Get paid for vulnerability research
http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events
http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2009 iDefense, Inc.
Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDefense. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically,
please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct,
indirect, or consequential loss or damage arising from use of, or
reliance on, this information.
This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10,
which brings many bugfixes, overall improvements and many security
fixes.
kdegraphics contains security fixes for
CVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1179,1180,1181,1182,1183
kdelibs contains security fixes for
CVE-2009-0689,1687,1690,1698,2702,1725,2537
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers |
|
var-201804-1225
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the "WebKit" component. It allows attackers to trigger an assertion failure by leveraging improper array indexing. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. An attacker can exploit this vulnerability to cause an assertion to fail. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2018-0003
------------------------------------------------------------------------
Date reported : April 04, 2018
Advisory ID : WSA-2018-0003
Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html
CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114,
CVE-2018-4117, CVE-2018-4118, CVE-2018-4119,
CVE-2018-4120, CVE-2018-4122, CVE-2018-4125,
CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161,
CVE-2018-4162, CVE-2018-4163, CVE-2018-4165.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Yuan Deng of Ant-financial Light-Year Security Lab.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to OSS-Fuzz.
Impact: Unexpected interaction with indexing types causing an ASSERT
failure. Description: An array indexing issue existed in the
handling of a function in JavaScriptCore. This issue was addressed
through improved checks.
Credit to OSS-Fuzz.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher.
Impact: A malicious website may exfiltrate data cross-origin.
Description: A cross-origin issue existed with the fetch API. This
was addressed through improved input validation.
Credit to Jun Kokatsu (@shhnjk).
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher working with Trend Microys Zero
Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher working with Trend Microys Zero
Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Zach Markley.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to likemeng of Baidu Security Lab working with Trend Micro's
Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify
(detectify.com), Yuji Tounai of NTT Communications Corporation.
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack. This issue was addressed with improved URL
validation.
Credit to OSS-Fuzz.
Impact: Processing maliciously crafted web content may lead to a
denial of service. Description: A memory corruption issue was
addressed through improved input validation.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
April 04, 2018
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2018-3-29-2 watchOS 4.3
watchOS 4.3 is now available and addresses the following:
CoreFoundation
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
File System Events
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4143: derrek (@derrekr6)
NSURLSession
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel GroA (@5aelo)
Quick Look
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4157: Samuel GroA (@5aelo)
Security
Available for: All Apple Watch models
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)
System Preferences
Available for: All Apple Watch models
Impact: A configuration profile may incorrectly remain in effect
after removal
Description: An issue existed in CFPreferences.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlspHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZhfA//
QhXriKk82GO1fdVRi/k9EQEVNpin8cU62yjgBF3nLEoZeLKRkaZMLsoEzBZ/sOtY
v4VEJzRFcrVbDmmFtrA1ECEHe3w7tEydO9CjQsfesZ6TZRSO08ZD5fwE1Q0Jzqq7
43Dlt9/9Y+Fai48wYatj6yKfrjsF1yTnRr83M3C9mrbNJGgZ7yQeMyZ2iu+NcSry
XnsK5xoESTH3dmc9+3MCj7h8Fw5MYaWCLPD/jS7iTQDJ9tpJhB+Rw0Z6cQxBNvYn
/Sd3XiGvg0aOf3VJW/uodQFEBbBt9V2huCMsaKCLdcdTU+xZ6agmAQ9O5a/rpebP
Qa844Ug+CjHT3p8UdldRO/RTjtWhO4s1n/eK1uaJUajqv557qJni+c3GNYtjIk/U
TMb+5A7y5f3mVLIgEXaKiK8LwfXPKFXgXIWQk/Nsxda2fYHFupAm54uDx3flor2Z
ec7/7yyE7hQJ3BdalRMOTRz8+ZTKN+YZcnls6XstNWp2w+vhqj8Uo16RQG7ga5Uw
+tKm/eUe5AdHtjqFzcSfmOrS7XHXEjvqCTCDLIyoP3eWaxsxdfsN3oKOCpjRbYqU
jGZjPUVxBzx+/evM1irbtlF4GHXuGdryDvbtFMt2l7t5/gnvsZkrt0Ij93XEC79i
ARG0K0zkbtxBQF7qrn2cu/5e+LC217rBLtgO5HpxNEU=
=FEXo
-----END PGP SIGNATURE-----
. ==========================================================================
Ubuntu Security Notice USN-3635-1
April 30, 2018
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3635-1
CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,
CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,
CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,
CVE-2018-4163, CVE-2018-4165
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1
.
CVE-2018-4102: Kai Zhao of 3H security team
CVE-2018-4116: @littlelailo, xisigr of Tencent's Xuanwu Lab
(tencent.com)
Safari Login AutoFill
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.4
Impact: A malicious website may be able to exfiltrate autofilled data
in Safari without explicit user interaction.
Description: Safari autofill did not require explicit user
interaction before taking place.
CVE-2018-4146: found by OSS-Fuzz
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A cross-origin issue existed with the fetch API.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
Additional recognition
WebKit
We would like to acknowledge Johnny Nipper of Tinder Security Team
for their assistance.
Installation note:
Safari 11.1 may be obtained from the Mac App Store |
|
var-201912-0574
|
An out-of-bounds read was addressed with improved input validation. Apple macOS, watchOS, iOS and tvOS are prone to the following security vulnerabilities:
1. Multiple denial-of-service vulnerabilities
2. Multiple information-disclosure vulnerabilities
3. Multiple memory-corruption vulnerabilities
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information and cause denial-of-service conditions. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. Foundation is one of the frameworks that provides basic system services for all applications. A buffer error vulnerability exists in Foundation components in several Apple products. Apple tvOS could allow a remote malicious user to execute arbitrary code on the system, caused by an out-of-bounds read in the Foundation component.
CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole
Tippenhauer of CISPA, Germany, and Prof.
CVE-2019-8644: G. Ltd.
CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative
CVE-2019-8671: Apple
CVE-2019-8672: Samuel Groß of Google Project Zero
CVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech
CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech
CVE-2019-8677: Jihui Lu of Tencent KeenLab
CVE-2019-8678: Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong
(@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu
(@straight_blast) of VX Browser Exploitation Group, Chris Chan
(@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok
(@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0)
of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of
Venustech
CVE-2019-8679: Jihui Lu of Tencent KeenLab
CVE-2019-8680: Jihui Lu of Tencent KeenLab
CVE-2019-8681: G.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: iPhone 6s and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5)
UIFoundation
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8771: Eliya Stein of Confiant
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
|
|
var-201609-0593
|
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions. OpenSSL is prone to denial-of-service vulnerability.
An attacker may exploit this issue to cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: openssl security update
Advisory ID: RHSA-2016:1940-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html
Issue date: 2016-09-27
CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179
CVE-2016-2180 CVE-2016-2181 CVE-2016-2182
CVE-2016-6302 CVE-2016-6304 CVE-2016-6306
=====================================================================
1. Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and
Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.
(CVE-2016-2178)
* It was discovered that the Datagram TLS (DTLS) implementation could fail
to release memory in certain cases. A malicious DTLS client could cause a
DTLS server using OpenSSL to consume an excessive amount of memory and,
possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw
to make a DTLS server using OpenSSL to reject further packets sent from a
DTLS client over an established DTLS connection. (CVE-2016-2181)
* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()
function. (CVE-2016-2182)
* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL
protocol. A man-in-the-middle attacker could use this flaw to recover some
plaintext data by capturing large amounts of encrypted traffic between
TLS/SSL server and client if the communication used a DES/3DES based
ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES
cipher suites so they are not preferred over cipher suites using AES. For
compatibility reasons, DES cipher suites remain enabled by default and
included in the set of cipher suites identified by the HIGH cipher string.
Future updates may move them to MEDIUM or not enable them by default.
* An integer underflow flaw leading to a buffer over-read was found in the
way OpenSSL parsed TLS session tickets. (CVE-2016-6302)
* Multiple integer overflow flaws were found in the way OpenSSL performed
pointer arithmetic. A remote attacker could possibly use these flaws to
cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
* An out of bounds read flaw was found in the way OpenSSL formatted Public
Key Infrastructure Time-Stamp Protocol data for printing. An attacker could
possibly cause an application using OpenSSL to crash if it printed time
stamp data from the attacker. A remote attacker could
possibly use these flaws to crash a TLS/SSL server or client using OpenSSL.
(CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304
and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.
5. Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase
1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation
1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()
1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()
1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection
1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer
1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks
1377594 - CVE-2016-6306 openssl: certificate message OOB reads
1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
openssl-1.0.1e-48.el6_8.3.src.rpm
i386:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-perl-1.0.1e-48.el6_8.3.i686.rpm
openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
openssl-1.0.1e-48.el6_8.3.src.rpm
i386:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64:
openssl-1.0.1e-48.el6_8.3.ppc.rpm
openssl-1.0.1e-48.el6_8.3.ppc64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm
openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm
openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x:
openssl-1.0.1e-48.el6_8.3.s390.rpm
openssl-1.0.1e-48.el6_8.3.s390x.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm
openssl-devel-1.0.1e-48.el6_8.3.s390.rpm
openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-perl-1.0.1e-48.el6_8.3.i686.rpm
openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64:
openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm
openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm
openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x:
openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm
openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm
openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64:
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
openssl-1.0.1e-48.el6_8.3.src.rpm
i386:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-perl-1.0.1e-48.el6_8.3.i686.rpm
openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64:
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source:
openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64:
openssl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.7.i686.rpm
openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-devel-1.0.1e-51.el7_2.7.i686.rpm
openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-static-1.0.1e-51.el7_2.7.i686.rpm
openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64:
openssl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.7.i686.rpm
openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-devel-1.0.1e-51.el7_2.7.i686.rpm
openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-static-1.0.1e-51.el7_2.7.i686.rpm
openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64:
openssl-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm
openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm
openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le:
openssl-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x:
openssl-1.0.1e-51.el7_2.7.s390x.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm
openssl-devel-1.0.1e-51.el7_2.7.s390.rpm
openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm
openssl-libs-1.0.1e-51.el7_2.7.s390.rpm
openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64:
openssl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-devel-1.0.1e-51.el7_2.7.i686.rpm
openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.7.i686.rpm
openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-static-1.0.1e-51.el7_2.7.ppc.rpm
openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le:
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x:
openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm
openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm
openssl-static-1.0.1e-51.el7_2.7.s390.rpm
openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64:
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-static-1.0.1e-51.el7_2.7.i686.rpm
openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64:
openssl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-devel-1.0.1e-51.el7_2.7.i686.rpm
openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.7.i686.rpm
openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-static-1.0.1e-51.el7_2.7.i686.rpm
openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-2177
https://access.redhat.com/security/cve/CVE-2016-2178
https://access.redhat.com/security/cve/CVE-2016-2179
https://access.redhat.com/security/cve/CVE-2016-2180
https://access.redhat.com/security/cve/CVE-2016-2181
https://access.redhat.com/security/cve/CVE-2016-2182
https://access.redhat.com/security/cve/CVE-2016-6302
https://access.redhat.com/security/cve/CVE-2016-6304
https://access.redhat.com/security/cve/CVE-2016-6306
https://access.redhat.com/security/updates/classification/#important
https://www.openssl.org/news/secadv/20160922.txt
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI
xpTW7ApBLmKhVjs49DGYouI=
=4VgY
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. This software, such as Apache HTTP Server, is
common to multiple JBoss middleware products, and is packaged under Red Hat
JBoss Core Services to allow for faster distribution of updates, and for a
more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23
Service Pack 1 serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in
the Release Notes document linked to in the References. (CVE-2016-6304)
* It was discovered that the mod_session_crypto module of httpd did not use
any mechanisms to verify integrity of the encrypted session data stored in
the user's browser. (CVE-2016-0736)
* It was discovered that the mod_auth_digest module of httpd did not
properly check for memory allocation failures.
(CVE-2016-8610)
* It was discovered that the HTTP parser in httpd incorrectly allowed
certain characters not permitted by the HTTP protocol specification to
appear unencoded in HTTP request headers. If httpd was used in conjunction
with a proxy or backend server that interpreted those characters
differently, a remote attacker could possibly use this flaw to inject data
into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)
* A vulnerability was found in httpd's handling of the LimitRequestFields
directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker
could send crafted requests with headers larger than the server's available
memory, causing httpd to crash. After installing the updated
packages, the httpd daemon will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/):
1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
1401528 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2
1406744 - CVE-2016-0736 httpd: Padding Oracle in Apache mod_session_crypto
1406753 - CVE-2016-2161 httpd: DoS vulnerability in mod_auth_digest
1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects
1412120 - CVE-2016-7056 openssl: ECDSA P-256 timing attack key recovery
6. JIRA issues fixed (https://issues.jboss.org/):
JBCS-318 - Errata for httpd 2.4.23 SP1 RHEL 6
7. ==========================================================================
Ubuntu Security Notice USN-3087-1
September 22, 2016
openssl vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL. This
issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)
Quan Luo discovered that OpenSSL did not properly restrict the lifetime
of queue entries in the DTLS implementation. (CVE-2016-2181)
Shi Lei discovered that OpenSSL incorrectly validated division results.
(CVE-2016-2182)
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES
ciphers were vulnerable to birthday attacks.
(CVE-2016-2183)
Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)
Shi Lei discovered that OpenSSL incorrectly performed certain message
length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
libssl1.0.0 1.0.2g-1ubuntu4.4
Ubuntu 14.04 LTS:
libssl1.0.0 1.0.1f-1ubuntu2.20
Ubuntu 12.04 LTS:
libssl1.0.0 1.0.1-4ubuntu5.37
After a standard system update you need to reboot your computer to make
all the necessary changes.
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies. If sendfile processing completed quickly, it was
possible for the Processor to be added to the processor cache twice. This
could lead to invalid responses or information disclosure. (CVE-2017-5647)
* A vulnerability was discovered in the error page mechanism in Tomcat's
DefaultServlet implementation. A crafted HTTP request could cause undesired
side effects, possibly including the removal or replacement of the custom
error page.
The References section of this erratum contains a download link (you must
log in to download the update). Description:
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server. For
further information, see the knowledge base article linked to in the
References section. The JBoss server process must be restarted for the update
to take effect.
If that client continually requests renegotiation, sending a large OCSP Status
Request extension each time, then there will be unbounded memory growth on the
server. This will eventually lead to a Denial Of Service attack through memory
exhaustion. Servers with a default configuration are vulnerable even if they do
not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default
configuration, instead only if an application explicitly enables OCSP stapling
support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL
development team.
SSL_peek() hang on empty record (CVE-2016-6305)
===============================================
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an
empty record. This could be exploited by a malicious peer in a Denial Of Service
attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The
fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
==================================
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms
that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based
ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in
OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these
ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan
Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the
OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
==========================================
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or
through the EVP_DigestUpdate() function using MDC2. If an attacker
is able to supply very large amounts of input data after a previous
call to EVP_EncryptUpdate() with a partial block then a length check
can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical
on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
===========================================
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
DoS attack where a malformed ticket will result in an OOB read which will
ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires
a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
========================================
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word().
This can cause an OOB write if an application uses this function with an
overly large BIGNUM. This could be a problem if an overly large certificate
or CRL is printed out from an untrusted source. TLS is not affected because
record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
==============================================
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is
the total length the OID text representation would use and not the amount
of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
======================================================
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner:
"p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and
limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS
message).
The rules of C pointer arithmetic are such that "p + len" is only well
defined where len <= SIZE. Therefore the above idiom is actually
undefined behaviour.
For example this could cause problems if some malloc implementation
provides an address for "p" such that "p + len" actually overflows for
values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The
fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
===============================================================
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to
avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that
a non-constant time codepath is followed for certain operations. This has been
demonstrated through a cache-timing attack to be sufficient for an attacker to
recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto
University), Billy Brumley (Tampere University of Technology), and Yuval Yarom
(The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
=========================================
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those
messages that OpenSSL is not yet ready to process will be buffered for later
use. Under certain circumstances, a flaw in the logic means that those messages
do not get removed from the buffer even though the handshake has been completed.
An attacker could force up to approx. 15 messages to remain in the buffer when
they are no longer required. These messages will be cleared when the DTLS
connection is closed. The default maximum size for a message is 100k. Therefore
the attacker could force an additional 1500k to be consumed per connection. By
opening many simulataneous connections an attacker could cause a DoS attack
through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was
developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
==========================================
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that
arrive for future epochs update the replay protection "window" before the MAC
for the record has been validated. This could be exploited by an attacker by
sending a record for the next epoch (which does not have to decrypt or have a
valid MAC), with a very large sequence number. This means that all subsequent
legitimate packets are dropped causing a denial of service for a specific
DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team.
The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
=============================================
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in
OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical
DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and
server certificate. As a result the attack can only be performed against
a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
==========================================================================
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message.
This would allow for messages up to 16Mb in length. Messages of this length are
excessive and OpenSSL includes a check to ensure that a peer is sending
reasonably sized messages in order to avoid too much memory being consumed to
service a connection. A flaw in the logic of version 1.1.0 means that memory for
the message is allocated too early, prior to the excessive message length
check. Due to way memory is allocated in OpenSSL this could mean an attacker
could force up to 21Mb to be allocated to service a connection. This could lead
to a Denial of Service through memory exhaustion. However, the excessive message
length check still takes place, and this would cause the connection to
immediately fail. Assuming that the application calls SSL_free() on the failed
conneciton in a timely manner then the 21Mb of allocated memory will then be
immediately freed again. Therefore the excessive memory allocation will be
transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the
event that the connection fails
or
2) The application is working in a constrained environment where there
is very little free memory
or
3) The attacker initiates multiple connection attempts such that there
are multiple connections in a state where memory has been allocated for
the connection; SSL_free() has not yet been called; and there is
insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to
be transitory because as soon as the connection fails the memory is
subsequently freed again in the SSL_free() call. However there is an
increased risk during this period of application crashes due to the lack
of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL
development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
=============================================================================
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different
but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message.
This would allow for messages up to 16Mb in length. Messages of this length are
excessive and OpenSSL includes a check to ensure that a peer is sending
reasonably sized messages in order to avoid too much memory being consumed to
service a connection. A flaw in the logic of version 1.1.0 means that memory for
the message is allocated too early, prior to the excessive message length
check. Due to way memory is allocated in OpenSSL this could mean an attacker
could force up to 21Mb to be allocated to service a connection. This could lead
to a Denial of Service through memory exhaustion. However, the excessive message
length check still takes place, and this would cause the connection to
immediately fail. Assuming that the application calls SSL_free() on the failed
conneciton in a timely manner then the 21Mb of allocated memory will then be
immediately freed again. Therefore the excessive memory allocation will be
transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the
event that the connection fails
or
2) The application is working in a constrained environment where there
is very little free memory
or
3) The attacker initiates multiple connection attempts such that there
are multiple connections in a state where memory has been allocated for
the connection; SSL_free() has not yet been called; and there is
insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to
be transitory because as soon as the connection fails the memory is
subsequently freed again in the SSL_free() call. However there is an
increased risk during this period of application crashes due to the lack
of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL
development team.
Note
====
As per our previous announcements and our Release Strategy
(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL
version 1.0.1 will cease on 31st December 2016. No security updates for that
version will be provided after that date. Users of 1.0.1 are advised to
upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those
versions are no longer receiving security updates.
References
==========
URL for this Security Advisory:
https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details
over time.
For details of OpenSSL severity classifications please see:
https://www.openssl.org/policies/secpolicy.html
|
|
var-202010-1294
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the RenderWidget class. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 13.6; iPadOS prior to 13.6; tvOS prior to 13.4.8; watchOS prior to 6.2.8; Safari prior to 13.1.2; Windows-based iTunes prior to 12.10.8.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:5633-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5633
Issue date: 2021-02-24
CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461
CVE-2018-14462 CVE-2018-14463 CVE-2018-14464
CVE-2018-14465 CVE-2018-14466 CVE-2018-14467
CVE-2018-14468 CVE-2018-14469 CVE-2018-14470
CVE-2018-14553 CVE-2018-14879 CVE-2018-14880
CVE-2018-14881 CVE-2018-14882 CVE-2018-16227
CVE-2018-16228 CVE-2018-16229 CVE-2018-16230
CVE-2018-16300 CVE-2018-16451 CVE-2018-16452
CVE-2018-20843 CVE-2019-3884 CVE-2019-5018
CVE-2019-6977 CVE-2019-6978 CVE-2019-8625
CVE-2019-8710 CVE-2019-8720 CVE-2019-8743
CVE-2019-8764 CVE-2019-8766 CVE-2019-8769
CVE-2019-8771 CVE-2019-8782 CVE-2019-8783
CVE-2019-8808 CVE-2019-8811 CVE-2019-8812
CVE-2019-8813 CVE-2019-8814 CVE-2019-8815
CVE-2019-8816 CVE-2019-8819 CVE-2019-8820
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-9455 CVE-2019-9458
CVE-2019-11068 CVE-2019-12614 CVE-2019-13050
CVE-2019-13225 CVE-2019-13627 CVE-2019-14889
CVE-2019-15165 CVE-2019-15166 CVE-2019-15903
CVE-2019-15917 CVE-2019-15925 CVE-2019-16167
CVE-2019-16168 CVE-2019-16231 CVE-2019-16233
CVE-2019-16935 CVE-2019-17450 CVE-2019-17546
CVE-2019-18197 CVE-2019-18808 CVE-2019-18809
CVE-2019-19046 CVE-2019-19056 CVE-2019-19062
CVE-2019-19063 CVE-2019-19068 CVE-2019-19072
CVE-2019-19221 CVE-2019-19319 CVE-2019-19332
CVE-2019-19447 CVE-2019-19524 CVE-2019-19533
CVE-2019-19537 CVE-2019-19543 CVE-2019-19602
CVE-2019-19767 CVE-2019-19770 CVE-2019-19906
CVE-2019-19956 CVE-2019-20054 CVE-2019-20218
CVE-2019-20386 CVE-2019-20387 CVE-2019-20388
CVE-2019-20454 CVE-2019-20636 CVE-2019-20807
CVE-2019-20812 CVE-2019-20907 CVE-2019-20916
CVE-2020-0305 CVE-2020-0444 CVE-2020-1716
CVE-2020-1730 CVE-2020-1751 CVE-2020-1752
CVE-2020-1971 CVE-2020-2574 CVE-2020-2752
CVE-2020-2922 CVE-2020-3862 CVE-2020-3864
CVE-2020-3865 CVE-2020-3867 CVE-2020-3868
CVE-2020-3885 CVE-2020-3894 CVE-2020-3895
CVE-2020-3897 CVE-2020-3898 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-6405 CVE-2020-7595 CVE-2020-7774
CVE-2020-8177 CVE-2020-8492 CVE-2020-8563
CVE-2020-8566 CVE-2020-8619 CVE-2020-8622
CVE-2020-8623 CVE-2020-8624 CVE-2020-8647
CVE-2020-8648 CVE-2020-8649 CVE-2020-9327
CVE-2020-9802 CVE-2020-9803 CVE-2020-9805
CVE-2020-9806 CVE-2020-9807 CVE-2020-9843
CVE-2020-9850 CVE-2020-9862 CVE-2020-9893
CVE-2020-9894 CVE-2020-9895 CVE-2020-9915
CVE-2020-9925 CVE-2020-10018 CVE-2020-10029
CVE-2020-10732 CVE-2020-10749 CVE-2020-10751
CVE-2020-10763 CVE-2020-10773 CVE-2020-10774
CVE-2020-10942 CVE-2020-11565 CVE-2020-11668
CVE-2020-11793 CVE-2020-12465 CVE-2020-12655
CVE-2020-12659 CVE-2020-12770 CVE-2020-12826
CVE-2020-13249 CVE-2020-13630 CVE-2020-13631
CVE-2020-13632 CVE-2020-14019 CVE-2020-14040
CVE-2020-14381 CVE-2020-14382 CVE-2020-14391
CVE-2020-14422 CVE-2020-15157 CVE-2020-15503
CVE-2020-15862 CVE-2020-15999 CVE-2020-16166
CVE-2020-24490 CVE-2020-24659 CVE-2020-25211
CVE-2020-25641 CVE-2020-25658 CVE-2020-25661
CVE-2020-25662 CVE-2020-25681 CVE-2020-25682
CVE-2020-25683 CVE-2020-25684 CVE-2020-25685
CVE-2020-25686 CVE-2020-25687 CVE-2020-25694
CVE-2020-25696 CVE-2020-26160 CVE-2020-27813
CVE-2020-27846 CVE-2020-28362 CVE-2020-29652
CVE-2021-2007 CVE-2021-3121
=====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.7.0 is now available.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.7.0. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2020:5634
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel
ease-notes.html
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64
The image digest is
sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-s390x
The image digest is
sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le
The image digest is
sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6
All OpenShift Container Platform 4.7 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -between-minor.html#understanding-upgrade-channels_updating-cluster-between
- -minor.
Security Fix(es):
* crewjam/saml: authentication bypass in saml authentication
(CVE-2020-27846)
* golang: crypto/ssh: crafted authentication request can lead to nil
pointer dereference (CVE-2020-29652)
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index
validation (CVE-2021-3121)
* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)
* kubernetes: Secret leaks in kube-controller-manager when using vSphere
Provider (CVE-2020-8563)
* containernetworking/plugins: IPv6 router advertisements allow for MitM
attacks on IPv4 clusters (CVE-2020-10749)
* heketi: gluster-block volume password details available in logs
(CVE-2020-10763)
* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)
* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)
* golang-github-gorilla-websocket: integer overflow leads to denial of
service (CVE-2020-27813)
* golang: math/big: panic during recursive division of very large numbers
(CVE-2020-28362)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
For OpenShift Container Platform 4.7, see the following documentation,
which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel
ease-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -cli.html.
4. Bugs fixed (https://bugzilla.redhat.com/):
1620608 - Restoring deployment config with history leads to weird state
1752220 - [OVN] Network Policy fails to work when project label gets overwritten
1756096 - Local storage operator should implement must-gather spec
1756173 - /etc/udev/rules.d/66-azure-storage.rules missing from initramfs
1768255 - installer reports 100% complete but failing components
1770017 - Init containers restart when the exited container is removed from node.
1775057 - [MSTR-485] Cluster is abnormal after etcd backup/restore when the backup is conducted during etcd encryption is migrating
1775444 - RFE: k8s cpu manager does not restrict /usr/bin/pod cpuset
1777038 - Cluster scaled beyond host subnet limits does not fire alert or cleanly report why it cannot scale
1777224 - InfraID in metadata.json and .openshift_install_state.json is not consistent when repeating `create` commands
1784298 - "Displaying with reduced resolution due to large dataset." would show under some conditions
1785399 - Under condition of heavy pod creation, creation fails with 'error reserving pod name ...: name is reserved"
1797766 - Resource Requirements" specDescriptor fields - CPU and Memory injects empty string YAML editor
1801089 - [OVN] Installation failed and monitoring pod not created due to some network error.
1805025 - [OSP] Machine status doesn't become "Failed" when creating a machine with invalid image
1805639 - Machine status should be "Failed" when creating a machine with invalid machine configuration
1806000 - CRI-O failing with: error reserving ctr name
1806915 - openshift-service-ca: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be
1806917 - openshift-service-ca-operator: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be
1810438 - Installation logs are not gathered from OCP nodes
1812085 - kubernetes-networking-namespace-pods dashboard doesn't exist
1812412 - Monitoring Dashboard: on restricted cluster, query timed out in expression evaluation
1813012 - EtcdDiscoveryDomain no longer needed
1813949 - openshift-install doesn't use env variables for OS_* for some of API endpoints
1816812 - OpenShift test suites are not resilient to rate limited registries (like docker.io) and cannot control their dependencies for offline use
1819053 - loading OpenAPI spec for "v1beta1.metrics.k8s.io" failed with: OpenAPI spec does not exist
1819457 - Package Server is in 'Cannot update' status despite properly working
1820141 - [RFE] deploy qemu-quest-agent on the nodes
1822744 - OCS Installation CI test flaking
1824038 - Integration Tests: StaleElementReferenceError in OLM single-installmode scenario
1825892 - StorageClasses and PVs are not cleaned completely after running the csi verification tool
1826301 - Wrong NodeStatus reports in file-integrity scan when configuration error in aide.conf file
1829723 - User workload monitoring alerts fire out of the box
1832968 - oc adm catalog mirror does not mirror the index image itself
1833012 - Lower OVNKubernetes HTTP E/W performance compared with OpenShiftSDN
1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
1834995 - olmFull suite always fails once th suite is run on the same cluster
1836017 - vSphere UPI: Both Internal and External load balancers for kube-apiserver should use /readyz
1837953 - Replacing masters doesn't work for ovn-kubernetes 4.4
1838352 - OperatorExited, Pending marketplace-operator-... pod for several weeks
1838751 - [oVirt][Tracker] Re-enable skipped network tests
1839239 - csi-snapshot-controller flickers Degraded=True on etcd hiccups
1840759 - [aws-ebs-csi-driver] The volume created by aws ebs csi driver can not be deleted when the cluster is destroyed
1841039 - authentication-operator: Add e2e test for password grants to Keycloak being set as OIDC IdP
1841119 - Get rid of config patches and pass flags directly to kcm
1841175 - When an Install Plan gets deleted, OLM does not create a new one
1841381 - Issue with memoryMB validation
1841885 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option
1844727 - Etcd container leaves grep and lsof zombie processes
1845387 - CVE-2020-10763 heketi: gluster-block volume password details available in logs
1847074 - Filter bar layout issues at some screen widths on search page
1848358 - CRDs with preserveUnknownFields:true don't reflect in status that they are non-structural
1849543 - [4.5]kubeletconfig's description will show multiple lines for finalizers when upgrade from 4.4.8->4.5
1851103 - Use of NetworkManager-wait-online.service in rhcos-growpart.service
1851203 - [GSS] [RFE] Need a simpler representation of capactiy breakdown in total usage and per project breakdown in OCS 4 dashboard
1851351 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing
1851693 - The `oc apply` should return errors instead of hanging there when failing to create the CRD
1852289 - Upgrade testsuite fails on ppc64le environment - Unsupported LoadBalancer service
1853115 - the restriction of --cloud option should be shown in help text.
