Action not permitted
Modal body text goes here.
CVE-2018-0737
Vulnerability from cvelistv5
Published
2018-04-16 17:00
Modified
2024-09-17 03:53
Severity ?
EPSS score ?
Summary
Cache timing vulnerability in RSA Key Generation
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"name": "DSA-4355",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"name": "USN-3628-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3628-2/"
},
{
"name": "GLSA-201811-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201811-21"
},
{
"name": "USN-3692-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3692-2/"
},
{
"name": "RHSA-2018:3505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name": "103766",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103766"
},
{
"name": "USN-3692-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3692-1/"
},
{
"name": "RHSA-2018:3221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"name": "DSA-4348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"name": "1040685",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040685"
},
{
"name": "USN-3628-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3628-1/"
},
{
"name": "FEDORA-2019-db06efdea1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"
},
{
"name": "FEDORA-2019-00c25b9379",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"
},
{
"name": "FEDORA-2019-9a0a7c0986",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"
},
{
"name": "RHSA-2019:3933",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"name": "RHSA-2019:3935",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"name": "RHSA-2019:3932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20180416.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"status": "affected",
"version": "Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h)"
},
{
"status": "affected",
"version": "Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia"
}
],
"datePublic": "2018-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)."
}
],
"metrics": [
{
"other": {
"content": {
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Constant time issue",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-20T22:53:10",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"name": "DSA-4355",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"name": "USN-3628-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3628-2/"
},
{
"name": "GLSA-201811-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201811-21"
},
{
"name": "USN-3692-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3692-2/"
},
{
"name": "RHSA-2018:3505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name": "103766",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103766"
},
{
"name": "USN-3692-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3692-1/"
},
{
"name": "RHSA-2018:3221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"name": "DSA-4348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"name": "1040685",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040685"
},
{
"name": "USN-3628-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3628-1/"
},
{
"name": "FEDORA-2019-db06efdea1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"
},
{
"name": "FEDORA-2019-00c25b9379",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"
},
{
"name": "FEDORA-2019-9a0a7c0986",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"
},
{
"name": "RHSA-2019:3933",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"name": "RHSA-2019:3935",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"name": "RHSA-2019:3932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openssl.org/news/secadv/20180416.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0003/"
}
],
"title": "Cache timing vulnerability in RSA Key Generation",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2018-04-16",
"ID": "CVE-2018-0737",
"STATE": "PUBLIC",
"TITLE": "Cache timing vulnerability in RSA Key Generation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_value": "Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h)"
},
{
"version_value": "Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)"
}
]
}
}
]
},
"vendor_name": "OpenSSL"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)."
}
]
},
"impact": [
{
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Constant time issue"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"name": "DSA-4355",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"name": "USN-3628-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3628-2/"
},
{
"name": "GLSA-201811-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-21"
},
{
"name": "USN-3692-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3692-2/"
},
{
"name": "RHSA-2018:3505",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name": "103766",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103766"
},
{
"name": "USN-3692-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3692-1/"
},
{
"name": "RHSA-2018:3221",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"name": "DSA-4348",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"name": "1040685",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040685"
},
{
"name": "USN-3628-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3628-1/"
},
{
"name": "FEDORA-2019-db06efdea1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"
},
{
"name": "FEDORA-2019-00c25b9379",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"
},
{
"name": "FEDORA-2019-9a0a7c0986",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"
},
{
"name": "RHSA-2019:3933",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"name": "RHSA-2019:3935",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"name": "RHSA-2019:3932",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "https://www.tenable.com/security/tns-2018-14",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"name": "https://www.tenable.com/security/tns-2018-13",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"name": "https://www.tenable.com/security/tns-2018-17",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"name": "https://www.tenable.com/security/tns-2018-12",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787"
},
{
"name": "https://www.openssl.org/news/secadv/20180416.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20180416.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2018-0737",
"datePublished": "2018-04-16T17:00:00Z",
"dateReserved": "2017-11-30T00:00:00",
"dateUpdated": "2024-09-17T03:53:55.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-0737\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2018-04-16T18:29:00.267\",\"lastModified\":\"2023-11-07T02:51:05.690\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).\"},{\"lang\":\"es\",\"value\":\"Se ha demostrado que el algoritmo de generaci\u00f3n de claves RSA en OpenSSL es vulnerable a un ataque de sincronizaci\u00f3n de canal lateral de cach\u00e9. Un atacante con acceso suficiente para montar ataques de sincronizaci\u00f3n de cach\u00e9 durante el proceso de generaci\u00f3n de claves RSA podr\u00eda recuperar la clave privada. Se ha solucionado en OpenSSL 1.1.0i-dev (afecta a 1.1.0-1.1.0h). Se ha solucionado en OpenSSL 1.0.2p-dev (afecta a 1.0.2b-1.0.2o).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.3},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-327\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.2b\",\"versionEndIncluding\":\"1.0.2o\",\"matchCriteriaId\":\"E14A0A5C-7968-4966-B32C-FAFB42644B4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0\",\"versionEndIncluding\":\"1.1.0h\",\"matchCriteriaId\":\"BF986111-5DDB-4BC8-AF03-14626778AB23\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.securityfocus.com/bid/103766\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040685\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3221\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3505\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3932\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3933\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3935\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://security.gentoo.org/glsa/201811-21\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180726-0003/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://securityadvisories.paloaltonetworks.com/Home/Detail/133\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://usn.ubuntu.com/3628-1/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3628-2/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3692-1/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://usn.ubuntu.com/3692-2/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4348\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4355\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.openssl.org/news/secadv/20180416.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.tenable.com/security/tns-2018-12\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.tenable.com/security/tns-2018-13\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.tenable.com/security/tns-2018-14\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.tenable.com/security/tns-2018-17\",\"source\":\"openssl-security@openssl.org\"}]}}"
}
}
rhsa-2019_3935
Vulnerability from csaf_redhat
Published
2019-11-20 16:08
Modified
2025-03-17 00:57
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.37 zip release
for RHEL 6, RHEL 7 and Microsoft Windows is available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) * mod_session_cookie does not respect expiry time (CVE-2018-17199) * mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * mod_http2: possible crash on late upgrade (CVE-2019-0197) * mod_http2: read-after-free on a string compare (CVE-2019-0196) * nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) * mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Pack Apache Server 2.4.37 zip release\nfor RHEL 6, RHEL 7 and Microsoft Windows is available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) * mod_session_cookie does not respect expiry time (CVE-2018-17199) * mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * mod_http2: possible crash on late upgrade (CVE-2019-0197) * mod_http2: read-after-free on a string compare (CVE-2019-0196) * nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) * mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3935",
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1568253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568253"
},
{
"category": "external",
"summary": "1644364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644364"
},
{
"category": "external",
"summary": "1645695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645695"
},
{
"category": "external",
"summary": "1668493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493"
},
{
"category": "external",
"summary": "1668497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497"
},
{
"category": "external",
"summary": "1695020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695020"
},
{
"category": "external",
"summary": "1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "1735741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741"
},
{
"category": "external",
"summary": "1741860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741860"
},
{
"category": "external",
"summary": "1741864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864"
},
{
"category": "external",
"summary": "1741868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868"
},
{
"category": "external",
"summary": "JBCS-798",
"url": "https://issues.redhat.com/browse/JBCS-798"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3935.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release",
"tracking": {
"current_release_date": "2025-03-17T00:57:24+00:00",
"generator": {
"date": "2025-03-17T00:57:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2019:3935",
"initial_release_date": "2019-11-20T16:08:18+00:00",
"revision_history": [
{
"date": "2019-11-20T16:08:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-06T13:01:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-17T00:57:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Text-Only JBCS",
"product": {
"name": "Text-Only JBCS",
"product_id": "Text-Only JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0734",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2018-10-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1644364"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing side channel attack in the DSA signature algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0734"
},
{
"category": "external",
"summary": "RHBZ#1644364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0734",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