1853116 - `--to` option does not work with `--credentials-requests` flag.
1853352 - [v2v][UI] Storage Class fields Should Not be empty in VM disks view
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854567 - "Installed Operators" list showing "duplicated" entries during installation
1855325 - [Feature:Prometheus][Conformance] Prometheus when installed on the cluster [Top Level] [Feature:Prometheus][Conformance] Prometheus when installed on the cluster should report telemetry if a cloud.openshift.com token is present
1855351 - Inconsistent Installer reactions to Ctrl-C during user input process
1855408 - OVN cluster unstable after running minimal scale test
1856351 - Build page should show metrics for when the build ran, not the last 30 minutes
1856354 - New APIServices missing from OpenAPI definitions
1857446 - ARO/Azure: excessive pod memory allocation causes node lockup
1857877 - Operator upgrades can delete existing CSV before completion
1858578 - [v2v] [ui] VM import RHV to CNV Target VM Name longer than 63 chars should not be allowed
1859174 - [IPI][OSP] Having errors from 4.3 to 4.6 about Security group rule already created
1860136 - default ingress does not propagate annotations to route object on update
1860322 - [OCPv4.5.2] after unexpected shutdown one of RHV Hypervisors, OCP worker nodes machine are marked as "Failed"
1860518 - unable to stop a crio pod
1861383 - Route with `haproxy.router.openshift.io/timeout: 365d` kills the ingress controller
1862430 - LSO: PV creation lock should not be acquired in a loop
1862489 - LSO autoprovisioning should exclude top level disks that are part of LVM volume group.
1862608 - Virtual media does not work on hosts using BIOS, only UEFI
1862918 - [v2v] User should only select SRIOV network when importin vm with SRIOV network
1865743 - Some pods are stuck in ContainerCreating and some sdn pods are in CrashLoopBackOff
1865839 - rpm-ostree fails with "System transaction in progress" when moving to kernel-rt
1866043 - Configurable table column headers can be illegible
1866087 - Examining agones helm chart resources results in "Oh no!"
1866261 - Need to indicate the intentional behavior for Ansible in the `create api` help info
1866298 - [RHOCS Usability Study][Installation] Labeling the namespace should be a part of the installation flow or be clearer as a requirement
1866320 - [RHOCS Usability Study][Dashboard] Users were confused by Available Capacity and the Total Capacity
1866334 - [RHOCS Usability Study][Installation] On the Operator installation page, there’s no indication on which labels offer tooltip/help
1866340 - [RHOCS Usability Study][Dashboard] It was not clear why “No persistent storage alerts” was prominently displayed
1866343 - [RHOCS Usability Study][Dashboard] User wanted to know the time frame for Data Consumption, e.g I/O Operations
1866445 - kola --basic-qemu-scenarios scenario fail on ppc64le & s390x
1866482 - Few errors are seen when oc adm must-gather is run
1866605 - No metadata.generation set for build and buildconfig objects
1866873 - MCDDrainError "Drain failed on , updates may be blocked" missing rendered node name
1866901 - Deployment strategy for BMO allows multiple pods to run at the same time
1866925 - openshift-install destroy cluster should fail quickly when provided with invalid credentials on Azure.
1867165 - Cannot assign static address to baremetal install bootstrap vm
1867380 - When using webhooks in OCP 4.5 fails to rollout latest deploymentconfig
1867400 - [OCs 4.5]UI should not allow creation of second storagecluster of different mode in a single OCS
1867477 - HPA monitoring cpu utilization fails for deployments which have init containers
1867518 - [oc] oc should not print so many goroutines when ANY command fails
1867608 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster
1867965 - OpenShift Console Deployment Edit overwrites deployment yaml
1868004 - opm index add appears to produce image with wrong registry server binary
1868065 - oc -o jsonpath prints possible warning / bug "Unable to decode server response into a Table"
1868104 - Baremetal actuator should not delete Machine objects
1868125 - opm index add is not creating an index with valid images when --permissive flag is added, the index is empty instead
1868384 - CLI does not save login credentials as expected when using the same username in multiple clusters
1868527 - OpenShift Storage using VMWare vSAN receives error "Failed to add disk 'scsi0:2'" when mounted pod is created on separate node
1868645 - After a disaster recovery pods a stuck in "NodeAffinity" state and not running
1868748 - ClusterProvisioningIP in baremetal platform has wrong JSON annotation
1868765 - [vsphere][ci] could not reserve an IP address: no available addresses
1868770 - catalogSource named "redhat-operators" deleted in a disconnected cluster
1868976 - Prometheus error opening query log file on EBS backed PVC
1869293 - The configmap name looks confusing in aide-ds pod logs
1869606 - crio's failing to delete a network namespace
1870337 - [sig-storage] Managed cluster should have no crashlooping recycler pods over four minutes
1870342 - [sig-scheduling] SchedulerPredicates [Serial] validates resource limits of pods that are allowed to run [Conformance]
1870373 - Ingress Operator reports available when DNS fails to provision
1870467 - D/DC Part of Helm / Operator Backed should not have HPA
1870728 - openshift-install creates expired ignition files from stale .openshift_install_state.json
1870800 - [4.6] Managed Column not appearing on Pods Details page
1871170 - e2e tests are needed to validate the functionality of the etcdctl container
1872001 - EtcdDiscoveryDomain no longer needed
1872095 - content are expanded to the whole line when only one column in table on Resource Details page
1872124 - Could not choose device type as "disk" or "part" when create localvolumeset from web console
1872128 - Can't run container with hostPort on ipv6 cluster
1872166 - 'Silences' link redirects to unexpected 'Alerts' view after creating a silence in the Developer perspective
1872251 - [aws-ebs-csi-driver] Verify job in CI doesn't check for vendor dir sanity
1872786 - Rules in kube-apiserver.rules are taking too long and consuming too much memory for Prometheus to evaluate them
1872821 - [DOC] Typo in Ansible Operator Tutorial
1872907 - Fail to create CR from generated Helm Base Operator
1872923 - Click "Cancel" button on the "initialization-resource" creation form page should send users to the "Operator details" page instead of "Install Operator" page (previous page)
1873007 - [downstream] failed to read config when running the operator-sdk in the home path
1873030 - Subscriptions without any candidate operators should cause resolution to fail
1873043 - Bump to latest available 1.19.x k8s
1873114 - Nodes goes into NotReady state (VMware)
1873288 - Changing Cluster-Wide Pull Secret Does Not Trigger Updates In Kubelet Filesystem
1873305 - Failed to power on /inspect node when using Redfish protocol
1873326 - Accessibility - The symbols e.g checkmark in the overview page has no text description, label, or other accessible information
1873480 - Accessibility - No text description, alt text, label, or other accessible information associated with the help icon: “?” button/icon in Developer Console ->Navigation
1873556 - [Openstack] HTTP_PROXY setting for NetworkManager-resolv-prepender not working
1873593 - MCO fails to cope with ContainerRuntimeConfig thas has a name > 63 characters
1874057 - Pod stuck in CreateContainerError - error msg="container_linux.go:348: starting container process caused \"chdir to cwd (\\\"/mount-point\\\") set in config.json failed: permission denied\""
1874074 - [CNV] Windows 2019 Default Template Not Defaulting to Proper NIC/Storage Driver
1874192 - [RFE] "Create Backing Store" page doesn't allow to select already defined k8s secret as target bucket credentials when Google Cloud Storage is selected as a provider
1874240 - [vsphere] unable to deprovision - Runtime error list attached objects
1874248 - Include validation for vcenter host in the install-config
1874340 - vmware: NodeClockNotSynchronising alert is triggered in openshift cluster after upgrading form 4.4.16 to 4.5.6
1874583 - apiserver tries and fails to log an event when shutting down
1874584 - add retry for etcd errors in kube-apiserver
1874638 - Missing logging for nbctl daemon
1874736 - [downstream] no version info for the helm-operator
1874901 - add utm_source parameter to Red Hat Marketplace URLs for attribution
1874968 - Accessibility: The project selection drop down is a keyboard trap
1875247 - Dependency resolution error "found more than one head for channel" is unhelpful for users
1875516 - disabled scheduling is easy to miss in node page of OCP console
1875598 - machine status is Running for a master node which has been terminated from the console
1875806 - When creating a service of type "LoadBalancer" (Kuryr,OVN) communication through this loadbalancer failes after 2-5 minutes.
1876166 - need to be able to disable kube-apiserver connectivity checks
1876469 - Invalid doc link on yaml template schema description
1876701 - podCount specDescriptor change doesn't take effect on operand details page
1876815 - Installer uses the environment variable OS_CLOUD for manifest generation despite explicit prompt
1876935 - AWS volume snapshot is not deleted after the cluster is destroyed
1877071 - vSphere IPI - Nameserver limits were exceeded, some nameservers have been omitted
1877105 - add redfish to enabled_bios_interfaces
1877116 - e2e aws calico tests fail with `rpc error: code = ResourceExhausted`
1877273 - [OVN] EgressIP cannot fail over to available nodes after one egressIP node shutdown
1877648 - [sriov]VF from allocatable and capacity of node is incorrect when the policy is only 'rootDevices'
1877681 - Manually created PV can not be used
1877693 - dnsrecords specify recordTTL as 30 but the value is null in AWS Route 53
1877740 - RHCOS unable to get ip address during first boot
1877812 - [ROKS] IBM cloud failed to terminate OSDs when upgraded between internal builds of OCS 4.5
1877919 - panic in multus-admission-controller
1877924 - Cannot set BIOS config using Redfish with Dell iDracs
1878022 - Met imagestreamimport error when import the whole image repository
1878086 - OCP 4.6+OCS 4.6(multiple SC) Internal Mode- UI should populate the default "Filesystem Name" instead of providing a textbox, & the name should be validated
1878301 - [4.6] [UI] Unschedulable used to always be displayed when Node is Ready status
1878701 - After deleting and recreating a VM with same name, the VM events contain the events from the old VM
1878766 - CPU consumption on nodes is higher than the CPU count of the node.
1878772 - On the nodes there are up to 547 zombie processes caused by thanos and Prometheus.
1878823 - "oc adm release mirror" generating incomplete imageContentSources when using "--to" and "--to-release-image"
1878845 - 4.5 to 4.6.rc.4 upgrade failure: authentication operator health check connection refused for multitenant mode
1878900 - Installer complains about not enough vcpu for the baremetal flavor where generic bm flavor is being used
1878953 - RBAC error shows when normal user access pvc upload page
1878956 - `oc api-resources` does not include API version
1878972 - oc adm release mirror removes the architecture information
1879013 - [RFE]Improve CD-ROM interface selection
1879056 - UI should allow to change or unset the evictionStrategy
1879057 - [CSI Certificate Test] Test failed for CSI certification tests for CSIdriver openshift-storage.rbd.csi.ceph.com with RWX enabled
1879094 - RHCOS dhcp kernel parameters not working as expected
1879099 - Extra reboot during 4.5 -> 4.6 upgrade
1879244 - Error adding container to network "ipvlan-host-local": "master" field is required
1879248 - OLM Cert Dir for Webhooks does not align SDK/Kubebuilder
1879282 - Update OLM references to point to the OLM's new doc site
1879283 - panic after nil pointer dereference in pkg/daemon/update.go
1879365 - Overlapping, divergent openshift-cluster-storage-operator manifests
1879419 - [RFE]Improve boot source description for 'Container' and ‘URL’
1879430 - openshift-object-counts quota is not dynamically updating as the resource is deleted.
1879565 - IPv6 installation fails on node-valid-hostname
1879777 - Overlapping, divergent openshift-machine-api namespace manifests
1879878 - Messages flooded in thanos-querier pod- oauth-proxy container: Authorization header does not start with 'Basic', skipping basic authentication in Log message in thanos-querier pod the oauth-proxy
1879930 - Annotations shouldn't be removed during object reconciliation
1879976 - No other channel visible from console
1880068 - image pruner is not aware of image policy annotation, StatefulSets, etc.
1880148 - dns daemonset rolls out slowly in large clusters
1880161 - Actuator Update calls should have fixed retry time
1880259 - additional network + OVN network installation failed
1880389 - Pipeline Runs with skipped Tasks incorrectly show Tasks as "Failed"
1880410 - Convert Pipeline Visualization node to SVG
1880417 - [vmware] Fail to boot with Secure Boot enabled, kernel lockdown denies iopl access to afterburn
1880443 - broken machine pool management on OpenStack
1880450 - Host failed to install because its installation stage joined took longer than expected 20m0s.
1880473 - IBM Cloudpak operators installation stuck "UpgradePending" with InstallPlan status updates failing due to size limitation
1880680 - [4.3] [Tigera plugin] - openshift-kube-proxy fails - Failed to execute iptables-restore: exit status 4 (iptables-restore v1.8.4 (nf_tables)
1880785 - CredentialsRequest missing description in `oc explain`
1880787 - No description for Provisioning CRD for `oc explain`
1880902 - need dnsPlocy set in crd ingresscontrollers
1880913 - [DeScheduler] - change loglevel from Info to Error when priority class given in the descheduler params is not present in the cluster
1881027 - Cluster installation fails at with error : the container name \"assisted-installer\" is already in use
1881046 - [OSP] openstack-cinder-csi-driver-operator doesn't contain required manifests and assets
1881155 - operator install authentication: Authentication require functional ingress which requires at least one schedulable and ready node
1881268 - Image uploading failed but wizard claim the source is available
1881322 - kube-scheduler not scheduling pods for certificates not renewed automatically after nodes restoration
1881347 - [v2v][ui]VM Import Wizard does not call Import provider cleanup
1881881 - unable to specify target port manually resulting in application not reachable
1881898 - misalignment of sub-title in quick start headers
1882022 - [vsphere][ipi] directory path is incomplete, terraform can't find the cluster
1882057 - Not able to select access modes for snapshot and clone
1882140 - No description for spec.kubeletConfig
1882176 - Master recovery instructions don't handle IP change well
1882191 - Installation fails against external resources which lack DNS Subject Alternative Name
1882209 - [ BateMetal IPI ] local coredns resolution not working
1882210 - [release 4.7] insights-operator: Fix bug in reflector not recovering from "Too large resource version"
1882268 - [e2e][automation]Add Integration Test for Snapshots
1882361 - Retrieve and expose the latest report for the cluster
1882485 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use
1882556 - git:// protocol in origin tests is not currently proxied
1882569 - CNO: Replacing masters doesn't work for ovn-kubernetes 4.4
1882608 - Spot instance not getting created on AzureGovCloud
1882630 - Fstype is changed after deleting pv provisioned by localvolumeset instance
1882649 - IPI installer labels all images it uploads into glance as qcow2
1882653 - The Approval should display the Manual after the APPROVAL changed to Manual from the Automatic
1882658 - [RFE] Volume Snapshot is not listed under inventory in Project Details page
1882660 - Operators in a namespace should be installed together when approve one
1882667 - [ovn] br-ex Link not found when scale up RHEL worker
1882723 - [vsphere]Suggested mimimum value for providerspec not working
1882730 - z systems not reporting correct core count in recording rule
1882750 - [sig-api-machinery][Feature:APIServer][Late] kubelet terminates kube-apiserver gracefully
1882781 - nameserver= option to dracut creates extra NM connection profile
1882785 - Multi-Arch CI Jobs destroy libvirt network but occasionally leave it defined
1882844 - [IPI on vsphere] Executing 'openshift-installer destroy cluster' leaves installer tag categories in vsphere
1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability
1883388 - Bare Metal Hosts Details page doesn't show Mainitenance and Power On/Off status
1883422 - operator-sdk cleanup fail after installing operator with "run bundle" without installmode and og with ownnamespace
1883425 - Gather top installplans and their count
1883502 - Logging is broken due to mix of k8s.io/klog v1 and v2
1883523 - [sig-cli] oc adm must-gather runs successfully for audit logs [Suite:openshift/conformance/parallel]
1883538 - must gather report "cannot file manila/aws ebs/ovirt csi related namespaces and objects" error
1883560 - operator-registry image needs clean up in /tmp
1883563 - Creating duplicate namespace from create namespace modal breaks the UI
1883614 - [OCP 4.6] [UI] UI should not describe power cycle as "graceful"
1883642 - [sig-imageregistry][Feature:ImageTriggers][Serial] ImageStream admission TestImageStreamAdmitSpecUpdate
1883660 - e2e-metal-ipi CI job consistently failing on 4.4
1883765 - [user workload monitoring] improve latency of Thanos sidecar when streaming read requests
1883766 - [e2e][automation] Adjust tests for UI changes
1883768 - [user workload monitoring] The Prometheus operator should discard invalid TLS configurations
1883773 - opm alpha bundle build fails on win10 home
1883790 - revert "force cert rotation every couple days for development" in 4.7
1883803 - node pull secret feature is not working as expected
1883836 - Jenkins imagestream ubi8 and nodejs12 update
1883847 - The UI does not show checkbox for enable encryption at rest for OCS
1883853 - go list -m all does not work
1883905 - race condition in opm index add --overwrite-latest
1883946 - Understand why trident CSI pods are getting deleted by OCP
1884035 - Pods are illegally transitioning back to pending
1884041 - e2e should provide error info when minimum number of pods aren't ready in kube-system namespace
1884131 - oauth-proxy repository should run tests
1884165 - Repos should be disabled in -firstboot.service before OS extensions are applied
1884221 - IO becomes unhealthy due to a file change
1884258 - Node network alerts should work on ratio rather than absolute values
1884270 - Git clone does not support SCP-style ssh locations
1884334 - CVO marks an upgrade as failed when an operator takes more than 20 minutes to rollout
1884435 - vsphere - loopback is randomly not being added to resolver
1884565 - oauth-proxy crashes on invalid usage
1884584 - Kuryr controller continuously restarting due to unable to clean up Network Policy
1884613 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users
1884628 - ovs-configuration service fails when the external network is configured on a tagged vlan on top of a bond device on a baremetal IPI deployment
1884629 - Visusally impaired user using screen reader not able to select Admin/Developer console options in drop down menu.
1884632 - Adding BYOK disk encryption through DES
1884654 - Utilization of a VMI is not populated
1884655 - KeyError on self._existing_vifs[port_id]
1884664 - Operator install page shows "installing..." instead of going to install status page
1884672 - Failed to inspect hardware. Reason: unable to start inspection: 'idrac'
1884691 - Installer blocks cloud-credential-operator manual mode on GCP and Azure
1884724 - Quick Start: Serverless quickstart doesn't match Operator install steps
1884739 - Node process segfaulted
1884824 - Update baremetal-operator libraries to k8s 1.19
1885002 - network kube-rbac-proxy scripts crashloop rather than non-crash looping
1885138 - Wrong detection of pending state in VM details
1885151 - [Cloud Team - Cluster API Provider Azure] Logging is broken due to mix of k8s.io/klog v1 and v2
1885165 - NoRunningOvnMaster alert falsely triggered
1885170 - Nil pointer when verifying images
1885173 - [e2e][automation] Add test for next run configuration feature
1885179 - oc image append fails on push (uploading a new layer)
1885213 - Vertical Pod Autoscaler (VPA) not working with DeploymentConfig
1885218 - [e2e][automation] Add virtctl to gating script
1885223 - Sync with upstream (fix panicking cluster-capacity binary)
1885235 - Prometheus: Logging is broken due to mix of k8s.io/klog v1 and v2
1885241 - kube-rbac-proxy: Logging is broken due to mix of k8s.io/klog v1 and v2
1885243 - prometheus-adapter: Logging is broken due to mix of k8s.io/klog v1 and v2
1885244 - prometheus-operator: Logging is broken due to mix of k8s.io/klog v1 and v2
1885246 - cluster-monitoring-operator: Logging is broken due to mix of k8s.io/klog v1 and v2
1885249 - openshift-state-metrics: Logging is broken due to mix of k8s.io/klog v1 and v2
1885308 - Supermicro nodes failed to boot via disk during installation when using IPMI and UEFI
1885315 - unit tests fail on slow disks
1885319 - Remove redundant use of group and kind of DataVolumeTemplate
1885343 - Console doesn't load in iOS Safari when using self-signed certificates
1885344 - 4.7 upgrade - dummy bug for 1880591
1885358 - add p&f configuration to protect openshift traffic
1885365 - MCO does not respect the install section of systemd files when enabling
1885376 - failed to initialize the cluster: Cluster operator marketplace is still updating
1885398 - CSV with only Webhook conversion can't be installed
1885403 - Some OLM events hide the underlying errors
1885414 - Need to disable HTX when not using HTTP/2 in order to preserve HTTP header name case
1885425 - opm index add cannot batch add multiple bundles that use skips
1885543 - node tuning operator builds and installs an unsigned RPM
1885644 - Panic output due to timeouts in openshift-apiserver
1885676 - [OCP 4.7]UI should fallback to minimal deployment only after total CPU < 30 || totalMemory < 72 GiB for initial deployment
1885702 - Cypress: Fix 'aria-hidden-focus' accesibility violations
1885706 - Cypress: Fix 'link-name' accesibility violation
1885761 - DNS fails to resolve in some pods
1885856 - Missing registry v1 protocol usage metric on telemetry
1885864 - Stalld service crashed under the worker node
1885930 - [release 4.7] Collect ServiceAccount statistics
1885940 - kuryr/demo image ping not working
1886007 - upgrade test with service type load balancer will never work
1886022 - Move range allocations to CRD's
1886028 - [BM][IPI] Failed to delete node after scale down
1886111 - UpdatingopenshiftStateMetricsFailed: DeploymentRollout of openshift-monitoring/openshift-state-metrics: got 1 unavailable replicas
1886134 - Need to set GODEBUG=x509ignoreCN=0 in initrd
1886154 - System roles are not present while trying to create new role binding through web console
1886166 - 1885517 Clone - Not needed for 4.7 - upgrade from 4.5->4.6 causes broadcast storm
1886168 - Remove Terminal Option for Windows Nodes
1886200 - greenwave / CVP is failing on bundle validations, cannot stage push
1886229 - Multipath support for RHCOS sysroot
1886294 - Unable to schedule a pod due to Insufficient ephemeral-storage
1886327 - Attempt to add a worker using bad roodDeviceHint: bmh and machine become Provisioned, no error in status
1886353 - [e2e][automation] kubevirt-gating job fails for a missing virtctl URL
1886397 - Move object-enum to console-shared
1886423 - New Affinities don't contain ID until saving
1886435 - Azure UPI uses deprecated command 'group deployment'
1886449 - p&f: add configuration to protect oauth server traffic
1886452 - layout options doesn't gets selected style on click i.e grey background
1886462 - IO doesn't recognize namespaces - 2 resources with the same name in 2 namespaces -> only 1 gets collected
1886488 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest
1886524 - Change default terminal command for Windows Pods
1886553 - i/o timeout experienced from build02 when targeting CI test cluster during test execution
1886600 - panic: assignment to entry in nil map
1886620 - Application behind service load balancer with PDB is not disrupted
1886627 - Kube-apiserver pods restarting/reinitializing periodically
1886635 - CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider
1886636 - Panic in machine-config-operator
1886749 - Removing network policy from namespace causes inability to access pods through loadbalancer.
1886751 - Gather MachineConfigPools
1886766 - PVC dropdown has 'Persistent Volume' Label
1886834 - ovn-cert is mandatory in both master and node daemonsets
1886848 - [OSP] machine instance-state annotation discrepancy with providerStatus.instanceState
1886861 - ordered-values.yaml not honored if values.schema.json provided
1886871 - Neutron ports created for hostNetworking pods
1886890 - Overwrite jenkins-agent-base imagestream
1886900 - Cluster-version operator fills logs with "Manifest: ..." spew
1886922 - [sig-network] pods should successfully create sandboxes by getting pod
1886973 - Local storage operator doesn't include correctly populate LocalVolumeDiscoveryResult in console
1886977 - [v2v]Incorrect VM Provider type displayed in UI while importing VMs through VMIO
1887010 - Imagepruner met error "Job has reached the specified backoff limit" which causes image registry degraded
1887026 - FC volume attach fails with “no fc disk found” error on OCP 4.6 PowerVM cluster
1887040 - [upgrade] ovs pod crash for rhel worker when upgarde from 4.5 to 4.6
1887046 - Event for LSO need update to avoid confusion
1887088 - cluster-node-tuning-operator refers to missing cluster-node-tuned image
1887375 - User should be able to specify volumeMode when creating pvc from web-console
1887380 - Unsupported access mode should not be available to select when creating pvc by aws-ebs-csi-driver(gp2-csi) from web-console
1887392 - openshift-apiserver: delegated authn/z should have ttl > metrics/healthz/readyz/openapi interval
1887428 - oauth-apiserver service should be monitored by prometheus
1887441 - ingress misconfiguration may break authentication but ingress operator keeps reporting "degraded: False"
1887454 - [sig-storage] In-tree Volumes [Driver: azure-disk] [Testpattern: Dynamic PV (ext4)] volumes should store data
1887456 - It is impossible to attach the default NIC to a bridge with the latest version of OVN Kubernetes
1887465 - Deleted project is still referenced
1887472 - unable to edit application group for KSVC via gestures (shift+Drag)
1887488 - OCP 4.6: Topology Manager OpenShift E2E test fails: gu workload attached to SRIOV networks should let resource-aligned PODs have working SRIOV network interface
1887509 - Openshift-tests conformance TopologyManager tests run when Machine Config Operator is not installed on cluster
1887525 - Failures to set master HardwareDetails cannot easily be debugged
1887545 - 4.5 to 4.6 upgrade fails when external network is configured on a bond device: ovs-configuration service fails and node becomes unreachable
1887585 - ovn-masters stuck in crashloop after scale test
1887651 - [Internal Mode] Object gateway (RGW) in unknown state after OCP upgrade.