}
],
"release_date": "2018-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: timing side channel attack in the DSA signature algorithm"
},
{
"cve": "CVE-2018-0737",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2018-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568253"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0737"
},
{
"category": "external",
"summary": "RHBZ#1568253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568253"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2018/04/16/3",
"url": "http://www.openwall.com/lists/oss-security/2018/04/16/3"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20180416.txt",
"url": "https://www.openssl.org/news/secadv/20180416.txt"
}
],
"release_date": "2018-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys"
},
{
"acknowledgments": [
{
"names": [
"Alejandro Cabrera Aldaya"
],
"organization": "Universidad Tecnologica de la Habana CUJAE; Cuba"
},
{
"names": [
"Billy Bob Brumley",
"Cesar Pereida Garcia",
"Sohaib ul Hassan"
]
},
{
"names": [
"Nicola Tuveri"
],
"organization": "Tampere University of Technology; Finland"
}
],
"cve": "CVE-2018-5407",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1645695"
}
],
"notes": [
{
"category": "description",
"text": "A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a timing side-channel flaw on processors which implement SMT/Hyper-Threading architectures. It can result in leakage of secret data in applications such as OpenSSL that has secret dependent control flow at any granularity level. In order to exploit this flaw, the attacker needs to run a malicious process on the same core of the processor as the victim process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5407"
},
{
"category": "external",
"summary": "RHBZ#1645695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5407"
},
{
"category": "external",
"summary": "https://github.com/bbbrumley/portsmash",
"url": "https://github.com/bbbrumley/portsmash"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20181112.txt",
"url": "https://www.openssl.org/news/secadv/20181112.txt"
}
],
"release_date": "2018-10-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"category": "workaround",
"details": "At this time Red Hat Engineering is working on patches for openssl package in Red Hat Enterprise Linux 7 to address this issue. Until fixes are available, users are advised to review the guidance supplied in the L1 Terminal Fault vulnerability article: https://access.redhat.com/security/vulnerabilities/L1TF and decide what their exposure across shared CPU threads are and act accordingly.",
"product_ids": [
"Text-Only JBCS"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)"
},
{
"cve": "CVE-2018-17189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668497"
}
],
"notes": [
{
"category": "description",
"text": "In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: DoS via slow, unneeded request bodies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17189"
},
{
"category": "external",
"summary": "RHBZ#1668497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17189",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189"
}
],
"release_date": "2019-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: DoS via slow, unneeded request bodies"
},
{
"cve": "CVE-2018-17199",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"discovery_date": "2019-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668493"
}
],
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session_cookie does not respect expiry time",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17199"
},
{
"category": "external",
"summary": "RHBZ#1668493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199"
}
],
"release_date": "2019-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session_cookie does not respect expiry time"
},
{
"cve": "CVE-2019-0196",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695030"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: read-after-free on a string compare",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0196"
},
{
"category": "external",
"summary": "RHBZ#1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0196",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: read-after-free on a string compare"
},
{
"cve": "CVE-2019-0197",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695042"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: possible crash on late upgrade",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0197"
},
{
"category": "external",
"summary": "RHBZ#1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0197",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: possible crash on late upgrade"
},
{
"cve": "CVE-2019-0217",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695020"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in mod_auth_digest when the web server was running in a threaded MPM configuration. It could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_auth_digest: access control bypass due to race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the the fact that digest authentication is rarely used in modern day web applications and httpd package shipped with Red Hat products do not ship threaded MPM configuration by default, this flaw has been rated as having Moderate level security impact. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0217"
},
{
"category": "external",
"summary": "RHBZ#1695020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0217"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"category": "workaround",
"details": "This flaw only affects a threaded server configuration, so using the prefork MPM is an effective mitigation. In versions of httpd package shipped with Red Hat Enterprise Linux 7, the prefork MPM is the default configuration.",
"product_ids": [
"Text-Only JBCS"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_auth_digest: access control bypass due to race condition"
},
{
"cve": "CVE-2019-9511",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741860"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: large amount of data requests leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "There are no mitigations available for nghttp2 and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9511"
},
{
"category": "external",
"summary": "RHBZ#1741860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741860"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9511",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"Text-Only JBCS"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: large amount of data requests leads to denial of service"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2019-9513",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1735741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: flood using PRIORITY frames results in excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has no available mitigation for packages nghttp2 and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9513"
},
{
"category": "external",
"summary": "RHBZ#1735741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/",
"url": "https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"Text-Only JBCS"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: flood using PRIORITY frames results in excessive resource consumption"
},
{
"cve": "CVE-2019-9516",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741864"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker, sending a stream of header with a 0-length header name and a 0-length header value, could cause some implementations to allocate memory for these headers and keep the allocations alive until the session dies. The can consume excess memory, potentially leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: 0-length headers lead to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9516"
},
{
"category": "external",
"summary": "RHBZ#1741864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/issues/1382#",
"url": "https://github.com/nghttp2/nghttp2/issues/1382#"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"Text-Only JBCS"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: 0-length headers lead to denial of service"
},
{
"cve": "CVE-2019-9517",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741868"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in HTTP/2. An attacker can open a HTTP/2 window so the peer can send without constraint. The TCP window remains closed so the peer cannot write the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the server\u0027s queue is setup, the responses can consume excess memory, CPU, or both, potentially leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: request for large response leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The package httpd versions as shipped with Red Hat Enterprise Linux 5, 6 and 7 are not affected by this issue as HTTP/2 support is not provided.\nThis flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9517"
},
{
"category": "external",
"summary": "RHBZ#1741868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9517",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:08:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"category": "workaround",
"details": "The httpd version shipped with Red Hat Enterprise Linux 8 provides HTTP/2 support through mod_http2 package. While mod_http2 package is not updated, users can disable HTTP/2 support as mitigation action by executing the following steps:\n\n1. Stop httpd service:\n$ systemctl stop httpd\n\n2. Remove http/2 protocol support from configuration files:\n$ sed -i \u0027s/\\(h2\\)\\|\\(h2c\\)//g\u0027 \u003chttpd_config_file\u003e\n\n3. Validate configuration files to make sure all syntax is valid:\n$ apachectl configtest\n\n4. Restart httpd service:\n$ systemctl start httpd",
"product_ids": [
"Text-Only JBCS"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: request for large response leads to denial of service"
}
]
}
rhsa-2018_3221
Vulnerability from csaf_redhat
Published
2018-10-30 11:11
Modified
2024-11-22 12:08
Summary
Red Hat Security Advisory: openssl security, bug fix, and enhancement update
Notes
Topic
An update for openssl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)
* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)
* openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739)
* openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)
* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openssl is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)\n\n* openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739)\n\n* openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)\n\n* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:3221",
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index"
},
{
"category": "external",
"summary": "1486144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486144"
},
{
"category": "external",
"summary": "1548401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548401"
},
{
"category": "external",
"summary": "1561266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1561266"
},
{
"category": "external",
"summary": "1568253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568253"
},
{
"category": "external",
"summary": "1585004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585004"
},
{
"category": "external",
"summary": "1591100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591100"
},
{
"category": "external",
"summary": "1591163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591163"
},
{
"category": "external",
"summary": "1603597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1603597"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_3221.json"
}
],
"title": "Red Hat Security Advisory: openssl security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T12:08:01+00:00",
"generator": {
"date": "2024-11-22T12:08:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:3221",
"initial_release_date": "2018-10-30T11:11:49+00:00",
"revision_history": [
{
"date": "2018-10-30T11:11:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-10-30T11:11:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T12:08:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"product_id": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-16.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"product": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"product_id": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-16.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"product": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"product_id": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-16.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-16.el7.x86_64",
"product": {
"name": "openssl-1:1.0.2k-16.el7.x86_64",
"product_id": "openssl-1:1.0.2k-16.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-16.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-16.el7.x86_64",
"product": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64",
"product_id": "openssl-static-1:1.0.2k-16.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-16.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"product": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"product_id": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-16.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"product_id": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-16.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-16.el7.i686",
"product": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686",
"product_id": "openssl-libs-1:1.0.2k-16.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-16.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-16.el7.i686",
"product": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686",
"product_id": "openssl-devel-1:1.0.2k-16.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-16.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-16.el7.i686",
"product": {
"name": "openssl-static-1:1.0.2k-16.el7.i686",
"product_id": "openssl-static-1:1.0.2k-16.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-16.el7?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:1.0.2k-16.el7.src",
"product": {
"name": "openssl-1:1.0.2k-16.el7.src",
"product_id": "openssl-1:1.0.2k-16.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-16.el7?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"product_id": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-16.el7?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-16.el7.ppc",
"product": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc",
"product_id": "openssl-libs-1:1.0.2k-16.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-16.el7?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-16.el7.ppc",
"product": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc",
"product_id": "openssl-devel-1:1.0.2k-16.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-16.el7?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-16.el7.ppc",
"product": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc",
"product_id": "openssl-static-1:1.0.2k-16.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-16.el7?arch=ppc\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"product_id": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-16.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"product": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"product_id": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-16.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"product": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"product_id": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-16.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-16.el7.ppc64",
"product": {
"name": "openssl-1:1.0.2k-16.el7.ppc64",
"product_id": "openssl-1:1.0.2k-16.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-16.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-16.el7.ppc64",
"product": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64",
"product_id": "openssl-static-1:1.0.2k-16.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-16.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"product": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"product_id": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-16.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"product_id": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-16.el7?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-16.el7.s390",
"product": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390",
"product_id": "openssl-libs-1:1.0.2k-16.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-16.el7?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-16.el7.s390",
"product": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390",
"product_id": "openssl-devel-1:1.0.2k-16.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-16.el7?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-16.el7.s390",
"product": {
"name": "openssl-static-1:1.0.2k-16.el7.s390",
"product_id": "openssl-static-1:1.0.2k-16.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-16.el7?arch=s390\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"product_id": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-16.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-16.el7.s390x",
"product": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x",
"product_id": "openssl-libs-1:1.0.2k-16.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-16.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-16.el7.s390x",
"product": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x",
"product_id": "openssl-devel-1:1.0.2k-16.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-16.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-16.el7.s390x",
"product": {
"name": "openssl-1:1.0.2k-16.el7.s390x",
"product_id": "openssl-1:1.0.2k-16.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-16.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-16.el7.s390x",
"product": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x",
"product_id": "openssl-static-1:1.0.2k-16.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-16.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-16.el7.s390x",
"product": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x",
"product_id": "openssl-perl-1:1.0.2k-16.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-16.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"product_id": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-16.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"product": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"product_id": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-16.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"product": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"product_id": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-16.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-16.el7.ppc64le",
"product": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le",
"product_id": "openssl-1:1.0.2k-16.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-16.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"product": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"product_id": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-16.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"product": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"product_id": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-16.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-16.el7.aarch64",
"product": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64",
"product_id": "openssl-static-1:1.0.2k-16.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-16.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"product_id": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-16.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"product": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"product_id": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-16.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"product": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"product_id": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-16.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"product": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"product_id": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-16.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-16.el7.aarch64",
"product": {
"name": "openssl-1:1.0.2k-16.el7.aarch64",
"product_id": "openssl-1:1.0.2k-16.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-16.el7?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src"
},
"product_reference": "openssl-1:1.0.2k-16.el7.src",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.i686",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-16.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-16.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3735",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1486144"
}
],
"notes": [
{
"category": "description",
"text": "While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Malformed X.509 IPAdressFamily could cause OOB read",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only exhibits itself when:\n1. OpenSSL is used to display details of a local or a remote certificate.\n2. The certificate contains the uncommon RFC 3779 IPAddressFamily extension.\n\nThe maximum impact of this flaw is garbled information being displayed, there is no impact on the availability of service using such a certificate. Also this flaw can NOT be used to create specially-crafted certificates. Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3735"
},
{
"category": "external",
"summary": "RHBZ#1486144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3735"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170828.txt",
"url": "https://www.openssl.org/news/secadv/20170828.txt"
}
],
"release_date": "2017-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T11:11:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: Malformed X.509 IPAdressFamily could cause OOB read"
},
{
"cve": "CVE-2018-0495",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1591163"
}
],
"notes": [
{
"category": "description",
"text": "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Since the 5.8.3 release, Red Hat CloudForms no longer uses libtomcrypt.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0495"
},
{
"category": "external",
"summary": "RHBZ#1591163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591163"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0495",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0495"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0495",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0495"
},
{
"category": "external",
"summary": "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/",
"url": "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"
}
],
"release_date": "2018-06-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T11:11:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries"
},
{
"cve": "CVE-2018-0732",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2018-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1591100"
}
],
"notes": [
{
"category": "description",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "RHBZ#1591100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591100"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0732"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20180612.txt",
"url": "https://www.openssl.org/news/secadv/20180612.txt"
}
],
"release_date": "2018-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T11:11:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang"
},
{
"cve": "CVE-2018-0737",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2018-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568253"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0737"
},
{
"category": "external",
"summary": "RHBZ#1568253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568253"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2018/04/16/3",
"url": "http://www.openwall.com/lists/oss-security/2018/04/16/3"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20180416.txt",
"url": "https://www.openssl.org/news/secadv/20180416.txt"
}
],
"release_date": "2018-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T11:11:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys"
},
{
"cve": "CVE-2018-0739",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1561266"
}
],
"notes": [
{
"category": "description",
"text": "Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0739"
},
{
"category": "external",
"summary": "RHBZ#1561266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1561266"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0739",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0739",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0739"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20180327.txt",
"url": "https://www.openssl.org/news/secadv/20180327.txt"
}
],