1887737 - Test TestImageRegistryRemovedWithImages is failing on e2e-vsphere-operator
1887740 - cannot install descheduler operator after uninstalling it
1887745 - API server is throwing 5xx error code for 42.11% of requests for LIST events
1887750 - `oc explain localvolumediscovery` returns empty description
1887751 - `oc explain localvolumediscoveryresult` returns empty description
1887778 - Add ContainerRuntimeConfig gatherer
1887783 - PVC upload cannot continue after approve the certificate
1887797 - [CNV][V2V] Default network type is bridge for interface bound to POD network in VMWare migration wizard
1887799 - User workload monitoring prometheus-config-reloader OOM
1887850 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install test is flaky
1887863 - Installer panics on invalid flavor
1887864 - Clean up dependencies to avoid invalid scan flagging
1887934 - TestForwardedHeaderPolicyAppend, TestForwardedHeaderPolicyReplace, and TestForwardedHeaderPolicyIfNone consistently fail because of case-sensitive comparison
1887936 - Kube-scheduler should be able to parse v1beta1 KubeSchedulerConfig
1888015 - workaround kubelet graceful termination of static pods bug
1888028 - prevent extra cycle in aggregated apiservers
1888036 - Operator details shows old CRD versions
1888041 - non-terminating pods are going from running to pending
1888072 - Setting Supermicro node to PXE boot via Redfish doesn't take affect
1888073 - Operator controller continuously busy looping
1888118 - Memory requests not specified for image registry operator
1888150 - Install Operand Form on OperatorHub is displaying unformatted text
1888172 - PR 209 didn't update the sample archive, but machineset and pdbs are now namespaced
1888227 - Failed to deploy some of container image on the recent OCP 4.6 nightly build
1888292 - Fix CVE-2015-7501 affecting agent-maven-3.5
1888311 - p&f: make SAR traffic from oauth and openshift apiserver exempt
1888363 - namespaces crash in dev
1888378 - [IPI on Azure] errors destroying cluster when Azure resource group was never created
1888381 - instance:node_network_receive_bytes_excluding_lo:rate1m value twice expected
1888464 - installer missing permission definitions for TagResources and UntagResources when installing in existing VPC
1888494 - imagepruner pod is error when image registry storage is not configured
1888565 - [OSP] machine-config-daemon-firstboot.service failed with "error reading osImageURL from rpm-ostree"
1888595 - cluster-policy-controller logs shows error which reads initial monitor sync has error
1888601 - The poddisruptionbudgets is using the operator service account, instead of gather
1888657 - oc doesn't know its name
1888663 - sdn starts after kube-apiserver, delay readyz until oauth-apiserver is reachable
1888671 - Document the Cloud Provider's ignore-volume-az setting
1888738 - quay.io/openshift/origin-must-gather:latest is not a multi-arch, manifest-list image
1888763 - at least one of these parameters (Vendor, DeviceID or PfNames) has to be defined in nicSelector in CR %s", cr.GetName()
1888827 - ovnkube-master may segfault when trying to add IPs to a nil address set
1888861 - need to pass dual-stack service CIDRs to kube-apiserver in dual-stack cluster
1888866 - AggregatedAPIDown permanently firing after removing APIService
1888870 - JS error when using autocomplete in YAML editor
1888874 - hover message are not shown for some properties
1888900 - align plugins versions
1888985 - Cypress: Fix 'Ensures buttons have discernible text' accesibility violation
1889213 - The error message of uploading failure is not clear enough
1889267 - Increase the time out for creating template and upload image in the terraform
1889348 - Project link should be removed from Application Details page, since it is inaccurate (Application Stages)
1889374 - Kiali feature won't work on fresh 4.6 cluster
1889388 - ListBundles returns incorrect replaces/skips when bundles have been added via semver-skippatch mode
1889420 - OCP failed to add vsphere disk when pod moved to new node during cluster upgrade
1889515 - Accessibility - The symbols e.g checkmark in the Node > overview page has no text description, label, or other accessible information
1889529 - [Init-CR annotation] Inline alert shows operand instance was needed still appearing after creating an Operand instance
1889540 - [4.5 upgrade][alert]CloudCredentialOperatorDown
1889577 - Resources are not shown on project workloads page
1889620 - [Azure] - Machineset not scaling when publicIP:true in disconnected Azure enviroment
1889630 - Scheduling disabled popovers are missing for Node status in Node Overview and Details pages
1889692 - Selected Capacity is showing wrong size
1889694 - usbguard fails to install as RHCOS extension due to missing libprotobuf.so.15
1889698 - When the user clicked cancel at the Create Storage Class confirmation dialog all the data from the Local volume set goes off
1889710 - Prometheus metrics on disk take more space compared to OCP 4.5
1889721 - opm index add semver-skippatch mode does not respect prerelease versions
1889724 - When LocalVolumeDiscovery CR is created form the LSO page User doesn't see the Disk tab
1889767 - [vsphere] Remove certificate from upi-installer image
1889779 - error when destroying a vSphere installation that failed early
1889787 - OCP is flooding the oVirt engine with auth errors
1889838 - race in Operator update after fix from bz1888073
1889852 - support new AWS regions ap-east-1, af-south-1, eu-south-1
1889863 - Router prints incorrect log message for namespace label selector
1889891 - Backport timecache LRU fix
1889912 - Drains can cause high CPU usage
1889921 - Reported Degraded=False Available=False pair does not make sense
1889928 - [e2e][automation] Add more tests for golden os
1889943 - EgressNetworkPolicy does not work when setting Allow rule to a dnsName
1890038 - Infrastructure status.platform not migrated to status.platformStatus causes warnings
1890074 - MCO extension kernel-headers is invalid
1890104 - with Serverless 1.10 version of trigger/subscription/channel/IMC is V1 as latest
1890130 - multitenant mode consistently fails CI
1890141 - move off docker.io images for build/image-eco/templates/jenkins e2e
1890145 - The mismatched of font size for Status Ready and Health Check secondary text
1890180 - FieldDependency x-descriptor doesn't support non-sibling fields
1890182 - DaemonSet with existing owner garbage collected
1890228 - AWS: destroy stuck on route53 hosted zone not found
1890235 - e2e: update Protractor's checkErrors logging
1890250 - workers may fail to join the cluster during an update from 4.5
1890256 - Replacing a master node on a baremetal IPI deployment gets stuck when deleting the machine of the unhealthy member
1890270 - External IP doesn't work if the IP address is not assigned to a node
1890361 - s390x: Generate new ostree rpm with fix for rootfs immutability
1890456 - [vsphere] mapi_instance_create_failed doesn't work on vsphere
1890467 - unable to edit an application without a service
1890472 - [Kuryr] Bulk port creation exception not completely formatted
1890494 - Error assigning Egress IP on GCP
1890530 - cluster-policy-controller doesn't gracefully terminate
1890630 - [Kuryr] Available port count not correctly calculated for alerts
1890671 - [SA] verify-image-signature using service account does not work
1890677 - 'oc image info' claims 'does not exist' for application/vnd.oci.image.manifest.v1+json manifest
1890808 - New etcd alerts need to be added to the monitoring stack
1890951 - Mirror of multiarch images together with cluster logging case problems. It doesn't sync the "overall" sha it syncs only the sub arch sha.
1890984 - Rename operator-webhook-config to sriov-operator-webhook-config
1890995 - wew-app should provide more insight into why image deployment failed
1891023 - ovn-kubernetes rbac proxy never starts waiting for an incorrect API call
1891047 - Helm chart fails to install using developer console because of TLS certificate error
1891068 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't report any alerts in firing state apart from Watchdog and AlertmanagerReceiversNotConfigured [Early] failing due to TargetDown alert from kube-scheduler
1891080 - [LSO] When Localvolumeset and SC is already created before OCS install Creation of LVD and LVS is skipped when user click created storage cluster from UI
1891108 - p&f: Increase the concurrency share of workload-low priority level
1891143 - CVO deadlocked while shutting down, shortly after fresh cluster install (metrics goroutine)
1891189 - [LSO] max device limit is accepting negative values. PVC is not getting created and no error is shown
1891314 - Display incompatible helm charts for installation (kubeVersion of cluster doesn't meet requirements of chart)
1891362 - Wrong metrics count for openshift_build_result_total
1891368 - fync should be fsync for etcdHighFsyncDurations alert's annotations.message
1891374 - fync should be fsync for etcdHighFsyncDurations critical alert's annotations.message
1891376 - Extra text in Cluster Utilization charts
1891419 - Wrong detail head on network policy detail page.
1891459 - Snapshot tests should report stderr of failed commands
1891498 - Other machine config pools do not show during update
1891543 - OpenShift 4.6/OSP install fails when node flavor has less than 25GB, even with dedicated storage
1891551 - Clusterautoscaler doesn't scale up as expected
1891552 - Handle missing labels as empty.
1891555 - The windows oc.exe binary does not have version metadata
1891559 - kuryr-cni cannot start new thread
1891614 - [mlx] testpmd fails inside OpenShift pod using DevX version 19.11
1891625 - [Release 4.7] Mutable LoadBalancer Scope
1891702 - installer get pending when additionalTrustBundle is added into install-config.yaml
1891716 - OVN cluster upgrade from 4.6.1 to 4.7 fails
1891740 - OperatorStatusChanged is noisy
1891758 - the authentication operator may spam DeploymentUpdated event endlessly
1891759 - Dockerfile builds cannot change /etc/pki/ca-trust
1891816 - [UPI] [OSP] control-plane.yml provisioning playbook fails on OSP 16.1
1891825 - Error message not very informative in case of mode mismatch
1891898 - The ClusterServiceVersion can define Webhooks that cannot be created.
1891951 - UI should show warning while creating pools with compression on
1891952 - [Release 4.7] Apps Domain Enhancement
1891993 - 4.5 to 4.6 upgrade doesn't remove deployments created by marketplace
1891995 - OperatorHub displaying old content
1891999 - Storage efficiency card showing wrong compression ratio
1892004 - OCP 4.6 opm on Ubuntu 18.04.4 - error /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.28' not found (required by ./opm)
1892167 - [SR-IOV] SriovNetworkNodePolicies apply ignoring the spec.nodeSelector.
1892198 - TypeError in 'Performance Profile' tab displayed for 'Performance Addon Operator'
1892288 - assisted install workflow creates excessive control-plane disruption
1892338 - HAProxyReloadFail alert only briefly fires in the event of a broken HAProxy config
1892358 - [e2e][automation] update feature gate for kubevirt-gating job
1892376 - Deleted netnamespace could not be re-created
1892390 - TestOverwrite/OverwriteBundle/DefaultBehavior in operator-registry is flaky
1892393 - TestListPackages is flaky
1892448 - MCDPivotError alert/metric missing
1892457 - NTO-shipped stalld needs to use FIFO for boosting.
1892467 - linuxptp-daemon crash
1892521 - [AWS] Startup bootstrap machine failed due to ignition file is missing in disconnected UPI env
1892653 - User is unable to create KafkaSource with v1beta
1892724 - VFS added to the list of devices of the nodeptpdevice CRD
1892799 - Mounting additionalTrustBundle in the operator
1893117 - Maintenance mode on vSphere blocks installation.
1893351 - TLS secrets are not able to edit on console.
1893362 - The ovs-xxxxx_openshift-sdn container does not terminate gracefully, slowing down reboots
1893386 - false-positive ReadyIngressNodes_NoReadyIngressNodes: Auth operator makes risky "worker" assumption when guessing about ingress availability
1893546 - Deploy using virtual media fails on node cleaning step
1893601 - overview filesystem utilization of OCP is showing the wrong values
1893645 - oc describe route SIGSEGV
1893648 - Ironic image building process is not compatible with UEFI secure boot
1893724 - OperatorHub generates incorrect RBAC
1893739 - Force deletion doesn't work for snapshots if snapshotclass is already deleted
1893776 - No useful metrics for image pull time available, making debugging issues there impossible
1893798 - Lots of error messages starting with "get namespace to enqueue Alertmanager instances failed" in the logs of prometheus-operator
1893832 - ErrorCount field is missing in baremetalhosts.metal3.io CRD
1893889 - disabled dropdown items in the pf dropdown component are skipped over and unannounced by JAWS
1893926 - Some "Dynamic PV (block volmode)" pattern storage e2e tests are wrongly skipped
1893944 - Wrong product name for Multicloud Object Gateway
1893953 - (release-4.7) Gather default StatefulSet configs
1893956 - Installation always fails at "failed to initialize the cluster: Cluster operator image-registry is still updating"
1893963 - [Testday] Workloads-> Virtualization is not loading for Firefox browser
1893972 - Should skip e2e test cases as early as possible
1894013 - [v2v][Testday] VMware to CNV VM import]VMware URL: It is not clear that only the FQDN/IP address is required without 'https://'
1894020 - User with edit users cannot deploy images from their own namespace from the developer perspective
1894025 - OCP 4.5 to 4.6 upgrade for "aws-ebs-csi-driver-operator" fails when "defaultNodeSelector" is set
1894041 - [v2v][[Testday]VM import from VMware/RHV] VM import wizard: The target storage class name is not displayed if default storage class is used.
1894065 - tag new packages to enable TLS support
1894110 - Console shows wrong value for maxUnavailable and maxSurge when set to 0
1894144 - CI runs of baremetal IPI are failing due to newer libvirt libraries
1894146 - ironic-api used by metal3 is over provisioned and consumes a lot of RAM
1894194 - KuryrPorts leftovers from 4.6 GA need to be deleted
1894210 - Failed to encrypt OSDs on OCS4.6 installation (via UI)
1894216 - Improve OpenShift Web Console availability
1894275 - Fix CRO owners file to reflect node owner
1894278 - "database is locked" error when adding bundle to index image
1894330 - upgrade channels needs to be updated for 4.7
1894342 - oauth-apiserver logs many "[SHOULD NOT HAPPEN] failed to update managedFields for ... OAuthClient ... no corresponding type for oauth.openshift.io/v1, Kind=OAuthClient"
1894374 - Dont prevent the user from uploading a file with incorrect extension
1894432 - [oVirt] sometimes installer timeout on tmp_import_vm
1894477 - bash syntax error in nodeip-configuration.service
1894503 - add automated test for Polarion CNV-5045
1894519 - [OSP] External mode cluster creation disabled for Openstack and oVirt platform
1894539 - [on-prem] Unable to deploy additional machinesets on separate subnets
1894645 - Cinder volume provisioning crashes on nil cloud provider
1894677 - image-pruner job is panicking: klog stack
1894810 - Remove TechPreview Badge from Eventing in Serverless version 1.11.0
1894860 - 'backend' CI job passing despite failing tests
1894910 - Update the node to use the real-time kernel fails
1894992 - All nightly jobs for e2e-metal-ipi failing due to ipa image missing tenacity package
1895065 - Schema / Samples / Snippets Tabs are all selected at the same time
1895099 - vsphere-upi and vsphere-upi-serial jobs time out waiting for bootstrap to complete in CI
1895141 - panic in service-ca injector
1895147 - Remove memory limits on openshift-dns
1895169 - VM Template does not properly manage Mount Windows guest tools check box during VM creation
1895268 - The bundleAPIs should NOT be empty
1895309 - [OCP v47] The RHEL node scaleup fails due to "No package matching 'cri-o-1.19.*' found available" on OCP 4.7 cluster
1895329 - The infra index filled with warnings "WARNING: kubernetes.io/cinder built-in volume provider is now deprecated. The Cinder volume provider is deprecated and will be removed in a future release"
1895360 - Machine Config Daemon removes a file although its defined in the dropin
1895367 - Missing image in metadata DB index.db in disconnected Operator Hub installation. OCP 4.6.1
1895372 - Web console going blank after selecting any operator to install from OperatorHub
1895385 - Revert KUBELET_LOG_LEVEL back to level 3
1895423 - unable to edit an application with a custom builder image
1895430 - unable to edit custom template application
1895509 - Backup taken on one master cannot be restored on other masters
1895537 - [sig-imageregistry][Feature:ImageExtract] Image extract should extract content from an image
1895838 - oc explain description contains '/'
1895908 - "virtio" option is not available when modifying a CD-ROM to disk type
1895909 - e2e-metal-ipi-ovn-dualstack is failing
1895919 - NTO fails to load kernel modules
1895959 - configuring webhook token authentication should prevent cluster upgrades
1895979 - Unable to get coreos-installer with --copy-network to work
1896101 - [cnv][automation] Added negative tests for migration from VMWare and RHV
1896160 - CI: Some cluster operators are not ready: marketplace (missing: Degraded)
1896188 - [sig-cli] oc debug deployment configs from a build: local-busybox-1-build not completed
1896218 - Occasional GCP install failures: Error setting IAM policy for project ...: googleapi: Error 400: Service account ... does not exist., badRequest
1896229 - Current Rate of Bytes Received and Current Rate of Bytes Transmitted data can not be loaded
1896244 - Found a panic in storage e2e test
1896296 - Git links should avoid .git as part of the URL and should not link git:// urls in general
1896302 - [e2e][automation] Fix 4.6 test failures
1896365 - [Migration]The SDN migration cannot revert under some conditions
1896384 - [ovirt IPI]: local coredns resolution not working
1896446 - Git clone from private repository fails after upgrade OCP 4.5 to 4.6
1896529 - Incorrect instructions in the Serverless operator and application quick starts
1896645 - documentationBaseURL needs to be updated for 4.7
1896697 - [Descheduler] policy.yaml param in cluster configmap is empty
1896704 - Machine API components should honour cluster wide proxy settings
1896732 - "Attach to Virtual Machine OS" button should not be visible on old clusters
1896866 - File /etc/NetworkManager/system-connections/default_connection.nmconnection is incompatible with SR-IOV operator
1896898 - ovs-configuration.service fails when multiple IPv6 default routes are provided via RAs over the same interface and deployment bootstrap fails
1896918 - start creating new-style Secrets for AWS
1896923 - DNS pod /metrics exposed on anonymous http port
1896977 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters
1897003 - VNC console cannot be connected after visit it in new window
1897008 - Cypress: reenable check for 'aria-hidden-focus' rule & checkA11y test for modals
1897026 - [Migration] With updating optional network operator configuration, migration stucks on MCO
1897039 - router pod keeps printing log: template "msg"="router reloaded" "output"="[WARNING] 316/065823 (15) : parsing [/var/lib/haproxy/conf/haproxy.config:52]: option 'http-use-htx' is deprecated and ignored
1897050 - [IBM Power] LocalVolumeSet provisions boot partition as PV.
1897073 - [OCP 4.5] wrong netid assigned to Openshift projects/namespaces
1897138 - oVirt provider uses depricated cluster-api project
1897142 - When scaling replicas to zero, Octavia loadbalancer pool members are not updated accordingly
1897252 - Firing alerts are not showing up in console UI after cluster is up for some time
1897354 - Operator installation showing success, but Provided APIs are missing
1897361 - The MCO GCP-OP tests fail consistently on containerruntime tests with "connection refused"
1897412 - [sriov]disableDrain did not be updated in CRD of manifest
1897423 - Max unavailable and Max surge value are not shown on Deployment Config Details page
1897516 - Baremetal IPI deployment with IPv6 control plane fails when the nodes obtain both SLAAC and DHCPv6 addresses as they set their hostname to 'localhost'
1897520 - After restarting nodes the image-registry co is in degraded true state.
1897584 - Add casc plugins
1897603 - Cinder volume attachment detection failure in Kubelet
1897604 - Machine API deployment fails: Kube-Controller-Manager can't reach API: "Unauthorized"
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1897641 - Baremetal IPI with IPv6 control plane: nodes respond with duplicate packets to ICMP6 echo requests
1897676 - [CI] [Azure] [UPI] CI failing since 4.6 changes in ignition
1897830 - [GSS] Unable to deploy OCS 4.5.2 on OCP 4.6.1, cannot `Create OCS Cluster Service`
1897891 - [RFE][v2v][UI][CNV VM import] Providing error message or/and block migration when vddk-init-image is missing
1897897 - ptp lose sync openshift 4.6
1898036 - no network after reboot (IPI)
1898045 - AWS EBS CSI Driver can not get updated cloud credential secret automatically
1898097 - mDNS floods the baremetal network
1898118 - Lack of logs on some image stream tests make hard to find root cause of a problem
1898134 - Descheduler logs show absolute values instead of percentage when LowNodeUtilization strategy is applied
1898159 - kcm operator shall pass --allocate-node-cidrs=false to kcm for ovn-kube and openshift-sdn cluster
1898174 - [OVN] EgressIP does not guard against node IP assignment
1898194 - GCP: can't install on custom machine types
1898238 - Installer validations allow same floating IP for API and Ingress
1898268 - [OVN]: `make check` broken on 4.6
1898289 - E2E test: Use KUBEADM_PASSWORD_FILE by default
1898320 - Incorrect Apostrophe Translation of "it's" in Scheduling Disabled Popover
1898357 - Within the operatorhub details view, long unbroken text strings do not wrap cause breaking display.
1898407 - [Deployment timing regression] Deployment takes longer with 4.7
1898417 - GCP: the dns targets in Google Cloud DNS is not updated after recreating loadbalancer service
1898487 - [oVirt] Node is not removed when VM has been removed from oVirt engine
1898500 - Failure to upgrade operator when a Service is included in a Bundle
1898517 - Ironic auto-discovery may result in rogue nodes registered in ironic
1898532 - Display names defined in specDescriptors not respected
1898580 - When adding more than one node selector to the sriovnetworknodepolicy, the cni and the device plugin pods are constantly rebooted
1898613 - Whereabouts should exclude IPv6 ranges
1898655 - [oVirt] Node deleted in oVirt should cause the Machine to go into a Failed phase
1898679 - Operand creation form - Required "type: object" properties (Accordion component) are missing red asterisk
1898680 - CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability
1898745 - installation failing with CVO reporting openshift-samples not rolled out, samples not setting versions in its ClusterOperator
1898839 - Wrong YAML in operator metadata
1898851 - Multiple Pods access the same volume on the same node e2e test cases are missed from aws ebs csi driver e2e test job
1898873 - Remove TechPreview Badge from Monitoring
1898954 - Backup script does not take /etc/kubernetes/static-pod-resources on a reliable way
1899111 - [RFE] Update jenkins-maven-agen to maven36
1899128 - VMI details screen -> show the warning that it is preferable to have a VM only if the VM actually does not exist
1899175 - bump the RHCOS boot images for 4.7
1899198 - Use new packages for ipa ramdisks
1899200 - In Installed Operators page I cannot search for an Operator by it's name
1899220 - Support AWS IMDSv2
1899350 - configure-ovs.sh doesn't configure bonding options
1899433 - When Creating OCS from ocs wizard Step Discover Disks shows Error "An error occurred Not Found"
1899459 - Failed to start monitoring pods once the operator removed from override list of CVO
1899515 - Passthrough credentials are not immediately re-distributed on update
1899575 - update discovery burst to reflect lots of CRDs on openshift clusters
1899582 - update discovery burst to reflect lots of CRDs on openshift clusters
1899588 - Operator objects are re-created after all other associated resources have been deleted
1899600 - Increased etcd fsync latency as of OCP 4.6
1899603 - workers-rhel7 CI jobs failing: Failed to remove rollback: error running rpm-ostree cleanup
1899627 - Project dashboard Active status using small icon
1899725 - Pods table does not wrap well with quick start sidebar open
1899746 - [ovn] error while waiting on flows for pod: OVS sandbox port is no longer active (probably due to a subsequent CNI ADD)
1899760 - etcd_request_duration_seconds_bucket metric has excessive cardinality
1899835 - catalog-operator repeatedly crashes with "runtime error: index out of range [0] with length 0"
1899839 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap
1899853 - additionalSecurityGroupIDs not working for master nodes
1899922 - NP changes sometimes influence new pods.
1899949 - [Platform] Remove restriction on disk type selection for LocalVolumeSet
1900008 - Fix internationalized sentence fragments in ImageSearch.tsx
1900010 - Fix internationalized sentence fragments in BuildImageSelector.tsx
1900020 - Remove ' from internationalized keys
1900022 - Search Page - Top labels field is not applied to selected Pipeline resources
1900030 - disruption_tests: [sig-imageregistry] Image registry remain available failing consistently
1900126 - Creating a VM results in suggestion to create a default storage class when one already exists
1900138 - [OCP on RHV] Remove insecure mode from the installer
1900196 - stalld is not restarted after crash
1900239 - Skip "subPath should be able to unmount" NFS test
1900322 - metal3 pod's toleration for key: node-role.kubernetes.io/master currently matches on exact value matches but should match on Exists
1900377 - [e2e][automation] create new css selector for active users
1900496 - (release-4.7) Collect spec config for clusteroperator resources
1900672 - (s390x) Upgrade from old LUKS to new not working with DASD disks
1900699 - Impossible to add new Node on OCP 4.6 using large ECKD disks - fdasd issue
1900759 - include qemu-guest-agent by default
1900790 - Track all resource counts via telemetry
1900835 - Multus errors when cachefile is not found
1900935 - `oc adm release mirror` panic panic: runtime error
1900989 - accessing the route cannot wake up the idled resources
1901040 - When scaling down the status of the node is stuck on deleting
1901057 - authentication operator health check failed when installing a cluster behind proxy
1901107 - pod donut shows incorrect information
1901111 - Installer dependencies are broken
1901200 - linuxptp-daemon crash when enable debug log level
1901301 - CBO should handle platform=BM without provisioning CR
1901355 - [Azure][4.7] Invalid vm size from customized compute nodes does not fail properly
1901363 - High Podready Latency due to timed out waiting for annotations
1901373 - redundant bracket on snapshot restore button
1901376 - [on-prem] Upgrade from 4.6 to 4.7 failed with "timed out waiting for the condition during waitForControllerConfigToBeCompleted: controllerconfig is not completed: ControllerConfig has not completed: completed(false) running(false) failing(true"
1901395 - "Edit virtual machine template" action link should be removed
1901472 - [OSP] Bootstrap and master nodes use different keepalived unicast setting
1901517 - RHCOS 4.6.1 uses a single NetworkManager connection for multiple NICs when using default DHCP
1901531 - Console returns a blank page while trying to create an operator Custom CR with Invalid Schema
1901594 - Kubernetes resource CRUD operations.Kubernetes resource CRUD operations Pod "before all" hook for "creates the resource instance"
1901604 - CNO blocks editing Kuryr options
1901675 - [sig-network] multicast when using one of the plugins 'redhat/openshift-ovs-multitenant, redhat/openshift-ovs-networkpolicy' should allow multicast traffic in namespaces where it is enabled
1901909 - The device plugin pods / cni pod are restarted every 5 minutes
1901982 - [sig-builds][Feature:Builds] build can reference a cluster service with a build being created from new-build should be able to run a build that references a cluster service
1902019 - when podTopologySpreadConstraint strategy is enabled for descheduler it throws error
1902059 - Wire a real signer for service accout issuer
1902091 - `cluster-image-registry-operator` pod leaves connections open when fails connecting S3 storage
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1902157 - The DaemonSet machine-api-termination-handler couldn't allocate Pod
1902253 - MHC status doesnt set RemediationsAllowed = 0
1902299 - Failed to mirror operator catalog - error: destination registry required
1902545 - Cinder csi driver node pod should add nodeSelector for Linux
1902546 - Cinder csi driver node pod doesn't run on master node
1902547 - Cinder csi driver controller pod doesn't run on master node
1902552 - Cinder csi driver does not use the downstream images
1902595 - Project workloads list view doesn't show alert icon and hover message
1902600 - Container csi-snapshotter in Cinder csi driver needs to use ImagePullPolicy=IfNotPresent
1902601 - Cinder csi driver pods run as BestEffort qosClass
1902653 - [BM][IPI] Master deployment failed: No valid host was found. Reason: No conductor service registered which supports driver redfish for conductor group
1902702 - [sig-auth][Feature:LDAP][Serial] ldap group sync can sync groups from ldap: oc cp over non-existing directory/file fails
1902746 - [BM][IP] Master deployment failed - Base.1.0.GeneralError: database is locked
1902824 - failed to generate semver informed package manifest: unable to determine default channel
1902894 - hybrid-overlay-node crashing trying to get node object during initialization
1902969 - Cannot load vmi detail page
1902981 - It should default to current namespace when create vm from template
1902996 - [AWS] UPI on USGov, bootstrap machine can not fetch ignition file via s3:// URI
1903033 - duplicated lines of imageContentSources is seen when mirror release image to local registry
1903034 - OLM continuously printing debug logs
1903062 - [Cinder csi driver] Deployment mounted volume have no write access
1903078 - Deleting VolumeSnapshotClass makes VolumeSnapshot not Ready
1903107 - Enable vsphere-problem-detector e2e tests
1903164 - OpenShift YAML editor jumps to top every few seconds
1903165 - Improve Canary Status Condition handling for e2e tests
1903172 - Column Management: Fix sticky footer on scroll
1903186 - [Descheduler] cluster logs should report some info when PodTopologySpreadConstraints strategy is enabled
1903188 - [Descheduler] cluster log reports failed to validate server configuration" err="unsupported log format:
1903192 - Role name missing on create role binding form
1903196 - Popover positioning is misaligned for Overview Dashboard status items
1903206 - Ingress controller incorrectly routes traffic to non-ready pods/backends.
1903226 - MutatingWebhookConfiguration pod-identity-webhook does not exclude critical control-plane components
1903248 - Backport Upstream Static Pod UID patch
1903277 - Deprovisioning Not Deleting Security Groups [VpcLimitExceeded on e2e-aws tests]
1903290 - Kubelet repeatedly log the same log line from exited containers
1903346 - PV backed by FC lun is not being unmounted properly and this leads to IO errors / xfs corruption.