"release_date": "2018-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T11:11:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Client-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Client-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Client-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7ComputeNode-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7ComputeNode-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-Alt-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-Alt-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Server-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Server-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-7.6:openssl-static-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.src",
"7Workstation-optional-7.6:openssl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-debuginfo-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-devel-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-libs-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-perl-1:1.0.2k-16.el7.x86_64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.aarch64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.i686",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.ppc64le",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.s390x",
"7Workstation-optional-7.6:openssl-static-1:1.0.2k-16.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service"
}
]
}
rhsa-2019_3933
Vulnerability from csaf_redhat
Published
2019-11-20 16:14
Modified
2025-03-17 00:57
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 7
Notes
Topic
An update is now available for JBoss Core Services on RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737)
* openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734)
* mod_auth_digest: access control bypass due to race condition (CVE-2019-0217)
* openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407)
* mod_session_cookie does not respect expiry time (CVE-2018-17199)
* mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189)
* mod_http2: possible crash on late upgrade (CVE-2019-0197)
* mod_http2: read-after-free on a string compare (CVE-2019-0196)
* nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511)
* nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513)
* mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516)
* mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for JBoss Core Services on RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737)\n* openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734)\n* mod_auth_digest: access control bypass due to race condition (CVE-2019-0217)\n* openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407)\n* mod_session_cookie does not respect expiry time (CVE-2018-17199)\n* mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189)\n* mod_http2: possible crash on late upgrade (CVE-2019-0197)\n* mod_http2: read-after-free on a string compare (CVE-2019-0196)\n* nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511)\n* nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513)\n* mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516)\n* mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3933",
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1568253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568253"
},
{
"category": "external",
"summary": "1644364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644364"
},
{
"category": "external",
"summary": "1645695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645695"
},
{
"category": "external",
"summary": "1668493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493"
},
{
"category": "external",
"summary": "1668497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497"
},
{
"category": "external",
"summary": "1695020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695020"
},
{
"category": "external",
"summary": "1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "1735741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741"
},
{
"category": "external",
"summary": "1741860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741860"
},
{
"category": "external",
"summary": "1741864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864"
},
{
"category": "external",
"summary": "1741868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868"
},
{
"category": "external",
"summary": "JBCS-798",
"url": "https://issues.redhat.com/browse/JBCS-798"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3933.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 7",
"tracking": {
"current_release_date": "2025-03-17T00:57:32+00:00",
"generator": {
"date": "2025-03-17T00:57:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2019:3933",
"initial_release_date": "2019-11-20T16:14:21+00:00",
"revision_history": [
{
"date": "2019-11-20T16:14:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-06T13:04:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-17T00:57:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-20.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-20.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-20.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-63.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-63.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-63.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1-25.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1-25.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1-25.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1-25.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1-25.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1-25.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-48.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-4.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-4.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-4.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-14.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-14.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-14.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-14.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-33.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-33.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-33.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-33.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-33.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.37-33.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-33.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-33.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-33.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-33.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.46-22.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.46-22.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.46-22.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.12-9.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.12-9.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-16.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-16.GA.jbcs.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"product_id": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-20.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-63.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1-25.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-48.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"product_id": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-7.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-4.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"product_id": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-14.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-33.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.46-22.redhat_1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.12-9.Final_redhat_2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-16.GA.jbcs.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-33.jbcs.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0734",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2018-10-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1644364"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing side channel attack in the DSA signature algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0734"
},
{
"category": "external",
"summary": "RHBZ#1644364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0734",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
}
],
"release_date": "2018-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: timing side channel attack in the DSA signature algorithm"
},
{
"cve": "CVE-2018-0737",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2018-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568253"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0737"
},
{
"category": "external",
"summary": "RHBZ#1568253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568253"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2018/04/16/3",
"url": "http://www.openwall.com/lists/oss-security/2018/04/16/3"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20180416.txt",
"url": "https://www.openssl.org/news/secadv/20180416.txt"
}
],
"release_date": "2018-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys"
},
{
"acknowledgments": [
{
"names": [
"Alejandro Cabrera Aldaya"
],
"organization": "Universidad Tecnologica de la Habana CUJAE; Cuba"
},
{
"names": [
"Billy Bob Brumley",
"Cesar Pereida Garcia",
"Sohaib ul Hassan"
]
},
{
"names": [
"Nicola Tuveri"
],
"organization": "Tampere University of Technology; Finland"
}
],
"cve": "CVE-2018-5407",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1645695"
}
],
"notes": [
{
"category": "description",
"text": "A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a timing side-channel flaw on processors which implement SMT/Hyper-Threading architectures. It can result in leakage of secret data in applications such as OpenSSL that has secret dependent control flow at any granularity level. In order to exploit this flaw, the attacker needs to run a malicious process on the same core of the processor as the victim process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5407"
},
{
"category": "external",
"summary": "RHBZ#1645695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5407"
},
{
"category": "external",
"summary": "https://github.com/bbbrumley/portsmash",
"url": "https://github.com/bbbrumley/portsmash"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20181112.txt",
"url": "https://www.openssl.org/news/secadv/20181112.txt"
}
],
"release_date": "2018-10-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"category": "workaround",
"details": "At this time Red Hat Engineering is working on patches for openssl package in Red Hat Enterprise Linux 7 to address this issue. Until fixes are available, users are advised to review the guidance supplied in the L1 Terminal Fault vulnerability article: https://access.redhat.com/security/vulnerabilities/L1TF and decide what their exposure across shared CPU threads are and act accordingly.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)"
},
{
"cve": "CVE-2018-17189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668497"
}
],
"notes": [
{
"category": "description",
"text": "In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: DoS via slow, unneeded request bodies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17189"
},
{
"category": "external",
"summary": "RHBZ#1668497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17189",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189"
}
],
"release_date": "2019-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: DoS via slow, unneeded request bodies"
},
{
"cve": "CVE-2018-17199",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"discovery_date": "2019-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668493"
}
],
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session_cookie does not respect expiry time",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17199"
},
{
"category": "external",
"summary": "RHBZ#1668493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199"
}
],
"release_date": "2019-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session_cookie does not respect expiry time"
},
{
"cve": "CVE-2019-0196",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695030"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: read-after-free on a string compare",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0196"
},
{
"category": "external",
"summary": "RHBZ#1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0196",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: read-after-free on a string compare"
},
{
"cve": "CVE-2019-0197",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695042"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: possible crash on late upgrade",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0197"
},
{
"category": "external",