1903382 - Panic when task-graph is canceled with a TaskNode with no tasks
1903400 - Migrate a VM which is not running goes to pending state
1903402 - Nic/Disk on VMI overview should link to VMI's nic/disk page
1903414 - NodePort is not working when configuring an egress IP address
1903424 - mapi_machine_phase_transition_seconds_sum doesn't work
1903464 - "Evaluating rule failed" for "record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum" and "record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum"
1903639 - Hostsubnet gatherer produces wrong output
1903651 - Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service
1903660 - Cannot install with Assisted Installer on top of IPv6 since network provider is not started
1903674 - [sig-apps] ReplicationController should serve a basic image on each replica with a private image
1903717 - Handle different Pod selectors for metal3 Deployment
1903733 - Scale up followed by scale down can delete all running workers
1903917 - Failed to load "Developer Catalog" page
1903999 - Httplog response code is always zero
1904026 - The quota controllers should resync on new resources and make progress
1904064 - Automated cleaning is disabled by default
1904124 - DHCP to static lease script doesn't work correctly if starting with infinite leases
1904125 - Boostrap VM .ign image gets added into 'default' pool instead of <cluster-name>-<id>-bootstrap
1904131 - kuryr tempest plugin test test_ipblock_network_policy_sg_rules fails
1904133 - KubeletConfig flooded with failure conditions
1904161 - AlertmanagerReceiversNotConfigured fires unconditionally on alertmanager restart
1904243 - RHCOS 4.6.1 missing ISCSI initiatorname.iscsi !
1904244 - MissingKey errors for two plugins using i18next.t
1904262 - clusterresourceoverride-operator has version: 1.0.0 every build
1904296 - VPA-operator has version: 1.0.0 every build
1904297 - The index image generated by "opm index prune" leaves unrelated images
1904305 - Should have scroll-down bar for the field which the values list has too many results under dashboards
1904385 - [oVirt] registry cannot mount volume on 4.6.4 -> 4.6.6 upgrade
1904497 - vsphere-problem-detector: Run on vSphere cloud only
1904501 - [Descheduler] descheduler does not evict any pod when PodTopologySpreadConstraint strategy is set
1904502 - vsphere-problem-detector: allow longer timeouts for some operations
1904503 - vsphere-problem-detector: emit alerts
1904538 - [sig-arch][Early] Managed cluster should start all core operators: monitoring: container has runAsNonRoot and image has non-numeric user (nobody)
1904578 - metric scraping for vsphere problem detector is not configured
1904582 - All application traffic broken due to unexpected load balancer change on 4.6.4 -> 4.6.6 upgrade
1904663 - IPI pointer customization MachineConfig always generated
1904679 - [Feature:ImageInfo] Image info should display information about images
1904683 - `[sig-builds][Feature:Builds] s2i build with a root user image` tests use docker.io image
1904684 - [sig-cli] oc debug ensure it works with image streams
1904713 - Helm charts with kubeVersion restriction are filtered incorrectly
1904776 - Snapshot modal alert is not pluralized
1904824 - Set vSphere hostname from guestinfo before NM starts
1904941 - Insights status is always showing a loading icon
1904973 - KeyError: 'nodeName' on NP deletion
1904985 - Prometheus and thanos sidecar targets are down
1904993 - Many ampersand special characters are found in strings
1905066 - QE - Monitoring test cases - smoke test suite automation
1905074 - QE -Gherkin linter to maintain standards
1905100 - Too many haproxy processes in default-router pod causing high load average
1905104 - Snapshot modal disk items missing keys
1905115 - CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm
1905119 - Race in AWS EBS determining whether custom CA bundle is used
1905128 - [e2e][automation] e2e tests succeed without actually execute
1905133 - operator conditions special-resource-operator
1905141 - vsphere-problem-detector: report metrics through telemetry
1905146 - Backend Tests: TestHelmRepoGetter_SkipDisabled failures
1905194 - Detecting broken connections to the Kube API takes up to 15 minutes
1905221 - CVO transitions from "Initializing" to "Updating" despite not attempting many manifests
1905232 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them failing due to inconsistent images between CI and OCP
1905253 - Inaccurate text at bottom of Events page
1905298 - openshift-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory
1905299 - OLM fails to update operator
1905307 - Provisioning CR is missing from must-gather
1905319 - cluster-samples-operator containers are not requesting required memory resource
1905320 - csi-snapshot-webhook is not requesting required memory resource
1905323 - dns-operator is not requesting required memory resource
1905324 - ingress-operator is not requesting required memory resource
1905327 - openshift-kube-scheduler initContainer wait-for-host-port is not requesting required resources: cpu, memory
1905328 - Changing the bound token service account issuer invalids previously issued bound tokens
1905329 - openshift-oauth-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory
1905330 - openshift-monitoring init-textfile is not requesting required resources: cpu, memory
1905338 - QE -Cypress Automation for Add Flow - Database, Yaml, OperatorBacked, PageDetails
1905347 - QE - Design Gherkin Scenarios
1905348 - QE - Design Gherkin Scenarios
1905362 - [sriov] Error message 'Fail to update DaemonSet' always shown in sriov operator pod
1905368 - [sriov] net-attach-def generated from sriovnetwork cannot be restored once it was deleted
1905370 - A-Z/Z-A sorting dropdown on Developer Catalog page is not aligned with filter text input
1905380 - Default to Red Hat/KubeVirt provider if common template does not have provider annotation
1905393 - CMO uses rbac.authorization.k8s.io/v1beta1 instead of rbac.authorization.k8s.io/v1
1905404 - The example of "Remove the entrypoint on the mysql:latest image" for `oc image append` does not work
1905416 - Hyperlink not working from Operator Description
1905430 - usbguard extension fails to install because of missing correct protobuf dependency version
1905492 - The stalld service has a higher scheduler priority than ksoftirq and rcu{b, c} threads
1905502 - Test flake - unable to get https transport for ephemeral-registry
1905542 - [GSS] The "External" mode option is not available when the OCP cluster is deployed using Redhat Cluster Assisted Installer 4.6.
1905599 - Errant change to lastupdatetime in copied CSV status can trigger runaway csv syncs
1905610 - Fix typo in export script
1905621 - Protractor login test fails against a 4.7 (nightly) Power cluster
1905640 - Subscription manual approval test is flaky
1905647 - Report physical core valid-for-subscription min/max/cumulative use to telemetry
1905696 - ClusterMoreUpdatesModal component did not get internationalized
1905748 - with sharded ingresscontrollers, all shards reload when any endpoint changes
1905761 - NetworkPolicy with Egress policyType is resulting in SDN errors and improper communication within Project
1905778 - inconsistent ingresscontroller between fresh installed cluster and upgraded cluster
1905792 - [OVN]Cannot create egressfirewalll with dnsName
1905889 - Should create SA for each namespace that the operator scoped
1905920 - Quickstart exit and restart
1905941 - Page goes to error after create catalogsource
1905977 - QE ghaekin design scenaio-pipeline metrics ODC-3711
1906032 - Canary Controller: Canary daemonset rolls out slowly in large clusters
1906100 - Disconnected cluster upgrades are failing from the cli, when signature retrieval is being blackholed instead of quickly rejected
1906105 - CBO annotates an existing Metal3 deployment resource to indicate that it is managing it
1906118 - OCS feature detection constantly polls storageclusters and storageclasses
1906120 - 'Create Role Binding' form not setting user or group value when created from a user or group resource
1906121 - [oc] After new-project creation, the kubeconfig file does not set the project
1906134 - OLM should not create OperatorConditions for copied CSVs
1906143 - CBO supports log levels
1906186 - i18n: Translators are not able to translate `this` without context for alert manager config
1906228 - tuned and openshift-tuned sometimes do not terminate gracefully, slowing reboots
1906274 - StorageClass installed by Cinder csi driver operator should enable the allowVolumeExpansion to support volume resize.
1906276 - `oc image append` can't work with multi-arch image with --filter-by-os='.*'
1906318 - use proper term for Authorized SSH Keys
1906335 - The lastTransitionTime, message, reason field of operatorcondition should be optional
1906356 - Unify Clone PVC boot source flow with URL/Container boot source
1906397 - IPA has incorrect kernel command line arguments
1906441 - HorizontalNav and NavBar have invalid keys
1906448 - Deploy using virtualmedia with provisioning network disabled fails - 'Failed to connect to the agent' in ironic-conductor log
1906459 - openstack: Quota Validation fails if unlimited quotas are given to a project
1906496 - [BUG] Thanos having possible memory leak consuming huge amounts of node's memory and killing them
1906508 - TestHeaderNameCaseAdjust outputs nil error message on some failures
1906511 - Root reprovisioning tests flaking often in CI
1906517 - Validation is not robust enough and may prevent to generate install-confing.
1906518 - Update snapshot API CRDs to v1
1906519 - Update LSO CRDs to use v1
1906570 - Number of disruptions caused by reboots on a cluster cannot be measured
1906588 - [ci][sig-builds] nodes is forbidden: User "e2e-test-jenkins-pipeline-xfghs-user" cannot list resource "nodes" in API group "" at the cluster scope
1906650 - Cannot collect network policy, EgressFirewall, egressip logs with gather_network_logs
1906655 - [SDN]Cannot colloect ovsdb-server.log and ovs-vswitchd.log with gather_network_logs
1906679 - quick start panel styles are not loaded
1906683 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber
1906684 - Event Source creation fails if user selects no app group and switch to yaml and then to form
1906685 - SinkBinding is shown in topology view if underlying resource along with actual source created
1906689 - user can pin to nav configmaps and secrets multiple times
1906691 - Add doc which describes disabling helm chart repository
1906713 - Quick starts not accesible for a developer user
1906718 - helm chart "provided by Redhat" is misspelled
1906732 - Machine API proxy support should be tested
1906745 - Update Helm endpoints to use Helm 3.4.x
1906760 - performance issues with topology constantly re-rendering
1906766 - localized `Autoscaled` & `Autoscaling` pod texts overlap with the pod ring
1906768 - Virtualization nav item is incorrectly placed in the Admin Workloads section
1906769 - topology fails to load with non-kubeadmin user
1906770 - shortcuts on mobiles view occupies a lot of space
1906798 - Dev catalog customization doesn't update console-config ConfigMap
1906806 - Allow installing extra packages in ironic container images
1906808 - [test-disabled] ServiceAccounts should support OIDC discovery of service account issuer
1906835 - Topology view shows add page before then showing full project workloads
1906840 - ClusterOperator should not have status "Updating" if operator version is the same as the release version
1906844 - EndpointSlice and EndpointSliceProxying feature gates should be disabled for openshift-sdn kube-proxy
1906860 - Bump kube dependencies to v1.20 for Net Edge components
1906864 - Quick Starts Tour: Need to adjust vertical spacing
1906866 - Translations of Sample-Utils
1906871 - White screen when sort by name in monitoring alerts page
1906872 - Pipeline Tech Preview Badge Alignment
1906875 - Provide an option to force backup even when API is not available.
1906877 - Placeholder' value in search filter do not match column heading in Vulnerabilities
1906879 - Add missing i18n keys
1906880 - oidcdiscoveryendpoint controller invalidates all TokenRequest API tokens during install
1906896 - No Alerts causes odd empty Table (Need no content message)
1906898 - Missing User RoleBindings in the Project Access Web UI
1906899 - Quick Start - Highlight Bounding Box Issue
1906916 - Teach CVO about flowcontrol.apiserver.k8s.io/v1beta1
1906933 - Cluster Autoscaler should have improved mechanisms for group identifiers
1906935 - Delete resources when Provisioning CR is deleted
1906968 - Must-gather should support collecting kubernetes-nmstate resources
1906986 - Ensure failed pod adds are retried even if the pod object doesn't change
1907199 - Need to upgrade machine-api-operator module version under cluster-api-provider-kubevirt
1907202 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change
1907211 - beta promotion of p&f switched storage version to v1beta1, making downgrades impossible.
1907269 - Tooltips data are different when checking stack or not checking stack for the same time
1907280 - Install tour of OCS not available.
1907282 - Topology page breaks with white screen
1907286 - The default mhc machine-api-termination-handler couldn't watch spot instance
1907287 - [csi-snapshot-webhook] should support both v1beta1 and v1 version when creating volumesnapshot/volumesnapshotcontent
1907293 - Increase timeouts in e2e tests
1907295 - Gherkin script for improve management for helm
1907299 - Advanced Subscription Badge for KMS and Arbiter not present
1907303 - Align VM template list items by baseline
1907304 - Use PF styles for selected template card in VM Wizard
1907305 - Drop 'ISO' from CDROM boot source message
1907307 - Support and provider labels should be passed on between templates and sources
1907310 - Pin action should be renamed to favorite
1907312 - VM Template source popover is missing info about added date
1907313 - ClusterOperator objects cannot be overriden with cvo-overrides
1907328 - iproute-tc package is missing in ovn-kube image
1907329 - CLUSTER_PROFILE env. variable is not used by the CVO
1907333 - Node stuck in degraded state, mcp reports "Failed to remove rollback: error running rpm-ostree cleanup -r: error: Timeout was reached"
1907373 - Rebase to kube 1.20.0
1907375 - Bump to latest available 1.20.x k8s - workloads team
1907378 - Gather netnamespaces networking info
1907380 - kube-rbac-proxy exposes tokens, has excessive verbosity
1907381 - OLM fails to deploy an operator if its deployment template contains a description annotation that doesn't match the CSV one
1907390 - prometheus-adapter: panic after k8s 1.20 bump
1907399 - build log icon link on topology nodes cause app to reload
1907407 - Buildah version not accessible
1907421 - [4.6.1]oc-image-mirror command failed on "error: unable to copy layer"
1907453 - Dev Perspective -> running vm details -> resources -> no data
1907454 - Install PodConnectivityCheck CRD with CNO
1907459 - "The Boot source is also maintained by Red Hat." is always shown for all boot sources
1907475 - Unable to estimate the error rate of ingress across the connected fleet
1907480 - `Active alerts` section throwing forbidden error for users.
1907518 - Kamelets/Eventsource should be shown to user if they have create access
1907543 - Korean timestamps are shown when users' language preferences are set to German-en-en-US
1907610 - Update kubernetes deps to 1.20
1907612 - Update kubernetes deps to 1.20
1907621 - openshift/installer: bump cluster-api-provider-kubevirt version
1907628 - Installer does not set primary subnet consistently
1907632 - Operator Registry should update its kubernetes dependencies to 1.20
1907639 - pass dual-stack node IPs to kubelet in dual-stack clusters
1907644 - fix up handling of non-critical annotations on daemonsets/deployments
1907660 - Pod list does not render cell height correctly when pod names are too long (dynamic table rerendering issue?)
1907670 - CVE-2020-27846 crewjam/saml: authentication bypass in saml authentication
1907671 - Ingress VIP assigned to two infra nodes simultaneously - keepalived process running in pods seems to fail
1907767 - [e2e][automation]update test suite for kubevirt plugin
1907770 - Recent RHCOS 47.83 builds (from rhcos-47.83.202012072210-0 on) don't allow master and worker nodes to boot
1907792 - The `overrides` of the OperatorCondition cannot block the operator upgrade
1907793 - Surface support info in VM template details
1907812 - 4.7 to 4.6 downgrade stuck in clusteroperator storage
1907822 - [OCP on OSP] openshift-install panic when checking quota with install-config have no flavor set
1907863 - Quickstarts status not updating when starting the tour
1907872 - dual stack with an ipv6 network fails on bootstrap phase
1907874 - QE - Design Gherkin Scenarios for epic ODC-5057
1907875 - No response when try to expand pvc with an invalid size
1907876 - Refactoring record package to make gatherer configurable
1907877 - QE - Automation- pipelines builder scripts
1907883 - Fix Pipleine creation without namespace issue
1907888 - Fix pipeline list page loader
1907890 - Misleading and incomplete alert message shown in pipeline-parameters and pipeline-resources form
1907892 - Unable to edit application deployed using "From Devfile" option
1907893 - navSortUtils.spec.ts unit test failure
1907896 - When a workload is added, Topology does not place the new items well
1907908 - VM Wizard always uses VirtIO for the VM rootdisk regardless what is defined in common-template
1907924 - Enable madvdontneed in OpenShift Images
1907929 - Enable madvdontneed in OpenShift System Components Part 2
1907936 - NTO is not reporting nto_profile_set_total metrics correctly after reboot
1907947 - The kubeconfig saved in tenantcluster shouldn't include anything that is not related to the current context
1907948 - OCM-O bump to k8s 1.20
1907952 - bump to k8s 1.20
1907972 - Update OCM link to open Insights tab
1907989 - DataVolumes was intorduced in common templates - VM creation fails in the UI
1907998 - Gather kube_pod_resource_request/limit metrics as exposed in upstream KEP 1916
1908001 - [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in egress-router-cni
1908014 - e2e-aws-ansible and e2e-aws-helm are broken in ocp-release-operator-sdk
1908035 - dynamic-demo-plugin build does not generate dist directory
1908135 - quick search modal is not centered over topology
1908145 - kube-scheduler-recovery-controller container crash loop when router pod is co-scheduled
1908159 - [AWS C2S] MCO fails to sync cloud config
1908171 - GCP: Installation fails when installing cluster with n1-custom-4-16384custom type (n1-custom-4-16384)
1908180 - Add source for template is stucking in preparing pvc
1908217 - CI: Server-Side Apply should work for oauth.openshift.io/v1: has no tokens
1908231 - [Migration] The pods ovnkube-node are in CrashLoopBackOff after SDN to OVN
1908277 - QE - Automation- pipelines actions scripts
1908280 - Documentation describing `ignore-volume-az` is incorrect
1908296 - Fix pipeline builder form yaml switcher validation issue
1908303 - [CVE-2020-28367 CVE-2020-28366] Remove CGO flag from rhel Dockerfile in Egress-Router-CNI
1908323 - Create button missing for PLR in the search page
1908342 - The new pv_collector_total_pv_count is not reported via telemetry
1908344 - [vsphere-problem-detector] CheckNodeProviderID and CheckNodeDiskUUID have the same name
1908347 - CVO overwrites ValidatingWebhookConfiguration for snapshots
1908349 - Volume snapshot tests are failing after 1.20 rebase
1908353 - QE - Automation- pipelines runs scripts
1908361 - bump to k8s 1.20
1908367 - QE - Automation- pipelines triggers scripts
1908370 - QE - Automation- pipelines secrets scripts
1908375 - QE - Automation- pipelines workspaces scripts
1908381 - Go Dependency Fixes for Devfile Lib
1908389 - Loadbalancer Sync failing on Azure
1908400 - Tests-e2e, increase timeouts, re-add TestArchiveUploadedAndResultsReceived
1908407 - Backport Upstream 95269 to fix potential crash in kubelet
1908410 - Exclude Yarn from VSCode search
1908425 - Create Role Binding form subject type and name are undefined when All Project is selected
1908431 - When the marketplace-operator pod get's restarted, the custom catalogsources are gone, as well as the pods
1908434 - Remove &apos from metal3-plugin internationalized strings
1908437 - Operator backed with no icon has no badge associated with the CSV tag
1908459 - bump to k8s 1.20
1908461 - Add bugzilla component to OWNERS file
1908462 - RHCOS 4.6 ostree removed dhclient
1908466 - CAPO AZ Screening/Validating
1908467 - Zoom in and zoom out in topology package should be sentence case
1908468 - [Azure][4.7] Installer can't properly parse instance type with non integer memory size
1908469 - nbdb failed to come up while bringing up OVNKubernetes cluster
1908471 - OLM should bump k8s dependencies to 1.20
1908484 - oc adm release extract --cloud=aws --credentials-requests dumps all manifests
1908493 - 4.7-e2e-metal-ipi-ovn-dualstack intermittent test failures, worker hostname is overwritten by NM
1908545 - VM clone dialog does not open
1908557 - [e2e][automation]Miss css id on bootsource and reviewcreate step on wizard
1908562 - Pod readiness is not being observed in real world cases
1908565 - [4.6] Cannot filter the platform/arch of the index image
1908573 - Align the style of flavor
1908583 - bootstrap does not run on additional networks if configured for master in install-config
1908596 - Race condition on operator installation
1908598 - Persistent Dashboard shows events for all provisioners
1908641 - Go back to Catalog Page link on Virtual Machine page vanishes on empty state
1908648 - Skip TestKernelType test on OKD, adjust TestExtensions
1908650 - The title of customize wizard is inconsistent
1908654 - cluster-api-provider: volumes and disks names shouldn't change by machine-api-operator
1908675 - Reenable [sig-storage] CSI mock volume CSI FSGroupPolicy [LinuxOnly] should modify fsGroup if fsGroupPolicy=default [Suite:openshift/conformance/parallel] [Suite:k8s]
1908687 - Option to save user settings separate when using local bridge (affects console developers only)
1908697 - Show `kubectl diff ` command in the oc diff help page
1908715 - Pressing the arrow up key when on topmost quick-search list item it should loop back to bottom
1908716 - UI breaks on click of sidebar of ksvc (if revisions not up) in topology on 4.7 builds
1908717 - "missing unit character in duration" error in some network dashboards
1908746 - [Safari] Drop Shadow doesn't works as expected on hover on workload
1908747 - stale S3 CredentialsRequest in CCO manifest
1908758 - AWS: NLB timeout value is rejected by AWS cloud provider after 1.20 rebase
1908830 - RHCOS 4.6 - Missing Initiatorname
1908868 - Update empty state message for EventSources and Channels tab
1908880 - 4.7 aws-serial CI: NoExecuteTaintManager Single Pod [Serial] eventually evict pod with finite tolerations from tainted nodes
1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
1908888 - Dualstack does not work with multiple gateways
1908889 - Bump CNO to k8s 1.20
1908891 - TestDNSForwarding DNS operator e2e test is failing frequently
1908914 - CNO: upgrade nodes before masters
1908918 - Pipeline builder yaml view sidebar is not responsive
1908960 - QE - Design Gherkin Scenarios
1908971 - Gherkin Script for pipeline debt 4.7
1908983 - i18n: Add Horizontal Pod Autoscaler action menu is not translated
1908997 - Unsupported access mode should not be available when creating pvc by cinder-csi-driver/gcp-pd-csi-driver from web-console
1908998 - [cinder-csi-driver] doesn't detect the credentials change
1909004 - "No datapoints found" for RHEL node's filesystem graph
1909005 - i18n: workloads list view heading is not translated
1909012 - csi snapshot webhook does not block any invalid update for volumesnapshot and volumesnapshotcontent objects
1909027 - Disks option of Sectected capacity chart shows HDD disk even on selection of SDD disk type
1909043 - OCP + OCS 4.7 Internal - Storage cluster creation throws warning when zone=0 in VMware
1909067 - Web terminal should keep latest output when connection closes
1909070 - PLR and TR Logs component is not streaming as fast as tkn
1909092 - Error Message should not confuse user on Channel form
1909096 - OCP 4.7+OCS 4.7 - The Requested Cluster Capacity field needs to include the selected capacity in calculation in Review and Create Page
1909108 - Machine API components should use 1.20 dependencies
1909116 - Catalog Sort Items dropdown is not aligned on Firefox
1909198 - Move Sink action option is not working
1909207 - Accessibility Issue on monitoring page
1909236 - Remove pinned icon overlap on resource name
1909249 - Intermittent packet drop from pod to pod
1909276 - Accessibility Issue on create project modal
1909289 - oc debug of an init container no longer works
1909290 - Logging may be broken due to mix of k8s.io/klog v1 and v2
1909358 - registry.redhat.io/redhat/community-operator-index:latest only have hyperfoil-bundle
1909453 - Boot disk RAID can corrupt ESP if UEFI firmware writes to it
1909455 - Boot disk RAID will not boot if the primary disk enumerates but fails I/O
1909464 - Build operator-registry with golang-1.15
1909502 - NO_PROXY is not matched between bootstrap and global cluster setting which lead to desired master machineconfig is not found
1909521 - Add kubevirt cluster type for e2e-test workflow
1909527 - [IPI Baremetal] After upgrade from 4.6 to 4.7 metal3 pod does not get created
1909587 - [OCP4] all of the OCP master nodes with soft-anti-affinity run on the same OSP node
1909610 - Fix available capacity when no storage class selected
1909678 - scale up / down buttons available on pod details side panel
1909723 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART
1909730 - unbound variable error if EXTRA_PKGS_LIST is not defined
1909739 - Arbiter request data changes
1909744 - cluster-api-provider-openstack: Bump gophercloud
1909790 - PipelineBuilder yaml view cannot be used for editing a pipeline
1909791 - Update standalone kube-proxy config for EndpointSlice
1909792 - Empty states for some details page subcomponents are not i18ned
1909815 - Perspective switcher is only half-i18ned
1909821 - OCS 4.7 LSO installation blocked because of Error "Invalid value: "integer": spec.flexibleScaling in body
1909836 - operator-install-global Cypress test was failing in OLM as it depends on an operator that isn't installed in CI
1909864 - promote-release-openshift-machine-os-content-e2e-aws-4.5 is perm failing
1909911 - [OVN]EgressFirewall caused a segfault
1909943 - Upgrade from 4.6 to 4.7 stuck due to write /sys/devices/xxxx/block/sda/queue/scheduler: invalid argument
1909958 - Support Quick Start Highlights Properly
1909978 - ignore-volume-az = yes not working on standard storageClass
1909981 - Improve statement in template select step
1909992 - Fail to pull the bundle image when using the private index image
1910024 - Reload issue in latest(4.7) UI code on 4.6 cluster locally in dev
1910036 - QE - Design Gherkin Scenarios ODC-4504
1910049 - UPI: ansible-galaxy is not supported
1910127 - [UPI on oVirt]: Improve UPI Documentation
1910140 - fix the api dashboard with changes in upstream kube 1.20
1910160 - If two OperatorConditions include the same deployments they will keep updating the deployment's containers with the OPERATOR_CONDITION_NAME Environment Variable
1910165 - DHCP to static lease script doesn't handle multiple addresses
1910305 - [Descheduler] - The minKubeVersion should be 1.20.0
1910409 - Notification drawer is not localized for i18n
1910459 - Could not provision gcp volume if delete secret gcp-pd-cloud-credentials
1910492 - KMS details are auto-populated on the screen in next attempt at Storage cluster creation
1910501 - Installed Operators->Operand required: Clicking on cancel in Storage cluster page takes back to the Install Operator page
1910533 - [OVN] It takes about 5 minutes for EgressIP failover to work
1910581 - library-go: proxy ENV is not injected into csi-driver-controller which lead to storage operator never get ready
1910666 - Creating a Source Secret from type SSH-Key should use monospace font for better usability
1910738 - OCP 4.7 Installation fails on VMWare due to 1 worker that is degraded
1910739 - Redfish-virtualmedia (idrac) deploy fails on "The Virtual Media image server is already connected"
1910753 - Support Directory Path to Devfile
1910805 - Missing translation for Pipeline status and breadcrumb text
1910829 - Cannot delete a PVC if the dv's phase is WaitForFirstConsumer
1910840 - Show Nonexistent command info in the `oc rollback -h` help page
1910859 - breadcrumbs doesn't use last namespace
1910866 - Unify templates string
1910870 - Unify template dropdown action
1911016 - Prometheus unable to mount NFS volumes after upgrading to 4.6
1911129 - Monitoring charts renders nothing when switching from a Deployment to "All workloads"
1911176 - [MSTR-998] Wrong text shown when hovering on lines of charts in API Performance dashboard
1911212 - [MSTR-998] API Performance Dashboard "Period" drop-down has a choice "$__auto_interval_period" which can bring "1:154: parse error: missing unit character in duration"
1911213 - Wrong and misleading warning for VMs that were created manually (not from template)
1911257 - [aws-c2s] failed to create cluster, kube-cloud-config was not created
1911269 - waiting for the build message present when build exists
1911280 - Builder images are not detected for Dotnet, Httpd, NGINX
1911307 - Pod Scale-up requires extra privileges in OpenShift web-console
1911381 - "Select Persistent Volume Claim project" shows in customize wizard when select a source available template
1911382 - "source volumeMode (Block) and target volumeMode (Filesystem) do not match" shows in VM Error
1911387 - Hit error - "Cannot read property 'value' of undefined" while creating VM from template
1911408 - [e2e][automation] Add auto-clone cli tests and new flow of VM creation
1911418 - [v2v] The target storage class name is not displayed if default storage class is used
1911434 - git ops empty state page displays icon with watermark
1911443 - SSH Cretifiaction field should be validated
1911465 - IOPS display wrong unit
1911474 - Devfile Application Group Does Not Delete Cleanly (errors)
1911487 - Pruning Deployments should use ReplicaSets instead of ReplicationController
1911574 - Expose volume mode on Upload Data form
1911617 - [CNV][UI] Failure to add source to VM template when no default storage class is defined
1911632 - rpm-ostree command fail due to wrong options when updating ocp-4.6 to 4.7 on worker nodes with rt-kernel
1911656 - using 'operator-sdk run bundle' to install operator successfully, but the command output said 'Failed to run bundle''
1911664 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state
1911782 - Descheduler should not evict pod used local storage by the PVC
1911796 - uploading flow being displayed before submitting the form
1912066 - The ansible type operator's manager container is not stable when managing the CR
1912077 - helm operator's default rbac forbidden
1912115 - [automation] Analyze job keep failing because of 'JavaScript heap out of memory'
1912237 - Rebase CSI sidecars for 4.7
1912381 - [e2e][automation] Miss css ID on Create Network Attachment Definition page
1912409 - Fix flow schema deployment
1912434 - Update guided tour modal title
1912522 - DNS Operator e2e test: TestCoreDNSImageUpgrade is fundamentally broken
1912523 - Standalone pod status not updating in topology graph
1912536 - Console Plugin CR for console-demo-plugin has wrong apiVersion
1912558 - TaskRun list and detail screen doesn't show Pending status
1912563 - p&f: carry 97206: clean up executing request on panic
1912565 - OLM macOS local build broken by moby/term dependency
1912567 - [OCP on RHV] Node becomes to 'NotReady' status when shutdown vm from RHV UI only on the second deletion
1912577 - 4.1/4.2->4.3->...-> 4.7 upgrade is stuck during 4.6->4.7 with co/openshift-apiserver Degraded, co/network not Available and several other components pods CrashLoopBackOff
1912590 - publicImageRepository not being populated
1912640 - Go operator's controller pods is forbidden
1912701 - Handle dual-stack configuration for NIC IP
1912703 - multiple queries can't be plotted in the same graph under some conditons
1912730 - Operator backed: In-context should support visual connector if SBO is not installed
1912828 - Align High Performance VMs with High Performance in RHV-UI
1912849 - VM from wizard - default flavor does not match the actual flavor set by common templates
1912852 - VM from wizard - available VM templates - "storage" field is "0 B"
1912888 - recycler template should be moved to KCM operator
1912907 - Helm chart repository index can contain unresolvable relative URL's
1912916 - Set external traffic policy to cluster for IBM platform
1912922 - Explicitly specifying the operator generated default certificate for an ingress controller breaks the ingress controller
1912938 - Update confirmation modal for quick starts
1912942 - cluster-storage-operator: proxy ENV is not injected into vsphere-problem-detector deployment
1912944 - cluster-storage-operator: proxy ENV is not injected into Manila CSI driver operator deployment
1912945 - aws-ebs-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912946 - gcp-pd-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912947 - openstack-cinder-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912948 - csi-driver-manila-operator: proxy ENV is not injected into the CSI driver
1912949 - ovirt-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912977 - rebase upstream static-provisioner
1913006 - Remove etcd v2 specific alerts with etcd_http* metrics
1913011 - [OVN] Pod's external traffic not use egressrouter macvlan ip as a source ip
1913037 - update static-provisioner base image
1913047 - baremetal clusteroperator progressing status toggles between true and false when cluster is in a steady state
1913085 - Regression OLM uses scoped client for CRD installation
1913096 - backport: cadvisor machine metrics are missing in k8s 1.19
1913132 - The installation of Openshift Virtualization reports success early before it 's succeeded eventually
1913154 - Upgrading to 4.6.10 nightly failed with RHEL worker nodes: Failed to find /dev/disk/by-label/root
1913196 - Guided Tour doesn't handle resizing of browser
1913209 - Support modal should be shown for community supported templates
1913226 - [Migration] The SDN migration rollback failed if customize vxlanPort
1913249 - update info alert this template is not aditable
1913285 - VM list empty state should link to virtualization quick starts
1913289 - Rebase AWS EBS CSI driver for 4.7
1913292 - OCS 4.7 Installation failed over vmware when arbiter was enabled, as flexibleScaling is also getting enabled
1913297 - Remove restriction of taints for arbiter node
1913306 - unnecessary scroll bar is present on quick starts panel
1913325 - 1.20 rebase for openshift-apiserver
1913331 - Import from git: Fails to detect Java builder
1913332 - Pipeline visualization breaks the UI when multiple taskspecs are used
1913343 - (release-4.7) Added changelog file for insights-operator
1913356 - (release-4.7) Implemented gathering specific logs from openshift apiserver operator
1913371 - Missing i18n key "Administrator" in namespace "console-app" and language "en."
1913386 - users can see metrics of namespaces for which they don't have rights when monitoring own services with prometheus user workloads
1913420 - Time duration setting of resources is not being displayed
1913536 - 4.6.9 -> 4.7 upgrade hangs. RHEL 7.9 worker stuck on "error enabling unit: Failed to execute operation: File exists\\n\"
1913554 - Recording rule for ingress error fraction SLI is incorrect, uses irate instead of increase
1913560 - Normal user cannot load template on the new wizard
1913563 - "Virtual Machine" is not on the same line in create button when logged with normal user
1913567 - Tooltip data should be same for line chart or stacked chart, display data value same as the table
1913568 - Normal user cannot create template
1913582 - [Migration]SDN to OVN migration stucks on MCO for rhel worker
1913585 - Topology descriptive text fixes
1913608 - Table data contains data value None after change time range in graph and change back
1913651 - Improved Red Hat image and crashlooping OpenShift pod collection
1913660 - Change location and text of Pipeline edit flow alert
1913685 - OS field not disabled when creating a VM from a template
1913716 - Include additional use of existing libraries
1913725 - Refactor Insights Operator Plugin states
1913736 - Regression: fails to deploy computes when using root volumes
1913747 - Update operator to kubernetes 1.20.1 to pickup upstream fixes
1913751 - add third-party network plugin test suite to openshift-tests
1913783 - QE-To fix the merging pr issue, commenting the afterEach() block
1913807 - Template support badge should not be shown for community supported templates
1913821 - Need definitive steps about uninstalling descheduler operator
1913851 - Cluster Tasks are not sorted in pipeline builder
1913864 - BuildConfig YAML template references ruby ImageStreamTag that no longer exists
1913951 - Update the Devfile Sample Repo to an Official Repo Host
1913960 - Cluster Autoscaler should use 1.20 dependencies
1913969 - Field dependency descriptor can sometimes cause an exception
1914060 - Disk created from 'Import via Registry' cannot be used as boot disk
1914066 - [sriov] sriov dp pod crash when delete ovs HW offload policy
1914090 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks)
1914119 - vsphere problem detector operator has no permission to update storages.operator.openshift.io instances
1914125 - Still using /dev/vde as default device path when create localvolume
1914183 - Empty NAD page is missing link to quickstarts
1914196 - target port in `from dockerfile` flow does nothing
1914204 - Creating VM from dev perspective may fail with template not found error
1914209 - Associate image secret name to pipeline serviceaccount imagePullSecrets
1914212 - [e2e][automation] Add test to validate bootable disk souce
1914250 - ovnkube-node fails on master nodes when both DHCPv6 and SLAAC addresses are configured on nodes
1914284 - Upgrade to OCP 4.6.9 results in cluster-wide DNS and connectivity issues due to bad NetworkPolicy flows
1914287 - Bring back selfLink
1914301 - User VM Template source should show the same provider as template itself
1914303 - linuxptp-daemon is not forwarding ptp4l stderr output to openshift logs
1914309 - /terminal page when WTO not installed shows nonsensical error
1914334 - order of getting started samples is arbitrary
1914343 - [sig-imageregistry][Feature:ImageTriggers] Annotation trigger reconciles after the image is overwritten [Suite:openshift/conformance/parallel] timeout on s390x
1914349 - Increase and decrease buttons in max and min pods in HPA page has distorted UI
1914405 - Quick search modal should be opened when coming back from a selection
1914407 - Its not clear that node-ca is running as non-root
1914427 - Count of pods on the dashboard is incorrect
1914439 - Typo in SRIOV port create command example
1914451 - cluster-storage-operator pod running as root
1914452 - oc image append, oc image extract outputs wrong suggestion to use --keep-manifest-list=true
1914642 - Customize Wizard Storage tab does not pass validation
1914723 - SamplesTBRInaccessibleOnBoot Alert has a misspelling
1914793 - device names should not be translated
1914894 - Warn about using non-groupified api version
1914926 - webdriver-manager pulls incorrect version of ChomeDriver due to a bug
1914932 - Put correct resource name in relatedObjects
1914938 - PVC disk is not shown on customization wizard general tab
1914941 - VM Template rootdisk is not deleted after fetching default disk bus
1914975 - Collect logs from openshift-sdn namespace
1915003 - No estimate of average node readiness during lifetime of a cluster
1915027 - fix MCS blocking iptables rules
1915041 - s3:ListMultipartUploadParts is relied on implicitly
1915079 - Canary controller should not periodically rotate the canary route endpoint for performance reasons
1915080 - Large number of tcp connections with shiftstack ocp cluster in about 24 hours
1915085 - Pods created and rapidly terminated get stuck
1915114 - [aws-c2s] worker machines are not create during install
1915133 - Missing default pinned nav items in dev perspective
1915176 - Update snapshot API CRDs to v1 in web-console when creating volumesnapshot related resource
1915187 - Remove the "Tech preview" tag in web-console for volumesnapshot
1915188 - Remove HostSubnet anonymization
1915200 - [OCP 4.7+ OCS 4.6]Arbiter related Note should not show up during UI deployment
1915217 - OKD payloads expect to be signed with production keys
1915220 - Remove dropdown workaround for user settings
1915235 - Failed to upgrade to 4.7 from 4.6 due to the machine-config failure
1915262 - When deploying with assisted install the CBO operator is installed and enabled without metal3 pod
1915277 - [e2e][automation]fix cdi upload form test
1915295 - [BM][IP][Dualstack] Installation failed - operators report dial tcp 172.30.0.1:443: i/o timeout
1915304 - Updating scheduling component builder & base images to be consistent with ART
1915312 - Prevent schedule Linux openshift-network-diagnostics pod on Windows node
1915318 - [Metal] bareMetal IPI - cannot interact with toolbox container after first execution only in parallel from different connection
1915348 - [RFE] linuxptp operator needs to expose the uds_address_socket to be used by an application pod
1915357 - Dev Catalog doesn't load anything if virtualization operator is installed
1915379 - New template wizard should require provider and make support input a dropdown type
1915408 - Failure in operator-registry kind e2e test
1915416 - [Descheduler] descheduler evicts pod which does not have any ownerRef or descheduler evict annotation
1915460 - Cluster name size might affect installations
1915500 - [aws c2s] kube-controller-manager crash loops trying to fetch the AWS instance
1915540 - Silent 4.7 RHCOS install failure on ppc64le
1915579 - [Metal] redhat-support-tool became unavailable after tcpdump usage (BareMetal IPI)
1915582 - p&f: carry upstream pr 97860
1915594 - [e2e][automation] Improve test for disk validation
1915617 - Bump bootimage for various fixes
1915624 - "Please fill in the following field: Template provider" blocks customize wizard
1915627 - Translate Guided Tour text.
1915643 - OCP4.6 to 4.7 upgrade failed due to manila csi driver operator sync error
1915647 - Intermittent White screen when the connector dragged to revision
1915649 - "Template support" pop up is not a warning; checkbox text should be rephrased
1915654 - [e2e][automation] Add a verification for Afinity modal should hint "Matching node found"
1915661 - Can't run the 'oc adm prune' command in a pod
1915672 - Kuryr doesn't work with selfLink disabled.
1915674 - Golden image PVC creation - storage size should be taken from the template
1915685 - Message for not supported template is not clear enough
1915760 - Need to increase timeout to wait rhel worker get ready
1915793 - quick starts panel syncs incorrectly across browser windows
1915798 - oauth connection errors for openshift console pods on an OVNKube OCP 4.7 cluster
1915818 - vsphere-problem-detector: use "_totals" in metrics
1915828 - Latest Dell firmware (04.40.00.00) fails to install IPI on BM using idrac-virtualmedia protocol
1915859 - vsphere-problem-detector: does not report ESXi host version nor VM HW version
1915871 - operator-sdk version in new downstream image should be v1.2.0-ocp not v4.7.0
1915879 - Pipeline Dashboard tab Rename to Pipeline Metrics
1915885 - Kuryr doesn't support workers running on multiple subnets
1915898 - TaskRun log output shows "undefined" in streaming
1915907 - test/cmd/builds.sh uses docker.io
1915912 - sig-storage-csi-snapshotter image not available
1915926 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART
1915929 - A11y Violation: svg-img-alt for time axis of Utilization Card on Cluster Dashboard
1915939 - Resizing the browser window removes Web Terminal Icon
1915945 - [sig-scheduling] SchedulerPreemption [Serial] validates basic preemption works [Conformance]
1915959 - Baremetal cluster operator is included in a ROKS installation of 4.7
1915962 - ROKS: manifest with machine health check fails to apply in 4.7
1915972 - Global configuration breadcrumbs do not work as expected
1915981 - Install ethtool and conntrack in container for debugging
1915995 - "Edit RoleBinding Subject" action under RoleBinding list page kebab actions causes unhandled exception
1915998 - Installer bootstrap node setting of additional subnets inconsistent with additional security groups
1916021 - OLM enters infinite loop if Pending CSV replaces itself
1916056 - Need Visual Web Terminal metric enabled for OCP monitoring telemetry
1916081 - non-existant should be non-existent in CloudCredentialOperatorTargetNamespaceMissing alert's annotations
1916099 - VM creation - customization wizard - user should be allowed to delete and re-create root disk
1916126 - [e2e][automation] Help fix tests for vm guest-agent and next-run-configuration
1916145 - Explicitly set minimum versions of python libraries
1916164 - Update csi-driver-nfs builder & base images to be consistent with ART
1916221 - csi-snapshot-controller-operator: bump dependencies for 4.7
1916271 - Known issues should mention failure to apply soft-anti-affinity to masters beyond the third
1916363 - [OVN] ovs-configuration.service reports as failed within all nodes using version 4.7.0-fc.2
1916379 - error metrics from vsphere-problem-detector should be gauge
1916382 - Can't create ext4 filesystems with Ignition
1916384 - 4.5.15 and later cluster-version operator does not sync ClusterVersion status before exiting, leaving 'verified: false' even for verified updates
1916401 - Deleting an ingress controller with a bad DNS Record hangs
1916417 - [Kuryr] Must-gather does not have all Custom Resources information
1916419 - [sig-devex][Feature:ImageEcosystem][Slow] openshift images should be SCL enabled returning s2i usage when running the image
1916454 - teach CCO about upgradeability from 4.6 to 4.7
1916486 - [OCP RHV] [Docs] Update RHV CSI provisioning section in OCP documenation
1916502 - Boot disk mirroring fails with mdadm error
1916524 - Two rootdisk shows on storage step
1916580 - Default yaml is broken for VM and VM template
1916621 - oc adm node-logs examples are wrong
1916642 - [zh_CN] Redundant period in Secrets - Create drop down menu - Key value secret.
1916692 - Possibly fails to destroy LB and thus cluster
1916711 - Update Kube dependencies in MCO to 1.20.0
1916747 - remove links to quick starts if virtualization operator isn't updated to 2.6
1916764 - editing a workload with no application applied, will auto fill the app
1916834 - Pipeline Metrics - Text Updates
1916843 - collect logs from openshift-sdn-controller pod
1916853 - cluster will not gracefully recover if openshift-etcd namespace is removed
1916882 - OCS 4.7 LSO : wizard (Discover disks and create storageclass) does not show zone when topology.kubernetes.io/zone are added manually
1916888 - OCS wizard Donor chart does not get updated when `Device Type` is edited
1916938 - Using 4.6 install-config.yaml file with lbFloatingIP results in validation error "Forbidden: cannot specify lbFloatingIP and apiFloatingIP together"
1916949 - ROKS: manifests in openshift-oauth-apiserver ns fails to create with non-existent namespace
1917101 - [UPI on oVirt] - 'RHCOS image' topic isn't located in the right place in UPI document
1917114 - Upgrade from 4.5.9 to 4.7 fails as authentication operator is Degraded due to '"ProxyConfigController" controller failed to sync "key"' error
1917117 - Common templates - disks screen: invalid disk name
1917124 - Custom template - clone existing PVC - the name of the target VM's data volume is hard-coded; only one VM can be created
1917146 - [oVirt] Consume 23-10 ovirt sdk- csi operator
1917147 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable.
1917148 - [oVirt] Consume 23-10 ovirt sdk
1917239 - Monitoring time options overlaps monitoring tab navigation when Quickstart panel is opened
1917272 - Should update the default minSize to 1Gi when create localvolumeset on web console
1917303 - [automation][e2e] make kubevirt-plugin gating job mandatory
1917315 - localvolumeset-local-provisoner-xxx pods are not killed after upgrading from 4.6 to 4.7
1917327 - annotations.message maybe wrong for NTOPodsNotReady alert
1917367 - Refactor periodic.go
1917371 - Add docs on how to use the built-in profiler
1917372 - Application metrics are shown on Metrics dashboard but not in linked Prometheus UI in OCP management console
1917395 - pv-pool backing store name restriction should be at 43 characters from the ocs ui
1917484 - [BM][IPI] Failed to scale down machineset
1917522 - Deprecate --filter-by-os in oc adm catalog mirror
1917537 - controllers continuously busy reconciling operator
1917551 - use min_over_time for vsphere prometheus alerts
1917585 - OLM Operator install page missing i18n
1917587 - Manila CSI operator becomes degraded if user doesn't have permissions to list share types
1917605 - Deleting an exgw causes pods to no longer route to other exgws
1917614 - [aws c2s] ingress operator uses unavailable resourcegrouptaggings API
1917656 - Add to Project/application for eventSources from topology shows 404
1917658 - Show TP badge for sources powered by camel connectors in create flow
1917660 - Editing parallelism of job get error info
1917678 - Could not provision pv when no symlink and target found on rhel worker
1917679 - Hide double CTA in admin pipelineruns tab
1917683 - `NodeTextFileCollectorScrapeError` alert in OCP 4.6 cluster.
1917759 - Console operator panics after setting plugin that does not exists to the console-operator config
1917765 - ansible-operator version in downstream image should be v1.3.0 not v4.7.0
1917770 - helm-operator version in downstream image should be v1.3.0 not v4.7.0
1917799 - Gather s list of names and versions of installed OLM operators
1917803 - [sig-storage] Pod Disks should be able to delete a non-existent PD without error
1917814 - Show Broker create option in eventing under admin perspective
1917838 - MachineSet scaling from 0 is not available or evaluated incorrectly for the new or changed instance types
1917872 - [oVirt] rebase on latest SDK 2021-01-12
1917911 - network-tools needs ovnkube-trace binary from ovn-kubernetes image
1917938 - upgrade version of dnsmasq package
1917942 - Canary controller causes panic in ingress-operator
1918019 - Undesired scrollbars in markdown area of QuickStart
1918068 - Flaky olm integration tests
1918085 - reversed name of job and namespace in cvo log
1918112 - Flavor is not editable if a customize VM is created from cli
1918129 - Update IO sample archive with missing resources & remove IP anonymization from clusteroperator resources
1918132 - i18n: Volume Snapshot Contents menu is not translated
1918133 - [e2e][automation] Fix ocp 4.7 existing tests - part2
1918140 - Deployment openstack-cinder-csi-driver-controller and openstack-manila-csi-controllerplugin doesn't be installed on OSP
1918153 - When `&` character is set as an environment variable in a build config it is getting converted as `\u0026`
1918185 - Capitalization on PLR details page
1918287 - [ovirt] ovirt csi driver is flooding RHV with API calls and spam the event UI with new connections
1918318 - Kamelet connector's are not shown in eventing section under Admin perspective
1918351 - Gather SAP configuration (SCC & ClusterRoleBinding)
1918375 - [calico] rbac-proxy container in kube-proxy fails to create tokenreviews
1918395 - [ovirt] increase livenessProbe period
1918415 - MCD nil pointer on dropins
1918438 - [ja_JP, zh_CN] Serverless i18n misses
1918440 - Kernel Arguments get reapplied even when no new kargs has been added in MachineConfig
1918471 - CustomNoUpgrade Feature gates are not working correctly
1918558 - Supermicro nodes boot to PXE upon reboot after successful deployment to disk
1918622 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART
1918623 - Updating ose-jenkins-agent-nodejs-12 builder & base images to be consistent with ART
1918625 - Updating ose-jenkins-agent-nodejs-10 builder & base images to be consistent with ART
1918635 - Updating openshift-jenkins-2 builder & base images to be consistent with ART #1197
1918639 - Event listener with triggerRef crashes the console
1918648 - Subscription page doesn't show InstallPlan correctly
1918716 - Manilacsi becomes degraded even though it is not available with the underlying Openstack
1918748 - helmchartrepo is not http(s)_proxy-aware
1918757 - Consistant fallures of features/project-creation.feature Cypress test in CI
1918803 - Need dedicated details page w/ global config breadcrumbs for 'KnativeServing' plugin
1918826 - Insights popover icons are not horizontally aligned
1918879 - need better debug for bad pull secrets
1918958 - The default NMstate instance from the operator is incorrect
1919097 - Close bracket ")" missing at the end of the sentence in the UI
1919231 - quick search modal cut off on smaller screens
1919259 - Make "Add x" singular in Pipeline Builder
1919260 - VM Template list actions should not wrap
1919271 - NM prepender script doesn't support systemd-resolved
1919341 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART
1919360 - Need managed-cluster-info metric enabled for OCP monitoring telemetry
1919379 - dotnet logo out of date
1919387 - Console login fails with no error when it can't write to localStorage
1919396 - A11y Violation: svg-img-alt on Pod Status ring
1919407 - OpenStack IPI has three-node control plane limitation, but InstallConfigs aren't verified
1919750 - Search InstallPlans got Minified React error
1919778 - Upgrade is stuck in insights operator Degraded with "Source clusterconfig could not be retrieved" until insights operator pod is manually deleted
1919823 - OCP 4.7 Internationalization Chinese tranlate issue
1919851 - Visualization does not render when Pipeline & Task share same name
1919862 - The tip information for `oc new-project --skip-config-write` is wrong
1919876 - VM created via customize wizard cannot inherit template's PVC attributes
1919877 - Click on KSVC breaks with white screen
1919879 - The toolbox container name is changed from 'toolbox-root' to 'toolbox-' in a chroot environment
1919945 - user entered name value overridden by default value when selecting a git repository
1919968 - [release-4.7] Undiagnosed panic detected in pod runtime.go:76: invalid memory address or nil pointer dereference
1919970 - NTO does not update when the tuned profile is updated.
1919999 - Bump Cluster Resource Operator Golang Versions
1920027 - machine-config-operator consistently failing during 4.6 to 4.7 upgrades and clusters do not install successfully with proxy configuration
1920200 - user-settings network error results in infinite loop of requests
1920205 - operator-registry e2e tests not working properly
1920214 - Bump golang to 1.15 in cluster-resource-override-admission
1920248 - re-running the pipelinerun with pipelinespec crashes the UI
1920320 - VM template field is "Not available" if it's created from common template
1920367 - When creating localvolumeset instance from the web console, the title for setting volumeMode is `Disk Mode`
1920368 - Fix containers creation issue resulting in runc running on Guaranteed Pod CPUs
1920390 - Monitoring > Metrics graph shifts to the left when clicking the "Stacked" option and when toggling data series lines on / off
1920426 - Egress Router CNI OWNERS file should have ovn-k team members
1920427 - Need to update `oc login` help page since we don't support prompt interactively for the username
1920430 - [V2V] [UI] Browser window becomes empty when running import wizard for the first time
1920438 - openshift-tuned panics on turning debugging on/off.
1920445 - e2e-gcp-ovn-upgrade job is actually using openshift-sdn
1920481 - kuryr-cni pods using unreasonable amount of CPU
1920509 - wait for port 6443 to be open in the kube-scheduler container; use ss instead of lsof
1920524 - Topology graph crashes adding Open Data Hub operator
1920526 - catalog operator causing CPU spikes and bad etcd performance
1920551 - Boot Order is not editable for Templates in "openshift" namespace
1920555 - bump cluster-resource-override-admission api dependencies
1920571 - fcp multipath will not recover failed paths automatically
1920619 - Remove default scheduler profile value
1920655 - Console should not show the Create Autoscaler link in cluster settings when the CRD is not present
1920674 - MissingKey errors in bindings namespace
1920684 - Text in language preferences modal is misleading
1920695 - CI is broken because of bad image registry reference in the Makefile
1920756 - update generic-admission-server library to get the system:masters authorization optimization
1920769 - [Upgrade] OCP upgrade from 4.6.13 to 4.7.0-fc.4 for "network-check-target" failed when "defaultNodeSelector" is set
1920771 - i18n: Delete persistent volume claim drop down is not translated
1920806 - [OVN]Nodes lost network connection after reboot on the vSphere UPI
1920912 - Unable to power off BMH from console
1920981 - When OCS was deployed with arbiter mode enable add capacity is increasing the count by "2"
1920984 - [e2e][automation] some menu items names are out dated
1921013 - Gather PersistentVolume definition (if any) used in image registry config
1921023 - Do not enable Flexible Scaling to true for Internal mode clusters(revert to 4.6 behavior)
1921087 - 'start next quick start' link doesn't work and is unintuitive
1921088 - test-cmd is failing on volumes.sh pretty consistently
1921248 - Clarify the kubelet configuration cr description
1921253 - Text filter default placeholder text not internationalized
1921258 - User Preferences: Active perspective and project change in the current window when selected in a different window
1921275 - Panic in authentication-operator in (*deploymentController).updateOperatorDeploymentInfo
1921277 - Fix Warning and Info log statements to handle arguments
1921281 - oc get -o yaml --export returns "error: unknown flag: --export"
1921458 - [SDK] Gracefully handle the `run bundle-upgrade` if the lower version operator doesn't exist
1921556 - [OCS with Vault]: OCS pods didn't comeup after deploying with Vault details from UI
1921572 - For external source (i.e GitHub Source) form view as well shows yaml
1921580 - [e2e][automation]Test VM detail view actions dropdown does not pass
1921610 - Pipeline metrics font size inconsistency
1921644 - [e2e][automation] tests errors with wrong cloudInit new line syntax
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1921655 - [OSP] Incorrect error handling during cloudinfo generation
1921713 - [e2e][automation] fix failing VM migration tests
1921762 - Serving and Eventing breadcrumbs should direct users back to tabbed page view
1921774 - delete application modal errors when a resource cannot be found
1921806 - Explore page APIResourceLinks aren't i18ned
1921823 - CheckBoxControls not internationalized
1921836 - AccessTableRows don't internationalize "User" or "Group"
1921857 - Test flake when hitting router in e2e tests due to one router not being up to date
1921880 - Dynamic plugins are not initialized on console load in production mode
1921911 - Installer PR #4589 is causing leak of IAM role policy bindings
1921921 - "Global Configuration" breadcrumb does not use sentence case
1921949 - Console bug - source code URL broken for gitlab self-hosted repositories
1921954 - Subscription-related constraints in ResolutionFailed events are misleading
1922015 - buttons in modal header are invisible on Safari
1922021 - Nodes terminal page 'Expand' 'Collapse' button not translated
1922050 - [e2e][automation] Improve vm clone tests
1922066 - Cannot create VM from custom template which has extra disk
1922098 - Namespace selection dialog is not closed after select a namespace
1922099 - Updated Readme documentation for QE code review and setup
1922146 - Egress Router CNI doesn't have logging support.
1922267 - Collect specific ADFS error
1922292 - Bump RHCOS boot images for 4.7
1922454 - CRI-O doesn't enable pprof by default
1922473 - reconcile LSO images for 4.8
1922573 - oc returns an error while using -o jsonpath when there is no resource found in the namespace
1922782 - Source registry missing docker:// in yaml
1922907 - Interop UI Tests - step implementation for updating feature files
1922911 - Page crash when click the "Stacked" checkbox after clicking the data series toggle buttons
1922991 - "verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build" test fails on OKD
1923003 - WebConsole Insights widget showing "Issues pending" when the cluster doesn't report anything
1923098 - [vsphere-problem-detector-operator] Need permission to access replicasets.apps resources
1923102 - [vsphere-problem-detector-operator] pod's version is not correct
1923245 - [Assisted-4.7] [Staging][Minimal-ISO] nodes fails to boot
1923674 - k8s 1.20 vendor dependencies
1923721 - PipelineRun running status icon is not rotating
1923753 - Increase initialDelaySeconds for ovs-daemons container in the ovs-node daemonset for upgrade scenarios
1923774 - Docker builds failing for openshift/cluster-resource-override-admission-operator
1923802 - ci/prow/e2e-aws-olm build failing for openshift/cluster-resource-override-admission-operator
1923874 - Unable to specify values with % in kubeletconfig
1923888 - Fixes error metadata gathering
1923892 - Update arch.md after refactor.
1923894 - "installed" operator status in operatorhub page does not reflect the real status of operator
1923895 - Changelog generation.
1923911 - [e2e][automation] Improve tests for vm details page and list filter
1923945 - PVC Name and Namespace resets when user changes os/flavor/workload
1923951 - EventSources shows `undefined` in project
1923973 - Dynamic plugin demo README does not contain info how to enable the ConsolePlugins
1924046 - Localhost: Refreshing on a Project removes it from nav item urls
1924078 - Topology quick search View all results footer should be sticky.