"summary": "RHBZ#1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0197",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: possible crash on late upgrade"
},
{
"cve": "CVE-2019-0217",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695020"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in mod_auth_digest when the web server was running in a threaded MPM configuration. It could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_auth_digest: access control bypass due to race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the the fact that digest authentication is rarely used in modern day web applications and httpd package shipped with Red Hat products do not ship threaded MPM configuration by default, this flaw has been rated as having Moderate level security impact. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0217"
},
{
"category": "external",
"summary": "RHBZ#1695020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0217"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"category": "workaround",
"details": "This flaw only affects a threaded server configuration, so using the prefork MPM is an effective mitigation. In versions of httpd package shipped with Red Hat Enterprise Linux 7, the prefork MPM is the default configuration.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_auth_digest: access control bypass due to race condition"
},
{
"cve": "CVE-2019-9511",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741860"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: large amount of data requests leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "There are no mitigations available for nghttp2 and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9511"
},
{
"category": "external",
"summary": "RHBZ#1741860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741860"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9511",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: large amount of data requests leads to denial of service"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2019-9513",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1735741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: flood using PRIORITY frames results in excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has no available mitigation for packages nghttp2 and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9513"
},
{
"category": "external",
"summary": "RHBZ#1735741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/",
"url": "https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: flood using PRIORITY frames results in excessive resource consumption"
},
{
"cve": "CVE-2019-9516",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741864"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker, sending a stream of header with a 0-length header name and a 0-length header value, could cause some implementations to allocate memory for these headers and keep the allocations alive until the session dies. The can consume excess memory, potentially leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: 0-length headers lead to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9516"
},
{
"category": "external",
"summary": "RHBZ#1741864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/issues/1382#",
"url": "https://github.com/nghttp2/nghttp2/issues/1382#"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: 0-length headers lead to denial of service"
},
{
"cve": "CVE-2019-9517",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741868"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in HTTP/2. An attacker can open a HTTP/2 window so the peer can send without constraint. The TCP window remains closed so the peer cannot write the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the server\u0027s queue is setup, the responses can consume excess memory, CPU, or both, potentially leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: request for large response leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The package httpd versions as shipped with Red Hat Enterprise Linux 5, 6 and 7 are not affected by this issue as HTTP/2 support is not provided.\nThis flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9517"
},
{
"category": "external",
"summary": "RHBZ#1741868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9517",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:14:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"category": "workaround",
"details": "The httpd version shipped with Red Hat Enterprise Linux 8 provides HTTP/2 support through mod_http2 package. While mod_http2 package is not updated, users can disable HTTP/2 support as mitigation action by executing the following steps:\n\n1. Stop httpd service:\n$ systemctl stop httpd\n\n2. Remove http/2 protocol support from configuration files:\n$ sed -i \u0027s/\\(h2\\)\\|\\(h2c\\)//g\u0027 \u003chttpd_config_file\u003e\n\n3. Validate configuration files to make sure all syntax is valid:\n$ apachectl configtest\n\n4. Restart httpd service:\n$ systemctl start httpd",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: request for large response leads to denial of service"
}
]
}
rhsa-2019_3932
Vulnerability from csaf_redhat
Published
2019-11-20 16:22
Modified
2025-03-17 00:57
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 6
Notes
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) * mod_session_cookie does not respect expiry time (CVE-2018-17199) * mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * mod_http2: possible crash on late upgrade (CVE-2019-0197) * mod_http2: read-after-free on a string compare (CVE-2019-0196) * nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) * mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) * mod_session_cookie does not respect expiry time (CVE-2018-17199) * mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * mod_http2: possible crash on late upgrade (CVE-2019-0197) * mod_http2: read-after-free on a string compare (CVE-2019-0196) * nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) * mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3932",
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1568253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568253"
},
{
"category": "external",
"summary": "1644364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644364"
},
{
"category": "external",
"summary": "1645695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645695"
},
{
"category": "external",
"summary": "1668493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493"
},
{
"category": "external",
"summary": "1668497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497"
},
{
"category": "external",
"summary": "1695020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695020"
},
{
"category": "external",
"summary": "1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "1735741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741"
},
{
"category": "external",
"summary": "1741860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741860"
},
{
"category": "external",
"summary": "1741864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864"
},
{
"category": "external",
"summary": "1741868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868"
},
{
"category": "external",
"summary": "JBCS-798",
"url": "https://issues.redhat.com/browse/JBCS-798"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3932.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 6",
"tracking": {
"current_release_date": "2025-03-17T00:57:39+00:00",
"generator": {
"date": "2025-03-17T00:57:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2019:3932",
"initial_release_date": "2019-11-20T16:22:09+00:00",
"revision_history": [
{
"date": "2019-11-20T16:22:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-06T13:05:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-17T00:57:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"product_id": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-20.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"product_id": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-20.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-20.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-63.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-63.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-63.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1-25.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1-25.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1-25.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1-25.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1-25.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1-25.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-48.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"product_id": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-7.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-7.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-7.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-4.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-4.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-4.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-14.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-14.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-14.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-14.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-33.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-33.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-33.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-33.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-33.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.37-33.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-33.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-33.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-33.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-33.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.12-9.Final_redhat_2.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.12-9.Final_redhat_2.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.46-22.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.46-22.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.46-22.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-16.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-16.GA.jbcs.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-20.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-20.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-20.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-63.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-63.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-63.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1-25.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1-25.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1-25.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1-25.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1-25.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1-25.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-48.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-7.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-7.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-7.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-4.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-4.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-4.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-14.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-14.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-14.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-14.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-33.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-33.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-33.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-33.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-33.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.37-33.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-33.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-33.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-33.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-33.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.12-9.Final_redhat_2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.12-9.Final_redhat_2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.46-22.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.46-22.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.46-22.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-16.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-16.GA.jbcs.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"product_id": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-20.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-63.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1-25.jbcs.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-48.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"product_id": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-7.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-4.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"product_id": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-14.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-33.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.12-9.Final_redhat_2.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.46-22.redhat_1.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-16.GA.jbcs.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-33.jbcs.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0734",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2018-10-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1644364"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing side channel attack in the DSA signature algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0734"