1924081 - NTO should ship the latest Tuned daemon release 2.15
1924084 - backend tests incorrectly hard-code artifacts dir
1924128 - [sig-builds][Feature:Builds] verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build
1924135 - Under sufficient load, CRI-O may segfault
1924143 - Code Editor Decorator url is broken for Bitbucket repos
1924188 - Language selector dropdown doesn't always pre-select the language
1924365 - Add extra disk for VM which use boot source PXE
1924383 - Degraded network operator during upgrade to 4.7.z
1924387 - [ja_JP][zh_CN] Incorrect warning message for deleting namespace on Delete Pod dialog box.
1924480 - non cluster admin can not take VM snapshot: An error occurred, cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on
1924583 - Deprectaed templates are listed in the Templates screen
1924870 - pick upstream pr#96901: plumb context with request deadline
1924955 - Images from Private external registry not working in deploy Image
1924961 - k8sutil.TrimDNS1123Label creates invalid values
1924985 - Build egress-router-cni for both RHEL 7 and 8
1925020 - Console demo plugin deployment image shoult not point to dockerhub
1925024 - Remove extra validations on kafka source form view net section
1925039 - [e2e] Fix Test - ID(CNV-5327) Change Custom Flavor while VM is running
1925072 - NTO needs to ship the current latest stalld v1.7.0
1925163 - Missing info about dev catalog in boot source template column
1925200 - Monitoring Alert icon is missing on the workload in Topology view
1925262 - apiserver getting 2 SIGTERM signals which was immediately making it exit code 1
1925319 - bash syntax error in configure-ovs.sh script
1925408 - Remove StatefulSet gatherer and replace it with gathering corresponding config map data
1925516 - Pipeline Metrics Tooltips are overlapping data
1925562 - Add new ArgoCD link from GitOps application environments page
1925596 - Gitops details page image and commit id text overflows past card boundary
1926556 - 'excessive etcd leader changes' test case failing in serial job because prometheus data is wiped by machine set test
1926588 - The tarball of operator-sdk is not ready for ocp4.7
1927456 - 4.7 still points to 4.6 catalog images
1927500 - API server exits non-zero on 2 SIGTERM signals
1929278 - Monitoring workloads using too high a priorityclass
1929645 - Remove openshift:kubevirt-machine-controllers decleration from machine-api
1929920 - Cluster monitoring documentation link is broken - 404 not found
5. References:
https://access.redhat.com/security/cve/CVE-2018-10103
https://access.redhat.com/security/cve/CVE-2018-10105
https://access.redhat.com/security/cve/CVE-2018-14461
https://access.redhat.com/security/cve/CVE-2018-14462
https://access.redhat.com/security/cve/CVE-2018-14463
https://access.redhat.com/security/cve/CVE-2018-14464
https://access.redhat.com/security/cve/CVE-2018-14465
https://access.redhat.com/security/cve/CVE-2018-14466
https://access.redhat.com/security/cve/CVE-2018-14467
https://access.redhat.com/security/cve/CVE-2018-14468
https://access.redhat.com/security/cve/CVE-2018-14469
https://access.redhat.com/security/cve/CVE-2018-14470
https://access.redhat.com/security/cve/CVE-2018-14553
https://access.redhat.com/security/cve/CVE-2018-14879
https://access.redhat.com/security/cve/CVE-2018-14880
https://access.redhat.com/security/cve/CVE-2018-14881
https://access.redhat.com/security/cve/CVE-2018-14882
https://access.redhat.com/security/cve/CVE-2018-16227
https://access.redhat.com/security/cve/CVE-2018-16228
https://access.redhat.com/security/cve/CVE-2018-16229
https://access.redhat.com/security/cve/CVE-2018-16230
https://access.redhat.com/security/cve/CVE-2018-16300
https://access.redhat.com/security/cve/CVE-2018-16451
https://access.redhat.com/security/cve/CVE-2018-16452
https://access.redhat.com/security/cve/CVE-2018-20843
https://access.redhat.com/security/cve/CVE-2019-3884
https://access.redhat.com/security/cve/CVE-2019-5018
https://access.redhat.com/security/cve/CVE-2019-6977
https://access.redhat.com/security/cve/CVE-2019-6978
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-9455
https://access.redhat.com/security/cve/CVE-2019-9458
https://access.redhat.com/security/cve/CVE-2019-11068
https://access.redhat.com/security/cve/CVE-2019-12614
https://access.redhat.com/security/cve/CVE-2019-13050
https://access.redhat.com/security/cve/CVE-2019-13225
https://access.redhat.com/security/cve/CVE-2019-13627
https://access.redhat.com/security/cve/CVE-2019-14889
https://access.redhat.com/security/cve/CVE-2019-15165
https://access.redhat.com/security/cve/CVE-2019-15166
https://access.redhat.com/security/cve/CVE-2019-15903
https://access.redhat.com/security/cve/CVE-2019-15917
https://access.redhat.com/security/cve/CVE-2019-15925
https://access.redhat.com/security/cve/CVE-2019-16167
https://access.redhat.com/security/cve/CVE-2019-16168
https://access.redhat.com/security/cve/CVE-2019-16231
https://access.redhat.com/security/cve/CVE-2019-16233
https://access.redhat.com/security/cve/CVE-2019-16935
https://access.redhat.com/security/cve/CVE-2019-17450
https://access.redhat.com/security/cve/CVE-2019-17546
https://access.redhat.com/security/cve/CVE-2019-18197
https://access.redhat.com/security/cve/CVE-2019-18808
https://access.redhat.com/security/cve/CVE-2019-18809
https://access.redhat.com/security/cve/CVE-2019-19046
https://access.redhat.com/security/cve/CVE-2019-19056
https://access.redhat.com/security/cve/CVE-2019-19062
https://access.redhat.com/security/cve/CVE-2019-19063
https://access.redhat.com/security/cve/CVE-2019-19068
https://access.redhat.com/security/cve/CVE-2019-19072
https://access.redhat.com/security/cve/CVE-2019-19221
https://access.redhat.com/security/cve/CVE-2019-19319
https://access.redhat.com/security/cve/CVE-2019-19332
https://access.redhat.com/security/cve/CVE-2019-19447
https://access.redhat.com/security/cve/CVE-2019-19524
https://access.redhat.com/security/cve/CVE-2019-19533
https://access.redhat.com/security/cve/CVE-2019-19537
https://access.redhat.com/security/cve/CVE-2019-19543
https://access.redhat.com/security/cve/CVE-2019-19602
https://access.redhat.com/security/cve/CVE-2019-19767
https://access.redhat.com/security/cve/CVE-2019-19770
https://access.redhat.com/security/cve/CVE-2019-19906
https://access.redhat.com/security/cve/CVE-2019-19956
https://access.redhat.com/security/cve/CVE-2019-20054
https://access.redhat.com/security/cve/CVE-2019-20218
https://access.redhat.com/security/cve/CVE-2019-20386
https://access.redhat.com/security/cve/CVE-2019-20387
https://access.redhat.com/security/cve/CVE-2019-20388
https://access.redhat.com/security/cve/CVE-2019-20454
https://access.redhat.com/security/cve/CVE-2019-20636
https://access.redhat.com/security/cve/CVE-2019-20807
https://access.redhat.com/security/cve/CVE-2019-20812
https://access.redhat.com/security/cve/CVE-2019-20907
https://access.redhat.com/security/cve/CVE-2019-20916
https://access.redhat.com/security/cve/CVE-2020-0305
https://access.redhat.com/security/cve/CVE-2020-0444
https://access.redhat.com/security/cve/CVE-2020-1716
https://access.redhat.com/security/cve/CVE-2020-1730
https://access.redhat.com/security/cve/CVE-2020-1751
https://access.redhat.com/security/cve/CVE-2020-1752
https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/cve/CVE-2020-2574
https://access.redhat.com/security/cve/CVE-2020-2752
https://access.redhat.com/security/cve/CVE-2020-2922
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3898
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-6405
https://access.redhat.com/security/cve/CVE-2020-7595
https://access.redhat.com/security/cve/CVE-2020-7774
https://access.redhat.com/security/cve/CVE-2020-8177
https://access.redhat.com/security/cve/CVE-2020-8492
https://access.redhat.com/security/cve/CVE-2020-8563
https://access.redhat.com/security/cve/CVE-2020-8566
https://access.redhat.com/security/cve/CVE-2020-8619
https://access.redhat.com/security/cve/CVE-2020-8622
https://access.redhat.com/security/cve/CVE-2020-8623
https://access.redhat.com/security/cve/CVE-2020-8624
https://access.redhat.com/security/cve/CVE-2020-8647
https://access.redhat.com/security/cve/CVE-2020-8648
https://access.redhat.com/security/cve/CVE-2020-8649
https://access.redhat.com/security/cve/CVE-2020-9327
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-10029
https://access.redhat.com/security/cve/CVE-2020-10732
https://access.redhat.com/security/cve/CVE-2020-10749
https://access.redhat.com/security/cve/CVE-2020-10751
https://access.redhat.com/security/cve/CVE-2020-10763
https://access.redhat.com/security/cve/CVE-2020-10773
https://access.redhat.com/security/cve/CVE-2020-10774
https://access.redhat.com/security/cve/CVE-2020-10942
https://access.redhat.com/security/cve/CVE-2020-11565
https://access.redhat.com/security/cve/CVE-2020-11668
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-12465
https://access.redhat.com/security/cve/CVE-2020-12655
https://access.redhat.com/security/cve/CVE-2020-12659
https://access.redhat.com/security/cve/CVE-2020-12770
https://access.redhat.com/security/cve/CVE-2020-12826
https://access.redhat.com/security/cve/CVE-2020-13249
https://access.redhat.com/security/cve/CVE-2020-13630
https://access.redhat.com/security/cve/CVE-2020-13631
https://access.redhat.com/security/cve/CVE-2020-13632
https://access.redhat.com/security/cve/CVE-2020-14019
https://access.redhat.com/security/cve/CVE-2020-14040
https://access.redhat.com/security/cve/CVE-2020-14381
https://access.redhat.com/security/cve/CVE-2020-14382
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-14422
https://access.redhat.com/security/cve/CVE-2020-15157
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/cve/CVE-2020-15862
https://access.redhat.com/security/cve/CVE-2020-15999
https://access.redhat.com/security/cve/CVE-2020-16166
https://access.redhat.com/security/cve/CVE-2020-24490
https://access.redhat.com/security/cve/CVE-2020-24659
https://access.redhat.com/security/cve/CVE-2020-25211
https://access.redhat.com/security/cve/CVE-2020-25641
https://access.redhat.com/security/cve/CVE-2020-25658
https://access.redhat.com/security/cve/CVE-2020-25661
https://access.redhat.com/security/cve/CVE-2020-25662
https://access.redhat.com/security/cve/CVE-2020-25681
https://access.redhat.com/security/cve/CVE-2020-25682
https://access.redhat.com/security/cve/CVE-2020-25683
https://access.redhat.com/security/cve/CVE-2020-25684
https://access.redhat.com/security/cve/CVE-2020-25685
https://access.redhat.com/security/cve/CVE-2020-25686
https://access.redhat.com/security/cve/CVE-2020-25687
https://access.redhat.com/security/cve/CVE-2020-25694
https://access.redhat.com/security/cve/CVE-2020-25696
https://access.redhat.com/security/cve/CVE-2020-26160
https://access.redhat.com/security/cve/CVE-2020-27813
https://access.redhat.com/security/cve/CVE-2020-27846
https://access.redhat.com/security/cve/CVE-2020-28362
https://access.redhat.com/security/cve/CVE-2020-29652
https://access.redhat.com/security/cve/CVE-2021-2007
https://access.redhat.com/security/cve/CVE-2021-3121
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYDZ+bNzjgjWX9erEAQghXg//awGwjQxJ5LEZWBTdgyuCa8mHEi2rop5T
lmebolBMNRSbo9gI8LMSHlvIBBFiV4CuFvfxE0AVLNentfzOTH11TxNWe1KQYt4H
EmcGHPeHWTxKDkvAHtVcWXy9WN3y5d4lHSaq6AR1nHRPcj/k1upyx22kotpnYxN8
4d49PjFTO3YbmdYpNLVJ9nY8izqUpTfM7YSyj6ANZSlaYc5Z215o6TPo6e3wobf4
mWu+VfDS0v+/AbGhQhO2sQ7r2ysJ85MB7c62cxck4a51KiA0NKd4xr0TAA4KHnNL
ISHFzi5QYXu+meE+9wYRo1ZjJ5fbPj41+1TJbR6O4CbP0xQiFpcUSipNju3rGSGy
Ae5G/QGT8J7HzOjlKVvY3SFu/odENR6c+xUIr7IB/FBlu7DdPF2XxMZDQD4DKHEk
4aiDbuiEL3Yf78Ic1RqPPmrj9plIwprVFQz+k3JaQXKD+1dBxO6tk+nVu2/5xNbM
uR03hrthYYIpdXLSWU4lzq8j3kQ9wZ4j/m2o6/K6eHNl9PyqAG5jfQv9bVf8E3oG
krzc/JLvOfHNEQ/oJs/v/DFDmnAxshCCtGWlpLJ5J0pcD3EePsrPNs1QtQurVrMv
RjfBCWKOij53+BinrMKHdsHxfur7GCFCIQCVaLIv6GUjX2NWI0voIVA8JkrFNNp6
McvuEaxco7U=
=sw8i
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
.
This advisory provides the following updates among others:
* Enhances profile parsing time.
* Fixes excessive resource consumption from the Operator.
* Fixes default content image.
* Fixes outdated remediation handling. Bugs fixed (https://bugzilla.redhat.com/):
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1918990 - ComplianceSuite scans use quay content image for initContainer
1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present
1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules
1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console.
CVE-2020-9912: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)
Safari Login AutoFill
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious attacker may cause Safari to suggest a password
for the wrong domain
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9903: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)
Safari Reader
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: An issue in Safari Reader mode may allow a remote attacker to
bypass the Same Origin Policy
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9862: Ophir Lojkine (@lovasoa)
Installation note:
Safari 13.1.2 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2020-07-15-3 tvOS 13.4.8
tvOS 13.4.8 is now available and addresses the following:
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9888: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
CVE-2020-9890: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
CVE-2020-9891: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
AVEVideoEncoder
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2020-9907: an anonymous researcher
Crash Reporter
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360
BugCloud
GeoServices
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to read sensitive
location information
Description: An authorization issue was addressed with improved state
management.
CVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.
iAP
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to
execute arbitrary code
Description: An input validation issue existed in Bluetooth.
CVE-2020-9914: Andy Davis of NCC Group
ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9936: Mickey Jin of Trend Micro
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to
inject into active connections within a VPN tunnel
Description: A routing issue was addressed with improved
restrictions.
CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R.
Crandall
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker that has already achieved kernel code execution
may be able to bypass kernel memory mitigations
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9909: Brandon Azad of Google Project Zero
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced
Description: An access issue existed in Content Security Policy.
CVE-2020-9915: an anonymous researcher
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative
CVE-2020-9895: Wen Xu of SSLab, Georgia Tech
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: Multiple issues were addressed with improved logic.
CVE-2020-9910: Samuel Groß of Google Project Zero
WebKit Page Loading
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious attacker may be able to conceal the destination
of a URL
Description: A URL Unicode encoding issue was addressed with improved
state management.
CVE-2020-9916: Rakesh Mane (@RakeshMane10)
WebKit Web Inspector
Available for: Apple TV 4K and Apple TV HD
Impact: Copying a URL from Web Inspector may lead to command
injection
Description: A command injection issue existed in Web Inspector.
CVE-2020-9862: Ophir Lojkine (@lovasoa)
Wi-Fi
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud
(bugcloud.360.cn)
Additional recognition
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl8PhQUACgkQBz4uGe3y
0M33Vw//fmvay18+s9sn8Gv2VfSgT2VcmDHMNTch9QoYbm7spSflAc8zWdToUOpK
fiJAVEHB+adcGy3syi4z+utNf3l1XchVMuaxLKzDyS7LDiDIwczivrr642A+ahlk
vrHXcdwQkf0Y3QdQF9DwcOfzyNvaRRJ2eICKlrjm4BrcoP63eoBTGKgcZp6EAOQu
c0X5M2F2GcV4VwSmSuzKtsNlkjWlaD55meVWjGZGGUp4d0tk0BtmAWISAXf2NfFF
WQyKQ9snXMzzF4SRA3cbWqFFluKDYyPx7Lh2jLB+KcrTRCtuMi+cAu3QQezRwIUD
LnKzLbAbOO8Mu67aLjoBdW0IdCHbGpdK6I/aGi0eV029+tBdcn5UOfPIhGT9WDkQ
tlDr5RCqWvc02F6e5SetIGRY1YGV6DWqo0U1h6cBdVgnx5g3aIZzXihATMV+4bxj
Vijf8iDG5LsO4Bx8g1aekrn37OQnr7WuFHLZrHKZyQejn6IdOQ2fyzH43/0mLiE3
eaoGwghlFXhOpbUx26owjEkDuC5GgboctjefqtJ9Zu7yfSS2GDAq23Qp9IXy/Avf
cIIB0bnz9Mk+2qrZ2GDZXBePacLoVSNvaBywyrs6MMANrsi3Ioq3xug8b8WnTozL
lMrdAVr64+qTn0YTc6QwNs9golbRQh3z2U6Hk/niQXlWZilaK/s=
=+zqK
-----END PGP SIGNATURE-----
. Bugs fixed (https://bugzilla.redhat.com/):
1823765 - nfd-workers crash under an ipv6 environment
1838802 - mysql8 connector from operatorhub does not work with metering operator
1838845 - Metering operator can't connect to postgres DB from Operator Hub
1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1868294 - NFD operator does not allow customisation of nfd-worker.conf
1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration
1890672 - NFD is missing a build flag to build correctly
1890741 - path to the CA trust bundle ConfigMap is broken in report operator
1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster
1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel
1900125 - FIPS error while generating RSA private key for CA
1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub
1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub
1913837 - The CI and ART 4.7 metering images are not mirrored
1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le
1916010 - olm skip range is set to the wrong range
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1923998 - NFD Operator is failing to update and remains in Replacing state
5. Bugs fixed (https://bugzilla.redhat.com/):
1808240 - Always return metrics value for pods under the user's namespace
1815189 - feature flagged UI does not always become available after operator installation
1825034 - e2e: Mock CSI tests fail on IBM ROKS clusters
1826225 - edge terminated h2 (gRPC) connections need a haproxy template change to work correctly
1860774 - csr for vSphere egress nodes were not approved automatically during cert renewal
1878106 - token inactivity timeout is not shortened after oauthclient/oauth config values are lowered
1878925 - 'oc adm upgrade --to ...' rejects versions which occur only in history, while the cluster-version operator supports history fallback
1880738 - origin e2e test deletes original worker
1882983 - oVirt csi driver should refuse to provision RWX and ROX PV
1886450 - Keepalived router id check not documented for RHV/VMware IPI
1889488 - The metrics endpoint for the Scheduler is not protected by RBAC
1894431 - Router pods fail to boot if the SSL certificate applied is missing an empty line at the bottom
1896474 - Path based routing is broken for some combinations
1897431 - CIDR support for additional network attachment with the bridge CNI plug-in
1903408 - NodePort externalTrafficPolicy does not work for ovn-kubernetes
1907433 - Excessive logging in image operator
1909906 - The router fails with PANIC error when stats port already in use
1911173 - [MSTR-998] Many charts' legend names show {{}} instead of words
1914053 - pods assigned with Multus whereabouts IP get stuck in ContainerCreating state after node rebooting.
1916169 - a reboot while MCO is applying changes leaves the node in undesirable state and MCP looks fine (UPDATED=true)
1917893 - [ovirt] install fails: due to terraform error "Cannot attach Virtual Disk: Disk is locked" on vm resource
1921627 - GCP UPI installation failed due to exceeding gcp limitation of instance group name
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1926522 - oc adm catalog does not clean temporary files
1927478 - Default CatalogSources deployed by marketplace do not have toleration for tainted nodes.
1928141 - kube-storage-version-migrator constantly reporting type "Upgradeable" status Unknown
1928285 - [LSO][OCS][arbiter] OCP Console shows no results while in fact underlying setup of LSO localvolumeset and it's storageclass is not yet finished, confusing users
1931594 - [sig-cli] oc --request-timeout works as expected fails frequently on s390x
1933847 - Prometheus goes unavailable (both instances down) during 4.8 upgrade
1937085 - RHV UPI inventory playbook missing guarantee_memory
1937196 - [aws ebs csi driver] events for block volume expansion may cause confusion
1938236 - vsphere-problem-detector does not support overriding log levels via storage CR
1939401 - missed labels for CMO/openshift-state-metric/telemeter-client/thanos-querier pods
1939435 - Setting an IPv6 address in noProxy field causes error in openshift installer
1939552 - [sig-api-machinery] CustomResourcePublishOpenAPI [Privileged:ClusterAdmin] works for CRD preserving unknown fields in an embedded object [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s]
1942913 - ThanosSidecarUnhealthy isn't resilient to WAL replays.
1943363 - [ovn] CNO should gracefully terminate ovn-northd
1945274 - ostree-finalize-staged.service failed while upgrading a rhcos node to 4.6.17
1948080 - authentication should not set Available=False APIServices_Error with 503s
1949262 - Prometheus Statefulsets should have 2 replicas and hard affinity set
1949672 - [GCP] Update 4.8 UPI template to match ignition version: 3.2.0
1950827 - [LSO] localvolumediscoveryresult name is not friendly to customer
1952576 - csv_succeeded metric not present in olm-operator for all successful CSVs
1953264 - "remote error: tls: bad certificate" logs in prometheus-operator container
1955300 - Machine config operator reports unavailable for 23m during upgrade
1955489 - Alertmanager Statefulsets should have 2 replicas and hard affinity set
1955490 - Thanos ruler Statefulsets should have 2 replicas and hard affinity set
1955544 - [IPI][OSP] densed master-only installation with 0 workers fails due to missing worker security group on masters
1956496 - Needs SR-IOV Docs Upstream
1956739 - Permission for authorized_keys for core user changes from core user to root when changed the pull secret
1956776 - [vSphere] Installer should do pre-check to ensure user-provided network name is valid
1956964 - upload a boot-source to OpenShift virtualization using the console
1957547 - [RFE]VM name is not auto filled in dev console
1958349 - ovn-controller doesn't release the memory after cluster-density run
1959352 - [scale] failed to get pod annotation: timed out waiting for annotations
1960378 - icsp allows mirroring of registry root - install-config imageContentSources does not
1960674 - Broken test: [sig-imageregistry][Serial][Suite:openshift/registry/serial] Image signature workflow can push a signed image to openshift registry and verify it [Suite:openshift/conformance/serial]
1961317 - storage ClusterOperator does not declare ClusterRoleBindings in relatedObjects
1961391 - String updates
1961509 - DHCP daemon pod should have CPU and memory requests set but not limits
1962066 - Edit machine/machineset specs not working
1962206 - openshift-multus/dhcp-daemon set should meet platform requirements for update strategy that have maxUnavailable update of 10 or 33 percent
1963053 - `oc whoami --show-console` should show the web console URL, not the server api URL
1964112 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters
1964327 - Support containers with name:tag@digest
1964789 - Send keys and disconnect does not work for VNC console
1965368 - ClusterQuotaAdmission received non-meta object - message constantly reported in OpenShift Container Platform 4.7
1966445 - Unmasking a service doesn't work if it masked using MCO
1966477 - Use GA version in KAS/OAS/OauthAS to avoid: "audit.k8s.io/v1beta1" is deprecated and will be removed in a future release, use "audit.k8s.io/v1" instead
1966521 - kube-proxy's userspace implementation consumes excessive CPU
1968364 - [Azure] when using ssh type ed25519 bootstrap fails to come up
1970021 - nmstate does not persist its configuration due to overlay systemd-connections-merged mount
1970218 - MCO writes incorrect file contents if compression field is specified
1970331 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install [Suite:openshift/conformance/parallel]
1970805 - Cannot create build when docker image url contains dir structure
1972033 - [azure] PV region node affinity is failure-domain.beta.kubernetes.io instead of topology.kubernetes.io
1972827 - image registry does not remain available during upgrade
1972962 - Should set the minimum value for the `--max-icsp-size` flag of `oc adm catalog mirror`
1973447 - ovn-dbchecker peak memory spikes to ~500MiB during cluster-density run
1975826 - ovn-kubernetes host directed traffic cannot be offloaded as CT zone 64000 is not established
1976301 - [ci] e2e-azure-upi is permafailing
1976399 - During the upgrade from OpenShift 4.5 to OpenShift 4.6 the election timers for the OVN north and south databases did not change.
2007379 - Events are not generated for master offset for ordinary clock
2007443 - [ICNI 2.0] Loadbalancer pods do not establish BFD sessions with all workers that host pods for the routed namespace
2007455 - cluster-etcd-operator: render command should fail if machineCidr contains reserved address
2007495 - Large label value for the metric kubelet_started_pods_errors_total with label message when there is a error
2007522 - No new local-storage-operator-metadata-container is build for 4.10
2007551 - No new ose-aws-efs-csi-driver-operator-bundle-container is build for 4.10
2007580 - Azure cilium installs are failing e2e tests
2007581 - Too many haproxy processes in default-router pod causing high load average after upgrade from v4.8.3 to v4.8.10
2007677 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes
2007692 - 4.9 "old-rhcos" jobs are permafailing with storage test failures
2007710 - ci/prow/e2e-agnostic-cmd job is failing on prow
2007757 - must-gather extracts imagestreams in the "openshift" namespace, but not Templates
2007802 - AWS machine actuator get stuck if machine is completely missing
2008096 - TestAWSFinalizerDeleteS3Bucket sometimes fails to teardown operator
2008119 - The serviceAccountIssuer field on Authentication CR is reseted to “” when installation process
2008151 - Topology breaks on clicking in empty state
2008185 - Console operator go.mod should use go 1.16.version
2008201 - openstack-az job is failing on haproxy idle test
2008207 - vsphere CSI driver doesn't set resource limits
2008223 - gather_audit_logs: fix oc command line to get the current audit profile
2008235 - The Save button in the Edit DC form remains disabled
2008256 - Update Internationalization README with scope info
2008321 - Add correct documentation link for MON_DISK_LOW
2008462 - Disable PodSecurity feature gate for 4.10
2008490 - Backing store details page does not contain all the kebab actions.
2010181 - Environment variables not getting reset on reload on deployment edit form
2010310 - [sig-instrumentation][Late] OpenShift alerting rules should have description and summary annotations [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2010341 - OpenShift Alerting Rules Style-Guide Compliance
2010342 - Local console builds can have out of memory errors
2010345 - OpenShift Alerting Rules Style-Guide Compliance
2010348 - Reverts PIE build mode for K8S components
2010352 - OpenShift Alerting Rules Style-Guide Compliance
2010354 - OpenShift Alerting Rules Style-Guide Compliance
2010359 - OpenShift Alerting Rules Style-Guide Compliance
2010368 - OpenShift Alerting Rules Style-Guide Compliance
2010376 - OpenShift Alerting Rules Style-Guide Compliance
2010662 - Cluster is unhealthy after image-registry-operator tests
2010663 - OpenShift Alerting Rules Style-Guide Compliance (ovn-kubernetes subcomponent)
2010665 - Bootkube tries to use oc after cluster bootstrap is done and there is no API
2010698 - [BM] [IPI] [Dual Stack] Installer must ensure ipv6 short forms too if clusterprovisioning IP is specified as ipv6 address
2010719 - etcdHighNumberOfFailedGRPCRequests runbook is missing
2010864 - Failure building EFS operator
2010910 - ptp worker events unable to identify interface for multiple interfaces
2010911 - RenderOperatingSystem() returns wrong OS version on OCP 4.7.24
2010921 - Azure Stack Hub does not handle additionalTrustBundle
2010931 - SRO CSV uses non default category "Drivers and plugins"
2010946 - concurrent CRD from ovirt-csi-driver-operator gets reconciled by CVO after deployment, changing CR as well.