},
{
"category": "external",
"summary": "RHBZ#1644364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0734",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
}
],
"release_date": "2018-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: timing side channel attack in the DSA signature algorithm"
},
{
"cve": "CVE-2018-0737",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2018-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568253"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0737"
},
{
"category": "external",
"summary": "RHBZ#1568253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568253"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2018/04/16/3",
"url": "http://www.openwall.com/lists/oss-security/2018/04/16/3"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20180416.txt",
"url": "https://www.openssl.org/news/secadv/20180416.txt"
}
],
"release_date": "2018-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys"
},
{
"acknowledgments": [
{
"names": [
"Alejandro Cabrera Aldaya"
],
"organization": "Universidad Tecnologica de la Habana CUJAE; Cuba"
},
{
"names": [
"Billy Bob Brumley",
"Cesar Pereida Garcia",
"Sohaib ul Hassan"
]
},
{
"names": [
"Nicola Tuveri"
],
"organization": "Tampere University of Technology; Finland"
}
],
"cve": "CVE-2018-5407",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1645695"
}
],
"notes": [
{
"category": "description",
"text": "A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a timing side-channel flaw on processors which implement SMT/Hyper-Threading architectures. It can result in leakage of secret data in applications such as OpenSSL that has secret dependent control flow at any granularity level. In order to exploit this flaw, the attacker needs to run a malicious process on the same core of the processor as the victim process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5407"
},
{
"category": "external",
"summary": "RHBZ#1645695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5407"
},
{
"category": "external",
"summary": "https://github.com/bbbrumley/portsmash",
"url": "https://github.com/bbbrumley/portsmash"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20181112.txt",
"url": "https://www.openssl.org/news/secadv/20181112.txt"
}
],
"release_date": "2018-10-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"category": "workaround",
"details": "At this time Red Hat Engineering is working on patches for openssl package in Red Hat Enterprise Linux 7 to address this issue. Until fixes are available, users are advised to review the guidance supplied in the L1 Terminal Fault vulnerability article: https://access.redhat.com/security/vulnerabilities/L1TF and decide what their exposure across shared CPU threads are and act accordingly.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)"
},
{
"cve": "CVE-2018-17189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668497"
}
],
"notes": [
{
"category": "description",
"text": "In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: DoS via slow, unneeded request bodies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17189"
},
{
"category": "external",
"summary": "RHBZ#1668497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17189",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189"
}
],
"release_date": "2019-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: DoS via slow, unneeded request bodies"
},
{
"cve": "CVE-2018-17199",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"discovery_date": "2019-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668493"
}
],
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session_cookie does not respect expiry time",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17199"
},
{
"category": "external",
"summary": "RHBZ#1668493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199"
}
],
"release_date": "2019-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session_cookie does not respect expiry time"
},
{
"cve": "CVE-2019-0196",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695030"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: read-after-free on a string compare",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0196"
},
{
"category": "external",
"summary": "RHBZ#1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0196",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: read-after-free on a string compare"
},
{
"cve": "CVE-2019-0197",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695042"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: possible crash on late upgrade",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0197"
},
{
"category": "external",
"summary": "RHBZ#1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0197",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: possible crash on late upgrade"
},
{
"cve": "CVE-2019-0217",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695020"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in mod_auth_digest when the web server was running in a threaded MPM configuration. It could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_auth_digest: access control bypass due to race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the the fact that digest authentication is rarely used in modern day web applications and httpd package shipped with Red Hat products do not ship threaded MPM configuration by default, this flaw has been rated as having Moderate level security impact. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0217"
},
{
"category": "external",
"summary": "RHBZ#1695020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0217"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"category": "workaround",
"details": "This flaw only affects a threaded server configuration, so using the prefork MPM is an effective mitigation. In versions of httpd package shipped with Red Hat Enterprise Linux 7, the prefork MPM is the default configuration.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_auth_digest: access control bypass due to race condition"
},
{
"cve": "CVE-2019-9511",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741860"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: large amount of data requests leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "There are no mitigations available for nghttp2 and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9511"
},
{
"category": "external",
"summary": "RHBZ#1741860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741860"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9511",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: large amount of data requests leads to denial of service"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2019-9513",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1735741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: flood using PRIORITY frames results in excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has no available mitigation for packages nghttp2 and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9513"
},
{
"category": "external",
"summary": "RHBZ#1735741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/",
"url": "https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: flood using PRIORITY frames results in excessive resource consumption"
},
{
"cve": "CVE-2019-9516",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741864"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. An attacker, sending a stream of header with a 0-length header name and a 0-length header value, could cause some implementations to allocate memory for these headers and keep the allocations alive until the session dies. The can consume excess memory, potentially leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: 0-length headers lead to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9516"
},
{
"category": "external",
"summary": "RHBZ#1741864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/issues/1382#",
"url": "https://github.com/nghttp2/nghttp2/issues/1382#"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/",
"url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"category": "workaround",
"details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: 0-length headers lead to denial of service"
},
{
"cve": "CVE-2019-9517",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1741868"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in HTTP/2. An attacker can open a HTTP/2 window so the peer can send without constraint. The TCP window remains closed so the peer cannot write the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the server\u0027s queue is setup, the responses can consume excess memory, CPU, or both, potentially leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: request for large response leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The package httpd versions as shipped with Red Hat Enterprise Linux 5, 6 and 7 are not affected by this issue as HTTP/2 support is not provided.\nThis flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9517"
},
{
"category": "external",
"summary": "RHBZ#1741868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9517",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/605641/",
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
}
],
"release_date": "2019-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-20T16:22:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"category": "workaround",
"details": "The httpd version shipped with Red Hat Enterprise Linux 8 provides HTTP/2 support through mod_http2 package. While mod_http2 package is not updated, users can disable HTTP/2 support as mitigation action by executing the following steps:\n\n1. Stop httpd service:\n$ systemctl stop httpd\n\n2. Remove http/2 protocol support from configuration files:\n$ sed -i \u0027s/\\(h2\\)\\|\\(h2c\\)//g\u0027 \u003chttpd_config_file\u003e\n\n3. Validate configuration files to make sure all syntax is valid:\n$ apachectl configtest\n\n4. Restart httpd service:\n$ systemctl start httpd",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-jansson-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.46-22.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: request for large response leads to denial of service"
}
]
}
gsd-2018-0737
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-0737",
"description": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).",
"id": "GSD-2018-0737",
"references": [
"https://www.suse.com/security/cve/CVE-2018-0737.html",
"https://www.debian.org/security/2018/dsa-4355",
"https://www.debian.org/security/2018/dsa-4348",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2018:3221",
"https://ubuntu.com/security/CVE-2018-0737",
"https://advisories.mageia.org/CVE-2018-0737.html",
"https://security.archlinux.org/CVE-2018-0737",
"https://alas.aws.amazon.com/cve/html/CVE-2018-0737.html",
"https://linux.oracle.com/cve/CVE-2018-0737.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-0737"
],
"details": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).",
"id": "GSD-2018-0737",
"modified": "2023-12-13T01:22:24.770468Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2018-04-16",
"ID": "CVE-2018-0737",
"STATE": "PUBLIC",
"TITLE": "Cache timing vulnerability in RSA Key Generation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_value": "Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h)"
},
{
"version_value": "Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)"
}
]
}
}
]
},
"vendor_name": "OpenSSL"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)."