2011038 - optional operator conditions are confusing
2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass
2011171 - diskmaker-manager constantly redeployed by LSO when creating LV's
2011293 - Build pod are not pulling images if we are not explicitly giving the registry name with the image
2011368 - Tooltip in pipeline visualization shows misleading data
2011386 - [sig-arch] Check if alerts are firing during or after upgrade success --- alert KubePodNotReady fired for 60 seconds with labels
2011411 - Managed Service's Cluster overview page contains link to missing Storage dashboards
2011443 - Cypress tests assuming Admin Perspective could fail on shared/reference cluster
2011513 - Kubelet rejects pods that use resources that should be freed by completed pods
2011668 - Machine stuck in deleting phase in VMware "reconciler failed to Delete machine"
2011693 - (release-4.10) "insightsclient_request_recvreport_total" metric is always incremented
2011698 - After upgrading cluster to 4.8 the kube-state-metrics service doesn't export namespace labels anymore
2011733 - Repository README points to broken documentarion link
2011753 - Ironic resumes clean before raid configuration job is actually completed
2011809 - The nodes page in the openshift console doesn't work. You just get a blank page
2011822 - Obfuscation doesn't work at clusters with OVN
2011882 - SRO helm charts not synced with templates
2011893 - Validation: BMC driver ipmi is not supported for secure UEFI boot
2011896 - [4.10] ClusterVersion Upgradeable=False MultipleReasons should include all messages
2011903 - vsphere-problem-detector: session leak
2011927 - OLM should allow users to specify a proxy for GRPC connections
2011956 - [tracker] Kubelet rejects pods that use resources that should be freed by completed pods
2011960 - [tracker] Storage operator is not available after reboot cluster instances
2011971 - ICNI2 pods are stuck in ContainerCreating state
2011972 - Ingress operator not creating wildcard route for hypershift clusters
2011977 - SRO bundle references non-existent image
2012069 - Refactoring Status controller
2012177 - [OCP 4.9 + OCS 4.8.3] Overview tab is missing under Storage after successful deployment on UI
2012228 - ibmcloud: credentialsrequests invalid for machine-api-operator: resource-group
2012233 - [IBMCLOUD] IPI: "Exceeded limit of remote rules per security group (the limit is 5 remote rules per security group)"
2012235 - [IBMCLOUD] IPI: IBM cloud provider requires ResourceGroupName in cloudproviderconfig
2012317 - Dynamic Plugins: ListPageCreateDropdown items cut off
2012407 - [e2e][automation] improve vm tab console tests
2012426 - ThanosSidecarBucketOperationsFailed/ThanosSidecarUnhealthy alerts don't have namespace label
2012562 - migration condition is not detected in list view
2012770 - when using expression metric openshift_apps_deploymentconfigs_last_failed_rollout_time namespace label is re-written
2012780 - The port 50936 used by haproxy is occupied by kube-apiserver
2012838 - Setting the default maximum container root partition size for Overlay with CRI-O stop working
2012902 - Neutron Ports assigned to Completed Pods are not reused Edit
2012915 - kube_persistentvolumeclaim_labels and kube_persistentvolume_labels are missing in OCP 4.8 monitoring stack
2012971 - Disable operands deletes
2013034 - Cannot install to openshift-nmstate namespace
2013127 - OperatorHub links could not be opened in a new tabs (sharing and open a deep link works fine)
2013199 - post reboot of node SRIOV policy taking huge time
2013203 - UI breaks when trying to create block pool before storage cluster/system creation
2013222 - Full breakage for nightly payload promotion
2013273 - Nil pointer exception when phc2sys options are missing
2013321 - TuneD: high CPU utilization of the TuneD daemon.
2013416 - Multiple assets emit different content to the same filename
2013431 - Application selector dropdown has incorrect font-size and positioning
2013528 - mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8
2013545 - Service binding created outside topology is not visible
2013599 - Scorecard support storage is not included in ocp4.9
2013632 - Correction/Changes in Quick Start Guides for ODF 4.9 (Install ODF guide)
2013646 - fsync controller will show false positive if gaps in metrics are observed. to user and tries to just load a blank screen on 'Add Capacity' button click
2015506 - Home - Search - Resources - APIRequestCount : hard to select an item from ellipsis menu
2015515 - Kubelet checks all providers even if one is configured: NoCredentialProviders: no valid providers in chain.
2015535 - Administration - ResourceQuotas - ResourceQuota details: Inside Pie chart 'x% used' is in English
2015549 - Observe - Metrics: Column heading and pagination text is in English
2015557 - Workloads - DeploymentConfigs : Error message is in English
2015568 - Compute - Nodes : CPU column's values are in English
2015635 - Storage operator fails causing installation to fail on ASH
2015660 - "Finishing boot source customization" screen should not use term "patched"
2015793 - [hypershift] The collect-profiles job's pods should run on the control-plane node
2015806 - Metrics view in Deployment reports "Forbidden" when not cluster-admin
2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning
2015837 - OS_CLOUD overwrites install-config's platform.openstack.cloud
2015950 - update from 4.7.22 to 4.8.11 is failing due to large amount of secrets to watch
2015952 - RH CodeReady Workspaces Operator in e2e testing will soon fail
2016004 - [RFE] RHCOS: help determining whether a user-provided image was already booted (Ignition provisioning already performed)
2016008 - [4.10] Bootimage bump tracker
2016052 - No e2e CI presubmit configured for release component azure-file-csi-driver
2016053 - No e2e CI presubmit configured for release component azure-file-csi-driver-operator
2016054 - No e2e CI presubmit configured for release component cluster-autoscaler
2016055 - No e2e CI presubmit configured for release component console
2016058 - openshift-sync does not synchronise in "ose-jenkins:v4.8"
2016064 - No e2e CI presubmit configured for release component ibm-cloud-controller-manager
2016065 - No e2e CI presubmit configured for release component ibmcloud-machine-controllers
2016175 - Pods get stuck in ContainerCreating state when attaching volumes fails on SNO clusters.
2016179 - Add Sprint 208 translations
2016228 - Collect Profiles pprof secret is hardcoded to openshift-operator-lifecycle-manager
2016235 - should update to 7.5.11 for grafana resources version label
2016296 - Openshift virtualization : Create Windows Server 2019 VM using template : Fails
2016334 - shiftstack: SRIOV nic reported as not supported
2016352 - Some pods start before CA resources are present
2016367 - Empty task box is getting created for a pipeline without finally task
2016435 - Duplicate AlertmanagerClusterFailedToSendAlerts alerts
2016438 - Feature flag gating is missing in few extensions contributed via knative plugin
2016442 - OCPonRHV: pvc should be in Bound state and without error when choosing default sc
2016446 - [OVN-Kubernetes] Egress Networkpolicy is failing Intermittently for statefulsets
2016453 - Complete i18n for GaugeChart defaults
2016479 - iface-id-ver is not getting updated for existing lsp
2016925 - Dashboards with All filter, change to a specific value and change back to All, data will disappear
2016951 - dynamic actions list is not disabling "open console" for stopped vms
2016955 - m5.large instance type for bootstrap node is hardcoded causing deployments to fail if instance type is not available
2016988 - NTO does not set io_timeout and max_retries for AWS Nitro instances
2017016 - [REF] Virtualization menu
2017036 - [sig-network-edge][Feature:Idling] Unidling should handle many TCP connections fails in periodic-ci-openshift-release-master-ci-4.9-e2e-openstack-ovn
2017050 - Dynamic Plugins: Shared modules loaded multiple times, breaking use of PatternFly
2017130 - t is not a function error navigating to details page
2017141 - Project dropdown has a dynamic inline width added which can cause min-width issue
2017244 - ovirt csi operator static files creation is in the wrong order
2017276 - [4.10] Volume mounts not created with the correct security context
2017327 - When run opm index prune failed with error removing operator package cic-operator FOREIGN KEY constraint failed.
2022447 - ServiceAccount in manifests conflicts with OLM
2022502 - Patternfly tables with a checkbox column are not displaying correctly because of conflicting css rules.
2025821 - Make "Network Attachment Definitions" available to regular user
2025823 - The console nav bar ignores plugin separator in existing sections
2025830 - CentOS capitalizaion is wrong
2025837 - Warn users that the RHEL URL expire
2025884 - External CCM deploys openstack-cloud-controller-manager from quay.io/openshift/origin-*
2025903 - [UI] RoleBindings tab doesn't show correct rolebindings
2026104 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2026178 - OpenShift Alerting Rules Style-Guide Compliance
2026209 - Updation of task is getting failed (tekton hub integration)
2026223 - Internal error occurred: failed calling webhook "ptpconfigvalidationwebhook.openshift.io"
2026321 - [UPI on Azure] Shall we remove allowedValue about VMSize in ARM templates
2026343 - [upgrade from 4.5 to 4.6] .status.connectionState.address of catsrc community-operators is not correct
2026352 - Kube-Scheduler revision-pruner fail during install of new cluster
2026374 - aws-pod-identity-webhook go.mod version out of sync with build environment
2026383 - Error when rendering custom Grafana dashboard through ConfigMap
2026387 - node tuning operator metrics endpoint serving old certificates after certificate rotation
2026396 - Cachito Issues: sriov-network-operator Image build failure
2026488 - openshift-controller-manager - delete event is repeating pathologically
2026489 - ThanosRuleRuleEvaluationLatencyHigh alerts when a big quantity of alerts defined.
2039359 - `oc adm prune deployments` can't prune the RS where the associated Deployment no longer exists
2039382 - gather_metallb_logs does not have execution permission
2039406 - logout from rest session after vsphere operator sync is finished
2039408 - Add GCP region northamerica-northeast2 to allowed regions
2039414 - Cannot see the weights increased for NodeAffinity, InterPodAffinity, TaintandToleration
2039425 - No need to set KlusterletAddonConfig CR applicationManager->enabled: true in RAN ztp deployment
2039491 - oc - git:// protocol used in unit tests
2039516 - Bump OVN to ovn21.12-21.12.0-25
2039529 - Project Dashboard Resource Quotas Card empty state test flaking at a high rate
2039534 - Diagnose and fix Project Dashboard Resource Quotas Card test that was previously disabled
2039541 - Resolv-prepender script duplicating entries
2039586 - [e2e] update centos8 to centos stream8
2039618 - VM created from SAP HANA template leads to 404 page if leave one network parameter empty
2039619 - [AWS] In tree provisioner storageclass aws disk type should contain 'gp3' and csi provisioner storageclass default aws disk type should be 'gp3'
2039670 - Create PDBs for control plane components
2039678 - Page goes blank when create image pull secret
2039689 - [IPI on Alibabacloud] Pay-by-specification NAT is no longer supported
2039743 - React missing key warning when open operator hub detail page (and maybe others as well)
2039756 - React missing key warning when open KnativeServing details
2039770 - Observe dashboard doesn't react on time-range changes after browser reload when perspective is changed in another tab
2039776 - Observe dashboard shows nothing if the URL links to an non existing dashboard
2039781 - [GSS] OBC is not visible by admin of a Project on Console
2039798 - Contextual binding with Operator backed service creates visual connector instead of Service binding connector
2039868 - Insights Advisor widget is not in the disabled state when the Insights Operator is disabled
2039880 - Log level too low for control plane metrics
2039919 - Add E2E test for router compression feature
2039981 - ZTP for standard clusters installs stalld on master nodes
2040132 - Flag --port has been deprecated, This flag has no effect now and will be removed in v1.24.
2043117 - Recommended operators links are erroneously treated as external
2043130 - Update CSI sidecars to the latest release for 4.10
2043234 - Missing validation when creating several BGPPeers with the same peerAddress
2043240 - Sync openshift/descheduler with sigs.k8s.io/descheduler
2043254 - crio does not bind the security profiles directory
2043296 - Ignition fails when reusing existing statically-keyed LUKS volume
2043297 - [4.10] Bootimage bump tracker
2043316 - RHCOS VM fails to boot on Nutanix AOS
2043446 - Rebase aws-efs-utils to the latest upstream version.
2043556 - Add proper ci-operator configuration to ironic and ironic-agent images
2043577 - DPU network operator
2043651 - Fix bug with exp. backoff working correcly when setting nextCheck in vsphere operator
2043675 - Too many machines deleted by cluster autoscaler when scaling down
2043683 - Revert bug 2039344 Ignoring IPv6 addresses against etcd cert validation
2043709 - Logging flags no longer being bound to command line
2043721 - Installer bootstrap hosts using outdated kubelet containing bugs
2043731 - [IBMCloud] terraform outputs missing for ibmcloud bootstrap and worker ips for must-gather
2043759 - Bump cluster-ingress-operator to k8s.io/api 1.23
2043780 - Bump router to k8s.io/api 1.23
2043787 - Bump cluster-dns-operator to k8s.io/api 1.23
2043801 - Bump CoreDNS to k8s.io/api 1.23
2043802 - EgressIP stopped working after single egressIP for a netnamespace is switched to the other node of HA pair after the first egress node is shutdown
2043961 - [OVN-K] If pod creation fails, retry doesn't work as expected.
2052458 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests
2052598 - kube-scheduler should use configmap lease
2052599 - kube-controller-manger should use configmap lease
2052600 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh
2052609 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid
2052611 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop
2052612 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set. Description:
Service Telemetry Framework (STF) provides automated collection of
measurements and data from remote clients, such as Red Hat OpenStack
Platform or third-party nodes.
Dockerfiles and scripts should be amended either to refer to this new image
specifically, or to the latest image generally. Bugs fixed (https://bugzilla.redhat.com/):
2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
5 |
|
var-201211-0364
|
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5275 , CVE-2012-5276 , CVE-2012-5277 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions.
Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released.
Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
----------------------------------------------------------------------
TITLE:
Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA51210
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/51210/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
RELEASE DATE:
2012-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/51210/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/51210/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Google Chrome, which
can be exploited by malicious people to bypass certain security
restrictions and compromise a user's system.
For more information:
SA51213
2) An integer overflow error exists in WebP handling.
3) An error in v8 can be exploited to cause an out-of-bounds array
access.
4) A use-after-free error exists in SVG filter handling.
5) An error exists related to integer boundary checks within GPU
command buffers.
6) A use-after-free error exists in video layout handling.
7) An error exists related to inappropriate loading of SVG
subresource in "img" context.
8) A race condition error exists in Pepper buffer handling.
9) A type casting error exists in certain input handling.
10) An error in Skia can be exploited to cause an out-of-bounds
read.
11) An error in texture handling can be exploited to corrupt memory.
12) A use-after-free error exists in extension tab handling.
13) A use-after-free error exists in plug-in placeholder handling.
14) An error in v8 can be exploited to corrupt memory.
SOLUTION:
Upgrade to version 23.0.1271.64.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
2) Phil Turnbull
3, 6) Atte Kettunen, OUSPG.
4, 5) miaubiz
7) Felix Gr\xf6bert, Google Security Team
8) Fermin Serna, Google Security Team
9, 10, 13) Inferno, Google Chrome Security Team
11) Al Patrick, Chromium development community
12) Alexander Potapenko, Chromium development community
14) Cris Neckar, Google Chrome Security Team
ORIGINAL ADVISORY:
Google:
http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2012:1431-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html
Issue date: 2012-11-07
CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276
CVE-2012-5277 CVE-2012-5278 CVE-2012-5279
CVE-2012-5280
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes several security issues is
now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security bulletin APSB12-24,
listed in the References section. Specially-crafted SWF content could cause
flash-plugin to crash or, potentially, execute arbitrary code when a victim
loads a page containing the malicious SWF content.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
873818 - flash-plugin: multiple code-execution flaws (APSB12-24)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.251-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-5274.html
https://www.redhat.com/security/data/cve/CVE-2012-5275.html
https://www.redhat.com/security/data/cve/CVE-2012-5276.html
https://www.redhat.com/security/data/cve/CVE-2012-5277.html
https://www.redhat.com/security/data/cve/CVE-2012-5278.html
https://www.redhat.com/security/data/cve/CVE-2012-5279.html
https://www.redhat.com/security/data/cve/CVE-2012-5280.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb12-24.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH
wmLm/s5nqgvfyTp8wUW9wVE=
=fVdJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites. Please review the CVE identifiers referenced below for
details.
Impact
======
A remote attacker could entice a user to open specially crafted SWF
content, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to bypass access
restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
==========
[ 1 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 2 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 3 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 4 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 5 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 6 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 7 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 8 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 9 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 10 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 11 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 12 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 13 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 14 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 15 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 16 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 17 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 18 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 19 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 20 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 21 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 22 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 23 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 24 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 25 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 26 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 27 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 28 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 29 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 30 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 31 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 32 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 33 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 34 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 35 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 36 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 37 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 38 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 39 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 40 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 41 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 42 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 43 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 44 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 45 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 46 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 47 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 48 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 49 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 50 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 51 ] CVE-2012-5274
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274
[ 52 ] CVE-2012-5275
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275
[ 53 ] CVE-2012-5276
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276
[ 54 ] CVE-2012-5277
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277
[ 55 ] CVE-2012-5278
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278
[ 56 ] CVE-2012-5279
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279
[ 57 ] CVE-2012-5280
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280
[ 58 ] CVE-2012-5676
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676
[ 59 ] CVE-2012-5677
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677
[ 60 ] CVE-2012-5678
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678
[ 61 ] CVE-2013-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504
[ 62 ] CVE-2013-0630
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630
[ 63 ] CVE-2013-0633
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633
[ 64 ] CVE-2013-0634
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634
[ 65 ] CVE-2013-0637
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637
[ 66 ] CVE-2013-0638
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638
[ 67 ] CVE-2013-0639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639
[ 68 ] CVE-2013-0642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642
[ 69 ] CVE-2013-0643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643
[ 70 ] CVE-2013-0644
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644
[ 71 ] CVE-2013-0645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645
[ 72 ] CVE-2013-0646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646
[ 73 ] CVE-2013-0647
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647
[ 74 ] CVE-2013-0648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648
[ 75 ] CVE-2013-0649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649
[ 76 ] CVE-2013-0650
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650
[ 77 ] CVE-2013-1365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365
[ 78 ] CVE-2013-1366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366
[ 79 ] CVE-2013-1367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367
[ 80 ] CVE-2013-1368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368
[ 81 ] CVE-2013-1369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369
[ 82 ] CVE-2013-1370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370
[ 83 ] CVE-2013-1371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371
[ 84 ] CVE-2013-1372
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372
[ 85 ] CVE-2013-1373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373
[ 86 ] CVE-2013-1374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374
[ 87 ] CVE-2013-1375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375
[ 88 ] CVE-2013-1378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378
[ 89 ] CVE-2013-1379
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379
[ 90 ] CVE-2013-1380
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380
[ 91 ] CVE-2013-2555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555
[ 92 ] CVE-2013-2728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728
[ 93 ] CVE-2013-3343
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343
[ 94 ] CVE-2013-3344
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344
[ 95 ] CVE-2013-3345
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345
[ 96 ] CVE-2013-3347
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347
[ 97 ] CVE-2013-3361
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361
[ 98 ] CVE-2013-3362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362
[ 99 ] CVE-2013-3363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363
[ 100 ] CVE-2013-5324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
7) Eduardo Vela Nava, Google Security Team |
|
var-202210-1530
|
A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information. Both Apple macOS Big Sur and Apple macOS Monterey are products of Apple Inc. in the United States. Apple macOS Big Sur is the 17th major release of Apple's operating system macOS for the MAC. Apple macOS Monterey is the 18th major release of macOS, the desktop operating system for the Macintosh. Apple macOS Big Sur and macOS Monterey have security flaws. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202305-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: WebKitGTK+: Multiple Vulnerabilities
Date: May 30, 2023
Bugs: #871732, #879571, #888563, #905346, #905349, #905351
ID: 202305-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in arbitrary code execution.
Affected packages
================
Package Vulnerable Unaffected
------------------- ------------ ------------
net-libs/webkit-gtk < 2.40.1 >= 2.40.1
Description
==========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.40.1"
References
=========
[ 1 ] CVE-2022-32885
https://nvd.nist.gov/vuln/detail/CVE-2022-32885
[ 2 ] CVE-2022-32886
https://nvd.nist.gov/vuln/detail/CVE-2022-32886
[ 3 ] CVE-2022-32888
https://nvd.nist.gov/vuln/detail/CVE-2022-32888
[ 4 ] CVE-2022-32891
https://nvd.nist.gov/vuln/detail/CVE-2022-32891
[ 5 ] CVE-2022-32923
https://nvd.nist.gov/vuln/detail/CVE-2022-32923
[ 6 ] CVE-2022-42799
https://nvd.nist.gov/vuln/detail/CVE-2022-42799
[ 7 ] CVE-2022-42823
https://nvd.nist.gov/vuln/detail/CVE-2022-42823
[ 8 ] CVE-2022-42824
https://nvd.nist.gov/vuln/detail/CVE-2022-42824
[ 9 ] CVE-2022-42826
https://nvd.nist.gov/vuln/detail/CVE-2022-42826
[ 10 ] CVE-2022-42852
https://nvd.nist.gov/vuln/detail/CVE-2022-42852
[ 11 ] CVE-2022-42856
https://nvd.nist.gov/vuln/detail/CVE-2022-42856
[ 12 ] CVE-2022-42863
https://nvd.nist.gov/vuln/detail/CVE-2022-42863
[ 13 ] CVE-2022-42867
https://nvd.nist.gov/vuln/detail/CVE-2022-42867
[ 14 ] CVE-2022-46691
https://nvd.nist.gov/vuln/detail/CVE-2022-46691
[ 15 ] CVE-2022-46692
https://nvd.nist.gov/vuln/detail/CVE-2022-46692
[ 16 ] CVE-2022-46698
https://nvd.nist.gov/vuln/detail/CVE-2022-46698
[ 17 ] CVE-2022-46699
https://nvd.nist.gov/vuln/detail/CVE-2022-46699
[ 18 ] CVE-2022-46700
https://nvd.nist.gov/vuln/detail/CVE-2022-46700
[ 19 ] CVE-2023-23517
https://nvd.nist.gov/vuln/detail/CVE-2023-23517
[ 20 ] CVE-2023-23518
https://nvd.nist.gov/vuln/detail/CVE-2023-23518
[ 21 ] CVE-2023-23529
https://nvd.nist.gov/vuln/detail/CVE-2023-23529
[ 22 ] CVE-2023-25358
https://nvd.nist.gov/vuln/detail/CVE-2023-25358
[ 23 ] CVE-2023-25360
https://nvd.nist.gov/vuln/detail/CVE-2023-25360
[ 24 ] CVE-2023-25361
https://nvd.nist.gov/vuln/detail/CVE-2023-25361
[ 25 ] CVE-2023-25362
https://nvd.nist.gov/vuln/detail/CVE-2023-25362
[ 26 ] CVE-2023-25363
https://nvd.nist.gov/vuln/detail/CVE-2023-25363
[ 27 ] CVE-2023-27932
https://nvd.nist.gov/vuln/detail/CVE-2023-27932
[ 28 ] CVE-2023-27954
https://nvd.nist.gov/vuln/detail/CVE-2023-27954
[ 29 ] CVE-2023-28205
https://nvd.nist.gov/vuln/detail/CVE-2023-28205
[ 30 ] WSA-2022-0009
https://webkitgtk.org/security/WSA-2022-0009.html
[ 31 ] WSA-2022-0010
https://webkitgtk.org/security/WSA-2022-0010.html
[ 32 ] WSA-2023-0001
https://webkitgtk.org/security/WSA-2023-0001.html
[ 33 ] WSA-2023-0002
https://webkitgtk.org/security/WSA-2023-0002.html
[ 34 ] WSA-2023-0003
https://webkitgtk.org/security/WSA-2023-0003.html
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202305-32
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2023 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: webkit2gtk3 security and bug fix update
Advisory ID: RHSA-2023:2256-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:2256
Issue date: 2023-05-09
CVE Names: CVE-2022-32886 CVE-2022-32888 CVE-2022-32923
CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
CVE-2022-42826 CVE-2022-42852 CVE-2022-42863
CVE-2022-42867 CVE-2022-46691 CVE-2022-46692
CVE-2022-46698 CVE-2022-46699 CVE-2022-46700
CVE-2023-23517 CVE-2023-23518 CVE-2023-25358
CVE-2023-25360 CVE-2023-25361 CVE-2023-25362
CVE-2023-25363
====================================================================
1. Summary:
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64
3. Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 9.2 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux AppStream (v. 9):
Source:
webkit2gtk3-2.38.5-1.el9.src.rpm
aarch64:
webkit2gtk3-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
ppc64le:
webkit2gtk3-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
s390x:
webkit2gtk3-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.s390x.rpm
x86_64:
webkit2gtk3-2.38.5-1.el9.i686.rpm
webkit2gtk3-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.i686.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-32886
https://access.redhat.com/security/cve/CVE-2022-32888
https://access.redhat.com/security/cve/CVE-2022-32923
https://access.redhat.com/security/cve/CVE-2022-42799
https://access.redhat.com/security/cve/CVE-2022-42823
https://access.redhat.com/security/cve/CVE-2022-42824
https://access.redhat.com/security/cve/CVE-2022-42826
https://access.redhat.com/security/cve/CVE-2022-42852
https://access.redhat.com/security/cve/CVE-2022-42863
https://access.redhat.com/security/cve/CVE-2022-42867
https://access.redhat.com/security/cve/CVE-2022-46691
https://access.redhat.com/security/cve/CVE-2022-46692
https://access.redhat.com/security/cve/CVE-2022-46698
https://access.redhat.com/security/cve/CVE-2022-46699
https://access.redhat.com/security/cve/CVE-2022-46700
https://access.redhat.com/security/cve/CVE-2023-23517
https://access.redhat.com/security/cve/CVE-2023-23518
https://access.redhat.com/security/cve/CVE-2023-25358
https://access.redhat.com/security/cve/CVE-2023-25360
https://access.redhat.com/security/cve/CVE-2023-25361
https://access.redhat.com/security/cve/CVE-2023-25362
https://access.redhat.com/security/cve/CVE-2023-25363
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16
iOS 16.1 and iPadOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213489.
AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be able to modify protected parts of the file
system
Description: This issue was addressed by removing additional
entitlements.
CVE-2022-42825: Mickey Jin (@patch1t)
AVEVideoEncoder
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2022-32940: ABC Research s.r.o.
CFNetwork
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: Processing a maliciously crafted certificate may lead to
arbitrary code execution
Description: A certificate validation issue existed in the handling
of WKWebView.
CVE-2022-42813: Jonathan Zhang of Open Computing Facility
(ocf.berkeley.edu)
Core Bluetooth
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be able to record audio using a pair of connected
AirPods
Description: This issue was addressed with improved entitlements.
CVE-2022-32946: Guilherme Rambo of Best Buddy Apps (rambo.codes)
GPU Drivers
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32947: Asahi Lina (@LinaAsahi)
IOHIDFamily
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may cause unexpected app termination or arbitrary code
execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2022-42820: Peter Pan ZhenPeng of STAR Labs
IOKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A race condition was addressed with improved locking.
CVE-2022-42806: Tingting Yin of Tsinghua University
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32924: Ian Beer of Google Project Zero
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: A remote user may be able to cause kernel code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-42808: Zweig of Kunlun Lab
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An application may be able to execute arbitrary code with
kernel privileges. Apple is aware of a report that this issue may
have been actively exploited.
CVE-2022-42827: an anonymous researcher
ppp
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-42829: an anonymous researcher
ppp
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-42830: an anonymous researcher
ppp
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2022-42831: an anonymous researcher
CVE-2022-42832: an anonymous researcher
Sandbox
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be able to access user-sensitive data
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake
Shortcuts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: A shortcut may be able to check the existence of an arbitrary
path on the file system
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of
Computer Science of. Romania
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: Visiting a malicious website may lead to user interface
spoofing
Description: The issue was addressed with improved UI handling.
WebKit Bugzilla: 243693
CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun)
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
WebKit Bugzilla: 244622
CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A logic issue was addressed with improved state
management.
WebKit Bugzilla: 245058
CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser
Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University,
Dohyun Lee (@l33d0hyun) of DNSLab at Korea University
WebKit PDF
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
WebKit Bugzilla: 242781
CVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend
Micro Zero Day Initiative
Additional recognition
iCloud
We would like to acknowledge Tim Michaud (@TimGMichaud) of
Moveworks.ai for their assistance.
Kernel
We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud
(@TimGMichaud) of Moveworks.ai, Tommy Muir (@Muirey03) for their
assistance.
WebKit
We would like to acknowledge Maddie Stone of Google Project Zero,
Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an
anonymous researcher for their assistance.
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIyBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNW0WIACgkQ4RjMIDke
NxmuNw/4m3JXuBK+obHVvyb4tGoeHKNZtJi/tHr0gDMtDjr5pIlXdl2wX99eLzoG
D2Dj4YtMnUhqEgQVKVcnzxQuhmdHK21TmqgWi+kHNyg0plKX0mj+1222/qjtZOdf
FgCHKsR0LVLDpgjthvA9WYqwbfOMmXvSS4sEHaeSIdo+8R68GcV9yJQ98hWsxqeh
YPzZ8RqtkuzeeYVD8jaxVW6l7lQ37puQ3romivRe46Wi36nkYG6wifggWMSKmeNZ
9CVs/3GT294l9GnjuIHaM2WfnHzYSEQY/eqP34SQ96UPClpJF2afBCRd3eOl8ov1
hgyhjtfJCqqfb9uzXj0ciFrLFdn8xLxsY7L+RSOwtLz0zSTfwAkAEDnL7i5EBkwn
7a2l/r6bb/W7IOC67fQWZi33SkpGPJF51oT3PLOh1RyeRFE+NYd4hMMAIo8Bg4eZ
45aAh2L7ak1T6V4PnUuG+o51oQKKRH1b/MTamVyFWffT2uX8w+hrdDVifd/K/jmD
auFkibGQBmO/VWe6f5lKsDQeq5RIax6OBs8LkZQ3EMIHi9De4s5WIlPakm4qYCLW
QXQKlEi8p3BI4d5kckcXjdtwRp8QiJLinq9rZFzq5U5nQ2Z4KucHrMO0h5Frqisa
KsmkMjSKuPPT5GTap9Z5BVJVSOADx0hTExUE1cGBESCtnmaXrw==
=3Dgs
-----END PGP SIGNATURE-----
. ==========================================================================
Ubuntu Security Notice USN-5730-1
November 17, 2022
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in WebKitGTK. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
libjavascriptcoregtk-4.0-18 2.38.2-0ubuntu0.22.10.1
libjavascriptcoregtk-4.1-0 2.38.2-0ubuntu0.22.10.1
libjavascriptcoregtk-5.0-0 2.38.2-0ubuntu0.22.10.1
libwebkit2gtk-4.0-37 2.38.2-0ubuntu0.22.10.1
libwebkit2gtk-4.1-0 2.38.2-0ubuntu0.22.10.1
libwebkit2gtk-5.0-0 2.38.2-0ubuntu0.22.10.1
Ubuntu 22.04 LTS:
libjavascriptcoregtk-4.0-18 2.38.2-0ubuntu0.22.04.2
libjavascriptcoregtk-4.1-0 2.38.2-0ubuntu0.22.04.2
libwebkit2gtk-4.0-37 2.38.2-0ubuntu0.22.04.2
libwebkit2gtk-4.1-0 2.38.2-0ubuntu0.22.04.2
Ubuntu 20.04 LTS:
libjavascriptcoregtk-4.0-18 2.38.2-0ubuntu0.20.04.1
libwebkit2gtk-4.0-37 2.38.2-0ubuntu0.20.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK, such as Epiphany, to make all the necessary changes.
Safari 16.1 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5273-1 security@debian.org
https://www.debian.org/security/ Alberto Garcia
November 08, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : webkit2gtk
CVE ID : CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2022-42799
Jihwan Kim and Dohyun Lee discovered that visiting a malicious
website may lead to user interface spoofing.
For the stable distribution (bullseye), these problems have been fixed in
version 2.38.2-1~deb11u1.
We recommend that you upgrade your webkit2gtk packages |
|
var-202210-1526
|
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: webkit2gtk3 security and bug fix update
Advisory ID: RHSA-2023:2256-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:2256
Issue date: 2023-05-09
CVE Names: CVE-2022-32886 CVE-2022-32888 CVE-2022-32923
CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
CVE-2022-42826 CVE-2022-42852 CVE-2022-42863
CVE-2022-42867 CVE-2022-46691 CVE-2022-46692
CVE-2022-46698 CVE-2022-46699 CVE-2022-46700
CVE-2023-23517 CVE-2023-23518 CVE-2023-25358
CVE-2023-25360 CVE-2023-25361 CVE-2023-25362
CVE-2023-25363
====================================================================
1. Summary:
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64
3. Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 9.2 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux AppStream (v. 9):
Source:
webkit2gtk3-2.38.5-1.el9.src.rpm
aarch64:
webkit2gtk3-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
ppc64le:
webkit2gtk3-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
s390x:
webkit2gtk3-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.s390x.rpm
x86_64:
webkit2gtk3-2.38.5-1.el9.i686.rpm
webkit2gtk3-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.i686.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-32886
https://access.redhat.com/security/cve/CVE-2022-32888
https://access.redhat.com/security/cve/CVE-2022-32923
https://access.redhat.com/security/cve/CVE-2022-42799
https://access.redhat.com/security/cve/CVE-2022-42823
https://access.redhat.com/security/cve/CVE-2022-42824
https://access.redhat.com/security/cve/CVE-2022-42826
https://access.redhat.com/security/cve/CVE-2022-42852
https://access.redhat.com/security/cve/CVE-2022-42863
https://access.redhat.com/security/cve/CVE-2022-42867
https://access.redhat.com/security/cve/CVE-2022-46691
https://access.redhat.com/security/cve/CVE-2022-46692
https://access.redhat.com/security/cve/CVE-2022-46698
https://access.redhat.com/security/cve/CVE-2022-46699
https://access.redhat.com/security/cve/CVE-2022-46700
https://access.redhat.com/security/cve/CVE-2023-23517
https://access.redhat.com/security/cve/CVE-2023-23518
https://access.redhat.com/security/cve/CVE-2023-25358
https://access.redhat.com/security/cve/CVE-2023-25360
https://access.redhat.com/security/cve/CVE-2023-25361
https://access.redhat.com/security/cve/CVE-2023-25362
https://access.redhat.com/security/cve/CVE-2023-25363
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2022-10-27-12 Additional information for APPLE-SA-2022-10-24-5 watchOS 9.1
watchOS 9.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213491.
AppleMobileFileIntegrity
Available for: Apple Watch Series 4 and later
Impact: An app may be able to modify protected parts of the file
system
Description: This issue was addressed by removing additional
entitlements.
CVE-2022-42825: Mickey Jin (@patch1t)
Apple Neural Engine
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32932: Mohamed Ghannam (@_simo36)
Entry added October 27, 2022
Audio
Available for: Apple Watch Series 4 and later
Impact: Parsing a maliciously crafted audio file may lead to
disclosure of user information
Description: The issue was addressed with improved memory handling.
CVE-2022-42798: Anonymous working with Trend Micro Zero Day
Initiative
Entry added October 27, 2022
AVEVideoEncoder
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2022-32940: ABC Research s.r.o.
CFNetwork
Available for: Apple Watch Series 4 and later
Impact: Processing a maliciously crafted certificate may lead to
arbitrary code execution
Description: A certificate validation issue existed in the handling
of WKWebView.
CVE-2022-42813: Jonathan Zhang of Open Computing Facility
(ocf.berkeley.edu)
GPU Drivers
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32947: Asahi Lina (@LinaAsahi)
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32924: Ian Beer of Google Project Zero
Kernel
Available for: Apple Watch Series 4 and later
Impact: A remote user may be able to cause kernel code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-42808: Zweig of Kunlun Lab
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai
Entry added October 27, 2022
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A race condition was addressed with improved locking.
CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)
Entry added October 27, 2022
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved bounds checks.
CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai
Entry added October 27, 2022
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A logic issue was addressed with improved checks.
CVE-2022-42801: Ian Beer of Google Project Zero
Entry added October 27, 2022
Safari
Available for: Apple Watch Series 4 and later
Impact: Visiting a maliciously crafted website may leak sensitive
data
Description: A logic issue was addressed with improved state
management.
CVE-2022-42817: Mir Masood Ali, PhD student, University of Illinois
at Chicago; Binoy Chitale, MS student, Stony Brook University;
Mohammad Ghasemisharif, PhD Candidate, University of Illinois at
Chicago; Chris Kanich, Associate Professor, University of Illinois at
Chicago
Entry added October 27, 2022
Sandbox
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access user-sensitive data
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake
WebKit
Available for: Apple Watch Series 4 and later
Impact: Visiting a malicious website may lead to user interface
spoofing
Description: The issue was addressed with improved UI handling.
WebKit Bugzilla: 243693
CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun)
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
WebKit Bugzilla: 244622
CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A logic issue was addressed with improved state
management.
WebKit Bugzilla: 245058
CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser
Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University,
Dohyun Lee (@l33d0hyun) of DNSLab at Korea University
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may disclose
internal states of the app
Description: A correctness issue in the JIT was addressed with
improved checks.
WebKit Bugzilla: 242964
CVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab
Entry added October 27, 2022
zlib
Available for: Apple Watch Series 4 and later
Impact: A user may be able to cause unexpected app termination or
arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2022-37434: Evgeny Legerov
CVE-2022-42800: Evgeny Legerov
Entry added October 27, 2022
Additional recognition
iCloud
We would like to acknowledge Tim Michaud (@TimGMichaud) of
Moveworks.ai for their assistance.
Kernel
We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud
(@TimGMichaud) of Moveworks.ai, Tommy Muir (@Muirey03) for their
assistance.
WebKit
We would like to acknowledge Maddie Stone of Google Project Zero,
Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an
anonymous researcher for their assistance.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpQACgkQ4RjMIDke
NxndmQ/9FlBich1M+naXLmjo/AyBTdlmBdFUH6cU92PspO7vrzTZl3Gl3dSjvGg0
TU7AGeAAvr278Zra0Hrm+D+w2BMAd3SSIjBXyum02lx0AGyyAFaPEDVq4CpxnqUG
AEqBRrgoU9yZpTrIQXZlsnqphdv3KLVDzqqKlZjkPzIboYJ0I0c0HMP54618kx1n
oBtoEEjPrIhH9LJyt37FbtgRntCzuuyistaxKGugZo4UDUt8hkHLKpYHf/5BNfWl
/SaX1sy1ZJBoOezMC7/egaHPBbJRDnU3dXSQ7ON7h6w1Tc9NeUjXP0wf8BByeIko
zJF5StfqfBKa3fR8wl0uM4CWDuHVtVjHAv5lWSqEQoEFoAjud+Ajjr5j3DJegVW7
Xp5Xu7W2XRR03dCM/SCQXMttr/Eu7z4EPJZD1W5y/UYH+ZwF4tq+4fxdrLOzPh4j
uDLW+CWvF0d/+lVINDXzvzfQwEk77fbFJtUwL6Z5Sq95rtIL0/1OgtK/F/ODeyAX
8xYDCVdbn84K0/5K58NsvLS01XKXGISVY5yWrf3R7f69AVq7aiaaREY71pkuIwKf
+aGpuOJibybGZqIOedMES/FCYuUqZF/0N7TJH8LpmlYt/T+fXjeJkupdeT+2vpcX
iq3rTxsee+WgHhuR/3utIdIFZwVvgZBOadtHO6vIOQ1ce1QyLqI=
=ZTUZ
-----END PGP SIGNATURE-----
.
Safari 16.1 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5273-1 security@debian.org
https://www.debian.org/security/ Alberto Garcia
November 08, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : webkit2gtk
CVE ID : CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2022-42799
Jihwan Kim and Dohyun Lee discovered that visiting a malicious
website may lead to user interface spoofing.
For the stable distribution (bullseye), these problems have been fixed in
version 2.38.2-1~deb11u1.
We recommend that you upgrade your webkit2gtk packages |
|
var-201909-0695
|
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. =========================================================================
Ubuntu Security Notice USN-4135-1
September 18, 2019
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp,
linux-gke-4.15, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem,
linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel. (CVE-2019-14835)
It was discovered that the Linux kernel on PowerPC architectures did not
properly handle Facility Unavailable exceptions in some situations. A local
attacker could use this to expose sensitive information. (CVE-2019-15030)
It was discovered that the Linux kernel on PowerPC architectures did not
properly handle exceptions on interrupts in some situations. A local
attacker could use this to expose sensitive information. (CVE-2019-15031)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
linux-image-5.0.0-1016-aws 5.0.0-1016.18
linux-image-5.0.0-1017-gcp 5.0.0-1017.17
linux-image-5.0.0-1017-kvm 5.0.0-1017.18
linux-image-5.0.0-1017-raspi2 5.0.0-1017.17
linux-image-5.0.0-1020-azure 5.0.0-1020.21
linux-image-5.0.0-1021-snapdragon 5.0.0-1021.22
linux-image-5.0.0-29-generic 5.0.0-29.31
linux-image-5.0.0-29-generic-lpae 5.0.0-29.31
linux-image-5.0.0-29-lowlatency 5.0.0-29.31
linux-image-aws 5.0.0.1016.17
linux-image-azure 5.0.0.1020.19
linux-image-gcp 5.0.0.1017.43
linux-image-generic 5.0.0.29.30
linux-image-generic-lpae 5.0.0.29.30
linux-image-gke 5.0.0.1017.43
linux-image-kvm 5.0.0.1017.17
linux-image-lowlatency 5.0.0.29.30
linux-image-raspi2 5.0.0.1017.14
linux-image-snapdragon 5.0.0.1021.14
linux-image-virtual 5.0.0.29.30
Ubuntu 18.04 LTS:
linux-image-4.15.0-1025-oracle 4.15.0-1025.28
linux-image-4.15.0-1044-gcp 4.15.0-1044.70
linux-image-4.15.0-1044-gke 4.15.0-1044.46
linux-image-4.15.0-1046-kvm 4.15.0-1046.46
linux-image-4.15.0-1047-raspi2 4.15.0-1047.51
linux-image-4.15.0-1050-aws 4.15.0-1050.52
linux-image-4.15.0-1056-oem 4.15.0-1056.65
linux-image-4.15.0-1064-snapdragon 4.15.0-1064.71
linux-image-4.15.0-64-generic 4.15.0-64.73
linux-image-4.15.0-64-generic-lpae 4.15.0-64.73
linux-image-4.15.0-64-lowlatency 4.15.0-64.73
linux-image-5.0.0-1017-gke 5.0.0-1017.17~18.04.1
linux-image-5.0.0-1020-azure 5.0.0-1020.21~18.04.1
linux-image-5.0.0-29-generic 5.0.0-29.31~18.04.1
linux-image-5.0.0-29-generic-lpae 5.0.0-29.31~18.04.1
linux-image-5.0.0-29-lowlatency 5.0.0-29.31~18.04.1
linux-image-aws 4.15.0.1050.49
linux-image-azure 5.0.0.1020.30
linux-image-gcp 4.15.0.1044.70
linux-image-generic 4.15.0.64.66
linux-image-generic-hwe-18.04 5.0.0.29.86
linux-image-generic-lpae 4.15.0.64.66
linux-image-generic-lpae-hwe-18.04 5.0.0.29.86
linux-image-gke 4.15.0.1044.47
linux-image-gke-4.15 4.15.0.1044.47
linux-image-gke-5.0 5.0.0.1017.7
linux-image-kvm 4.15.0.1046.46
linux-image-lowlatency 4.15.0.64.66
linux-image-lowlatency-hwe-18.04 5.0.0.29.86
linux-image-oem 4.15.0.1056.60
linux-image-oracle 4.15.0.1025.28
linux-image-powerpc-e500mc 4.15.0.64.66
linux-image-powerpc-smp 4.15.0.64.66
linux-image-powerpc64-emb 4.15.0.64.66
linux-image-powerpc64-smp 4.15.0.64.66
linux-image-raspi2 4.15.0.1047.45
linux-image-snapdragon 4.15.0.1064.67
linux-image-snapdragon-hwe-18.04 5.0.0.29.86
linux-image-virtual 4.15.0.64.66
linux-image-virtual-hwe-18.04 5.0.0.29.86
Ubuntu 16.04 LTS:
linux-image-4.15.0-1025-oracle 4.15.0-1025.28~16.04.1
linux-image-4.15.0-1044-gcp 4.15.0-1044.46
linux-image-4.15.0-1050-aws 4.15.0-1050.52~16.04.1
linux-image-4.15.0-1059-azure 4.15.0-1059.64
linux-image-4.15.0-64-generic 4.15.0-64.73~16.04.1
linux-image-4.15.0-64-generic-lpae 4.15.0-64.73~16.04.1
linux-image-4.15.0-64-lowlatency 4.15.0-64.73~16.04.1
linux-image-4.4.0-1058-kvm 4.4.0-1058.65
linux-image-4.4.0-1094-aws 4.4.0-1094.105
linux-image-4.4.0-1122-raspi2 4.4.0-1122.131
linux-image-4.4.0-1126-snapdragon 4.4.0-1126.132
linux-image-4.4.0-164-generic 4.4.0-164.192
linux-image-4.4.0-164-generic-lpae 4.4.0-164.192
linux-image-4.4.0-164-lowlatency 4.4.0-164.192
linux-image-4.4.0-164-powerpc-e500mc 4.4.0-164.192
linux-image-4.4.0-164-powerpc-smp 4.4.0-164.192
linux-image-4.4.0-164-powerpc64-emb 4.4.0-164.192
linux-image-4.4.0-164-powerpc64-smp 4.4.0-164.192
linux-image-aws 4.4.0.1094.98
linux-image-aws-hwe 4.15.0.1050.50
linux-image-azure 4.15.0.1059.62
linux-image-gcp 4.15.0.1044.58
linux-image-generic 4.4.0.164.172
linux-image-generic-hwe-16.04 4.15.0.64.84
linux-image-generic-lpae 4.4.0.164.172
linux-image-generic-lpae-hwe-16.04 4.15.0.64.84
linux-image-gke 4.15.0.1044.58
linux-image-kvm 4.4.0.1058.58
linux-image-lowlatency 4.4.0.164.172
linux-image-lowlatency-hwe-16.04 4.15.0.64.84
linux-image-oem 4.15.0.64.84
linux-image-oracle 4.15.0.1025.18
linux-image-powerpc-e500mc 4.4.0.164.172
linux-image-powerpc-smp 4.4.0.164.172
linux-image-powerpc64-emb 4.4.0.164.172
linux-image-powerpc64-smp 4.4.0.164.172
linux-image-raspi2 4.4.0.1122.122
linux-image-snapdragon 4.4.0.1126.118
linux-image-virtual 4.4.0.164.172
linux-image-virtual-hwe-16.04 4.15.0.64.84
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well. 7.3) - noarch, x86_64
3.
(CVE-2019-14835)
* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* fs deadlock when a memory allocation waits on page writeback in NOFS
context (BZ#1729105)
* fragmented packets timing out (BZ#1729410)
* kernel build: speed up debuginfo extraction (BZ#1731461)
* use "make -jN" for modules_install (BZ#1735080)
* shmem: consider shm_mnt as a long-term mount (BZ#1737375)
* Backport TCP follow-up for small buffers (BZ#1739126)
4.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/linux-4.4.199/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 4.4.191:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10906
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10905
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117
Fixed in 4.4.193:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835
Fixed in 4.4.194:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14814
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15505
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821
Fixed in 4.4.195:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17053
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17052
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17056
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17055
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17054
Fixed in 4.4.196:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215
Fixed in 4.4.197:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20976
Fixed in 4.4.198:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17133
Fixed in 4.4.199:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15098
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated packages for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-smp-4.4.199_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199_smp-x86-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-smp-4.4.199_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-smp-4.4.199_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199_smp-noarch-1.txz
Updated packages for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199-x86-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199-noarch-1.txz
MD5 signatures:
+-------------+
Slackware 14.2 packages:
0e523f42e759ecc2399f36e37672f110 kernel-generic-4.4.199-i586-1.txz
ee6451f5362008b46fee2e08e3077b21 kernel-generic-smp-4.4.199_smp-i686-1.txz
a8338ef88f2e3ea9c74d564c36ccd420 kernel-headers-4.4.199_smp-x86-1.txz
cd9e9c241e4eec2fba1dae658a28870e kernel-huge-4.4.199-i586-1.txz
842030890a424023817d42a83a86a7f4 kernel-huge-smp-4.4.199_smp-i686-1.txz
257db024bb4501548ac9118dbd2d9ae6 kernel-modules-4.4.199-i586-1.txz
96377cbaf7bca55aaca70358c63151a7 kernel-modules-smp-4.4.199_smp-i686-1.txz
0673e86466f9e624964d95107cf6712f kernel-source-4.4.199_smp-noarch-1.txz
Slackware x86_64 14.2 packages:
6d1ff428e7cad6caa8860acc402447a1 kernel-generic-4.4.199-x86_64-1.txz
dadc091dc725b8227e0d1e35098d6416 kernel-headers-4.4.199-x86-1.txz
f5f4c034203f44dd1513ad3504c42515 kernel-huge-4.4.199-x86_64-1.txz
a5337cd8b2ca80d4d93b9e9688e42b03 kernel-modules-4.4.199-x86_64-1.txz
5dd6e46c04f37b97062dc9e52cc38add kernel-source-4.4.199-noarch-1.txz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg kernel-*.txz
If you are using an initrd, you'll need to rebuild it.
For a 32-bit SMP machine, use this command (substitute the appropriate
kernel version if you are not running Slackware 14.2):
# /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199-smp | bash
For a 64-bit machine, or a 32-bit uniprocessor machine, use this command
(substitute the appropriate kernel version if you are not running
Slackware 14.2):
# /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199 | bash
Please note that "uniprocessor" has to do with the kernel you are running,
not with the CPU. Most systems should run the SMP kernel (if they can)
regardless of the number of cores the CPU has. If you aren't sure which
kernel you are running, run "uname -a". If you see SMP there, you are
running the SMP kernel and should use the 4.4.199-smp version when running
mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit
systems should always use 4.4.199 as the version.
If you are using lilo or elilo to boot the machine, you'll need to ensure
that the machine is properly prepared before rebooting.
If using LILO:
By default, lilo.conf contains an image= line that references a symlink
that always points to the correct kernel. No editing should be required
unless your machine uses a custom lilo.conf. If that is the case, be sure
that the image= line references the correct kernel file. Either way,
you'll need to run "lilo" as root to reinstall the boot loader.
If using elilo:
Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish
to use, and then run eliloconfig to update the EFI System Partition.
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address.
CVE-2019-14821
Matt Delco reported a race condition in KVM's coalesced MMIO
facility, which could lead to out-of-bounds access in the kernel.
A local attacker permitted to access /dev/kvm could use this to
cause a denial of service (memory corruption or crash) or possibly
for privilege escalation.
CVE-2019-14835
Peter Pi of Tencent Blade Team discovered a missing bounds check
in vhost_net, the network back-end driver for KVM hosts, leading
to a buffer overflow when the host begins live migration of a VM.
An attacker in control of a VM could use this to cause a denial of
service (memory corruption or crash) or possibly for privilege
escalation on the host.
CVE-2019-15117
Hui Peng and Mathias Payer reported a missing bounds check in the
usb-audio driver's descriptor parsing code, leading to a buffer
over-read. An attacker able to add USB devices could possibly use
this to cause a denial of service (crash).
CVE-2019-15118
Hui Peng and Mathias Payer reported unbounded recursion in the
usb-audio driver's descriptor parsing code, leading to a stack
overflow. An attacker able to add USB devices could use this to
cause a denial of service (memory corruption or crash) or possibly
for privilege escalation. On the amd64 architecture, and on the
arm64 architecture in buster, this is mitigated by a guard page
on the kernel stack, so that it is only possible to cause a crash.
CVE-2019-15902
Brad Spengler reported that a backporting error reintroduced a
spectre-v1 vulnerability in the ptrace subsystem in the
ptrace_get_debugreg() function.
For the oldstable distribution (stretch), these problems have been fixed
in version 4.9.189-3+deb9u1.
For the stable distribution (buster), these problems have been fixed in
version 4.19.67-2+deb10u1.
For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl2K5xlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Sj8xAAnBGWzlmy5RyQe8VCE3kkMpwmH/00I5IFpjTbAVvyHzKVYl96YbY1YuAP
ID++cBxBElWCQriwCESc5Um/BGpOMmTa3VlkXIVy6uHgwt1Hn+ZW/syFaGt0/brW
eKIecVQLyZaV7OOx4Q+J9H5WN1FNKoV3BCsfUFlRqNCUtYQ46X7pN+gyytW4KbZo
AEbPkEdUhv2Z6ndq8Z/OJ5cyYms+OonEt08e2qcN0Ig+qRY9l3fgSn/X3tKQiuJj
jGKPkd0VYrFzfDKekcboIBZyegahReRe4k+V8I+o/acuQJGR1cV/qCGxboFFI2+s
WeSUhaVixP+7HLXyRljFBdvXlAnx/IajEPG+RAVt6zZs1yK+8bVIhai5TarcwbF3
DWQZvpAeLaKgIN4x7s7xDHNJzO9Ea9fhXm/9T1AoaO3wdN2zjOYHLG3YO4TF0PpF
rYY9t17uNdAuCxPeQWCciDOiNQVbEmr3+al/78m2VZcBYEI2s1E9fgQJV21rRlv+
fEavwX9OJg6GKcW9v6cyegyf4gfTvjyzIP/rcmn55hiQ9vjVNykkoNUES5Do6sTb
/pSSRuUpJtEE+6LnnqbdD0E6l8SC6zgA/+Pu/7BrACxlk9bhYFmVaAwbPPEuRgrz
3d87MB8FEHu4RDGSgomb849wuAXnEVDwM034VtURUSEAXVFQ0dY=Wqdv
-----END PGP SIGNATURE-----
. 8) - x86_64
3. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security update
Advisory ID: RHSA-2019:2863-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:2863
Issue date: 2019-09-23
CVE Names: CVE-2019-14835
====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
(CVE-2019-14835)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
kernel-2.6.32-754.23.1.el6.src.rpm
i386:
kernel-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
kernel-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-headers-2.6.32-754.23.1.el6.i686.rpm
perf-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm
kernel-doc-2.6.32-754.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm
perf-2.6.32-754.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
kernel-2.6.32-754.23.1.el6.src.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm
kernel-doc-2.6.32-754.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm
perf-2.6.32-754.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
kernel-2.6.32-754.23.1.el6.src.rpm
i386:
kernel-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
kernel-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-headers-2.6.32-754.23.1.el6.i686.rpm
perf-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm
kernel-doc-2.6.32-754.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm
ppc64:
kernel-2.6.32-754.23.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-754.23.1.el6.ppc64.rpm
kernel-debug-2.6.32-754.23.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-754.23.1.el6.ppc64.rpm
kernel-devel-2.6.32-754.23.1.el6.ppc64.rpm
kernel-headers-2.6.32-754.23.1.el6.ppc64.rpm
perf-2.6.32-754.23.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm
s390x:
kernel-2.6.32-754.23.1.el6.s390x.rpm
kernel-debug-2.6.32-754.23.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.23.1.el6.s390x.rpm
kernel-devel-2.6.32-754.23.1.el6.s390x.rpm
kernel-headers-2.6.32-754.23.1.el6.s390x.rpm
kernel-kdump-2.6.32-754.23.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-754.23.1.el6.s390x.rpm
perf-2.6.32-754.23.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
x86_64:
kernel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm
perf-2.6.32-754.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
ppc64:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-754.23.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm
python-perf-2.6.32-754.23.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm
s390x:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.23.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
python-perf-2.6.32-754.23.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
kernel-2.6.32-754.23.1.el6.src.rpm
i386:
kernel-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
kernel-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-headers-2.6.32-754.23.1.el6.i686.rpm
perf-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm
kernel-doc-2.6.32-754.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm
perf-2.6.32-754.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
python-perf-2.6.32-754.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-14835
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/kernel-vhost
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXYiPr9zjgjWX9erEAQjN1A/+IHOdg8Beicp8yr78sUumJ7+hE87hxu0f
TCubCbjezezlvYlEfTcCz0nCF6HvcETrxNA6yj70lVLL6zc/ink1/EV7IaIis4f7
pQ5eO6pc8d0jm0x4k5y5Kjif0bxROUJeSvuI6p3nfhDZkXH5rswlfZC3/GlzVrpY
CJWDWWYdcOlK6KYCai/AZTPVGL2qOvtIma7tbYfhXyyexk48S/mYIgwVKyH2MYG/
sYVoZQRuq9cT9Obl0y/O9LcG3RJ6+JAhC5+FvU3zcbndT+32SEeKKlmbSSEYuFmE
SFRRWDiZX1uhElW/K7nYrRTN87bJZ0wgIOvXauQmWMwS1NAuelQIqOQ3NAXG8oYz
A/wOPkILOHI352z8/Dm+p/Po6Ql/PUPZBT+GYmLv+Mju0pckg/7OLLqHqFUGwEey
J0rSl9OaePNyOmUdPYOAOKPrwRnLHArG3kSKzLDnW2T1MQX0/51tDgasxptS1ekQ
S8mvrKJoqc7Vlghx3jZ854/Uegx6J7eUlQmuSWvZGAM6sR9826TzpQHag2am1sUt
JtAjh9Zv4f+C292ltjLRtp2zuKmYQNcDCl8NoustAi7SXvYcAYr5uSXDMc+BajIa
MY2jtvyVIyGHpf4jkoDBtTLtmhIyhU+fs1MEF9SI0nvbveqMMzJFXXs6ExOy0OBI
1XpQhVd4g6E=hfEj
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. 7) - ppc64le, x86_64
3. Description:
This is a kernel live patch module which can be loaded by the kpatch
command line utility to modify the code of a running kernel |