}
]
},
"impact": [
{
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Constant time issue"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"name": "DSA-4355",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"name": "USN-3628-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3628-2/"
},
{
"name": "GLSA-201811-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-21"
},
{
"name": "USN-3692-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3692-2/"
},
{
"name": "RHSA-2018:3505",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name": "103766",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103766"
},
{
"name": "USN-3692-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3692-1/"
},
{
"name": "RHSA-2018:3221",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"name": "DSA-4348",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"name": "1040685",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040685"
},
{
"name": "USN-3628-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3628-1/"
},
{
"name": "FEDORA-2019-db06efdea1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"
},
{
"name": "FEDORA-2019-00c25b9379",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"
},
{
"name": "FEDORA-2019-9a0a7c0986",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"
},
{
"name": "RHSA-2019:3933",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"name": "RHSA-2019:3935",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"name": "RHSA-2019:3932",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "https://www.tenable.com/security/tns-2018-14",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"name": "https://www.tenable.com/security/tns-2018-13",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"name": "https://www.tenable.com/security/tns-2018-17",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"name": "https://www.tenable.com/security/tns-2018-12",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787"
},
{
"name": "https://www.openssl.org/news/secadv/20180416.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20180416.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0003/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.2o",
"versionStartIncluding": "1.0.2b",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.0h",
"versionStartIncluding": "1.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"ID": "CVE-2018-0737"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openssl.org/news/secadv/20180416.txt",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20180416.txt"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f"
},
{
"name": "1040685",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040685"
},
{
"name": "103766",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103766"
},
{
"name": "USN-3628-2",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3628-2/"
},
{
"name": "USN-3628-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3628-1/"
},
{
"name": "USN-3692-2",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3692-2/"
},
{
"name": "USN-3692-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3692-1/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0003/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20180726-0003/"
},
{
"name": "[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"name": "https://www.tenable.com/security/tns-2018-12",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133",
"refsource": "CONFIRM",
"tags": [],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.tenable.com/security/tns-2018-14",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"name": "https://www.tenable.com/security/tns-2018-13",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"name": "RHSA-2018:3221",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"name": "RHSA-2018:3505",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name": "GLSA-201811-21",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201811-21"
},
{
"name": "DSA-4348",
"refsource": "DEBIAN",
"tags": [],
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"name": "DSA-4355",
"refsource": "DEBIAN",
"tags": [],
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"name": "https://www.tenable.com/security/tns-2018-17",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"tags": [],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"tags": [],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "FEDORA-2019-db06efdea1",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"
},
{
"name": "FEDORA-2019-00c25b9379",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"
},
{
"name": "FEDORA-2019-9a0a7c0986",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"
},
{
"name": "RHSA-2019:3935",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"name": "RHSA-2019:3933",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"name": "RHSA-2019:3932",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-07-20T23:15Z",
"publishedDate": "2018-04-16T18:29Z"
}
}
}
wid-sec-w-2024-0204
Vulnerability from csaf_certbund
Published
2018-04-16 22:00
Modified
2024-06-03 22:00
Summary
OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Appliance
- Juniper Appliance
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "niedrig"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Juniper Appliance\n- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0204 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2024-0204.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0204 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0204"
},
{
"category": "external",
"summary": "OpenSSL Security Advisory vom 2018-04-16",
"url": "http://www.openssl.org/news/secadv/20180416.txt"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3692-1 vom 2018-06-27",
"url": "http://www.ubuntu.com/usn/usn-3692-2"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20180726-0003 vom 2018-07-27",
"url": "https://security.netapp.com/advisory/ntap-20180726-0003/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2486-1 vom 2018-08-24",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182486-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2492-1 vom 2018-08-24",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182492-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2545-1 vom 2018-08-29",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182545-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2683-1 vom 2018-09-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182683-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2928-1 vom 2018-09-28",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182928-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2965-1 vom 2018-10-02",
"url": "http://www.auscert.org.au/bulletins/69130"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisory",
"url": "https://securityadvisories.paloaltonetworks.com/(X(1)S(ail5o3zckluehpmm4upvcd2c))/Home/Detail/133"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4248 vom 2018-10-13",
"url": "http://linux.oracle.com/errata/ELSA-2018-4248.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4249 vom 2018-10-13",
"url": "http://linux.oracle.com/errata/ELSA-2018-4249.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4254 vom 2018-10-16",
"url": "http://linux.oracle.com/errata/ELSA-2018-4254.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4253 vom 2018-10-16",
"url": "http://linux.oracle.com/errata/ELSA-2018-4253.html"
},
{
"category": "external",
"summary": "Tenable Security Advisory ID:TNS-2018-14",
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:3221 vom 2018-10-31",
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-3221 vom 2018-11-06",
"url": "http://linux.oracle.com/errata/ELSA-2018-3221.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4267 vom 2018-11-07",
"url": "http://linux.oracle.com/errata/ELSA-2018-4267.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3864-1 vom 2018-11-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183864-1.html"
},
{
"category": "external",
"summary": "GENTOO Security Advisory GLSA201811-21 vom 2018-11-29",
"url": "https://security.gentoo.org/glsa/201811-21"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4348 vom 2018-12-01",
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:0197-1 vom 2019-01-30",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190197-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13",
"url": "http://linux.oracle.com/errata/ELSA-2019-4581.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3864-2 vom 2019-04-28",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20183864-2.html"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA10990 vom 2020-01-08",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10990\u0026actp=RSS"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:1553-1 vom 2019-06-19",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191553-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-2471 vom 2019-08-14",
"url": "http://linux.oracle.com/errata/ELSA-2019-2471.html"
},
{
"category": "external",
"summary": "Oraclevm-errata OVMSA-2019-0040 vom 2019-08-15",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2019-August/000956.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4747 vom 2019-08-16",
"url": "http://linux.oracle.com/errata/ELSA-2019-4747.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3932 vom 2019-11-20",
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3933 vom 2019-11-20",
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3935 vom 2019-11-20",
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"category": "external",
"summary": "Pulse Secure Security Advisory SA44073 vom 2020-06-23",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44073-2019-03-Security-Bulletin-Multiple-vulnerabilities-resolved-in-Pulse-Connect-Secure-Pulse-Policy-Secure-Pulse-Secure-Desktop-9-0R4-8-3R7/?kA23Z000000KBrjSAG="
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9150 vom 2021-04-01",
"url": "https://linux.oracle.com/errata/ELSA-2021-9150.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9272 vom 2022-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2022-9272.html"
},
{
"category": "external",
"summary": "Dell Knowledge Base Article",
"url": "https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities"
},
{
"category": "external",
"summary": "SolarWinds Platform 2024.2 release notes vom 2024-06-04",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-2_release_notes.htm"
}
],
"source_lang": "en-US",
"title": "OpenSSL: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen",
"tracking": {
"current_release_date": "2024-06-03T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:04:17.856+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0204",
"initial_release_date": "2018-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2018-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2018-04-16T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-06-26T22:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2018-07-26T22:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2018-07-26T22:00:00.000+00:00",
"number": "5",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-07-26T22:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-07-26T22:00:00.000+00:00",
"number": "7",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-23T22:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2018-08-26T22:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2018-08-28T22:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2018-09-10T22:00:00.000+00:00",
"number": "11",
"summary": "New remediations available"
},
{
"date": "2018-09-23T22:00:00.000+00:00",
"number": "12",
"summary": "Added references"
},
{
"date": "2018-09-30T22:00:00.000+00:00",
"number": "13",
"summary": "New remediations available"
},
{
"date": "2018-10-01T22:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2018-10-11T22:00:00.000+00:00",
"number": "15",
"summary": "New remediations available"
},
{
"date": "2018-10-14T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2018-10-15T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2018-10-23T22:00:00.000+00:00",
"number": "18",
"summary": "New remediations available"
},
{
"date": "2018-10-28T23:00:00.000+00:00",
"number": "19",
"summary": "New remediations available"
},
{
"date": "2018-10-30T23:00:00.000+00:00",
"number": "20",
"summary": "New remediations available"
},
{
"date": "2018-11-05T23:00:00.000+00:00",
"number": "21",
"summary": "New remediations available"
},
{
"date": "2018-11-06T23:00:00.000+00:00",
"number": "22",
"summary": "New remediations available"
},
{
"date": "2018-11-22T23:00:00.000+00:00",
"number": "23",
"summary": "New remediations available"
},
{
"date": "2018-11-28T23:00:00.000+00:00",
"number": "24",
"summary": "New remediations available"
},
{
"date": "2018-12-02T23:00:00.000+00:00",
"number": "25",
"summary": "New remediations available"
},
{
"date": "2019-01-29T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-02-28T23:00:00.000+00:00",
"number": "27",
"summary": "Referenz aufgenommen:"
},
{
"date": "2019-03-13T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-04-28T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-06-18T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-08-13T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-08-15T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Oracle"
},
{
"date": "2019-08-18T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-09-10T22:00:00.000+00:00",
"number": "34",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-9A0A7C0986, FEDORA-2019-00C25B9379"
},
{
"date": "2019-09-11T22:00:00.000+00:00",
"number": "35",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-DB06EFDEA1"
},
{
"date": "2019-11-20T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-01-08T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2020-06-23T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Pulse Secure aufgenommen"
},
{
"date": "2021-03-31T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-04-10T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-01-25T23:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-06-03T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "42"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.10",
"product": {
"name": "Dell NetWorker \u003c19.10",
"product_id": "T032354"
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp OnCommand Unified Manager",
"product": {
"name": "NetApp OnCommand Unified Manager",
"product_id": "T009408",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:oncommand_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.1.0i",
"product": {
"name": "Open Source OpenSSL \u003c1.1.0i",
"product_id": "T012063"
}
},
{
"category": "product_version_range",
"name": "\u003c1.0.2p",
"product": {
"name": "Open Source OpenSSL \u003c1.0.2p",
"product_id": "T012064"
}
}
],
"category": "product_name",
"name": "OpenSSL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"category": "product_name",
"name": "Oracle VM",
"product": {
"name": "Oracle VM",
"product_id": "T011119",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.1.4",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c8.1.4",
"product_id": "T012878"
}
}
],
"category": "product_name",
"name": "PAN-OS"
}
],
"category": "vendor",
"name": "PaloAlto Networks"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024.2",
"product": {
"name": "SolarWinds Platform \u003c2024.2",
"product_id": "T035149"
}
}
],
"category": "product_name",
"name": "Platform"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8",
"product": {
"name": "Tenable Security Nessus \u003c8",
"product_id": "T012985"
}
}
],
"category": "product_name",
"name": "Nessus"
}
],
"category": "vendor",
"name": "Tenable Security"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0737",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSL im Algorithmus der RSA Schl\u00fcsselgenerierung. Ein lokaler Angreifer kann unter bestimmten Umst\u00e4nden \u00fcber einen Seiten Kanal Angriff w\u00e4hrend der Schl\u00fcsselgenerierung den privaten Schl\u00fcssel offenlegen."
}
],
"product_status": {
"known_affected": [
"T011119",
"T035149",
"2951",
"T002207",
"T009408",
"67646",
"T000126",
"5930",
"T004914",
"T032354"
]
},
"release_date": "2018-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0737"
}
]
}
ghsa-rj52-j648-hww8
Vulnerability from github
Published
2022-05-13 01:08
Modified
2022-05-13 01:08
Severity ?
Details
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
{
"affected": [],
"aliases": [
"CVE-2018-0737"
],
"database_specific": {
"cwe_ids": [
"CWE-327"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-16T18:29:00Z",
"severity": "MODERATE"
},
"details": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).",
"id": "GHSA-rj52-j648-hww8",
"modified": "2022-05-13T01:08:24Z",
"published": "2022-05-13T01:08:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0737"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3628-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3628-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3692-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3692-2"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"type": "WEB",
"url": "https://www.openssl.org/news/secadv/20180416.txt"
},
{
"type": "WEB",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2018-13"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2018-14"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"type": "WEB",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180726-0003"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201811-21"
},
{
"type": "WEB",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html"
},
{
"type": "WEB",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787"
},
{
"type": "WEB",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3935"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3933"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3932"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:3221"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103766"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040685"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.