Action not permitted
Modal body text goes here.
cve-2017-3738
Vulnerability from cvelistv5
Published
2017-12-07 16:00
Modified
2024-09-16 18:34
Severity ?
EPSS score ?
Summary
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| OpenSSL Software Foundation | OpenSSL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-07"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-04"
},
{
"name": "RHSA-2018:2185",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"name": "RHSA-2018:2186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "FreeBSD-SA-17:12",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc"
},
{
"name": "GLSA-201712-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201712-03"
},
{
"name": "1039978",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039978"
},
{
"name": "DSA-4157",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4157"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"name": "RHSA-2018:0998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-06"
},
{
"name": "DSA-4065",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "102118",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102118"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2017-16"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us"
},
{
"name": "RHSA-2018:2187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171208-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.0.2-1.02m"
},
{
"status": "affected",
"version": "1.1.0-1.1.0g"
}
]
}
],
"datePublic": "2017-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "carry-propagating bug",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-23T22:31:33",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-07"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-04"
},
{
"name": "RHSA-2018:2185",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"name": "RHSA-2018:2186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "FreeBSD-SA-17:12",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc"
},
{
"name": "GLSA-201712-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201712-03"
},
{
"name": "1039978",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039978"
},
{
"name": "DSA-4157",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4157"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"name": "RHSA-2018:0998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-06"
},
{
"name": "DSA-4065",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "102118",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102118"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2017-16"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us"
},
{
"name": "RHSA-2018:2187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171208-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2017-12-07T00:00:00",
"ID": "CVE-2017-3738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_value": "1.0.2-1.02m"
},
{
"version_value": "1.1.0-1.1.0g"
}
]
}
}
]
},
"vendor_name": "OpenSSL Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "carry-propagating bug"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/tns-2018-07",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-07"
},
{
"name": "https://www.tenable.com/security/tns-2018-04",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-04"
},
{
"name": "RHSA-2018:2185",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"name": "RHSA-2018:2186",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "FreeBSD-SA-17:12",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc"
},
{
"name": "GLSA-201712-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201712-03"
},
{
"name": "1039978",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039978"
},
{
"name": "DSA-4157",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4157"
},
{
"name": "https://www.openssl.org/news/secadv/20171207.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"name": "RHSA-2018:0998",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a",
"refsource": "MISC",
"url": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a"
},
{
"name": "https://www.tenable.com/security/tns-2018-06",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-06"
},
{
"name": "DSA-4065",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "102118",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102118"
},
{
"name": "https://www.tenable.com/security/tns-2017-16",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2017-16"
},
{
"name": "https://www.openssl.org/news/secadv/20180327.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us"
},
{
"name": "RHSA-2018:2187",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171208-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171208-0001/"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2017-3738",
"datePublished": "2017-12-07T16:00:00Z",
"dateReserved": "2016-12-16T00:00:00",
"dateUpdated": "2024-09-16T18:34:25.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3738\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2017-12-07T16:29:00.240\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.\"},{\"lang\":\"es\",\"value\":\"Existe un error de desbordamiento en el procedimiento de multiplicaci\u00f3n AVX2 Montgomery empleado en la exponenciaci\u00f3n con m\u00f3dulos de 1024 bits. Los algoritmos EC no se han visto afectados. Los an\u00e1lisis sugieren que los ataques contra RSA y DSA como resultado de este defecto ser\u00edan muy dif\u00edciles de realizar y se cree que son improbables. Los ataques contra DH102 se consideran solo posibles, ya que la mayor parte del trabajo necesario para deducir informaci\u00f3n sobre una clave privada puede realizarse sin conexi\u00f3n. La cantidad de recursos necesarios para realizar tal ataque ser\u00eda significativa. Sin embargo, para que un ataque sobre TLS sea significativo, el servidor tendr\u00eda que compartir la clave privada DH1024 entre m\u00faltiples clientes, lo que ya no es una opci\u00f3n desde CVE-2016-0701. Esto solo afecta a procesadores compatibles con la extensi\u00f3n AVX2, pero no la ADX, como Intel Haswell (cuarta generaci\u00f3n). Nota: El impacto de este problema es similar a CVE-2017-3736, CVE-2017-3732 y CVE-2015-3193. Se han visto afectadas las versiones 1.0.2-1.0.2m y 1.1.0-1.1.0g de OpenSSL. Se ha solucionado en OpenSSL 1.0.2n. Debido a la baja gravedad de este problema, no se va a lanzar una nueva versi\u00f3n de OpenSSL 1.1.0 en este momento. La correcci\u00f3n se aplicar\u00e1 en OpenSSL 1.1.0h cuando est\u00e9 disponible. La correcci\u00f3n tambi\u00e9n estar\u00e1 disponible en el commit con ID e502cc86d en el repositorio Git de OpenSSL.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"18797BEE-417D-4959-9AAD-C5A7C051B524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAA3C31-BD9D-45A9-A502-837FECA6D479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6455A421-9956-4846-AC7C-3431E0D37D23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60F946FD-F564-49DA-B043-5943308BA9EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B89180B-FB68-4DD8-B076-16E51CC7FB91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C986592-4086-4A39-9767-EF34DBAA6A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B23181C-03DB-4E92-B3F6-6B585B5231B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94D9EC1C-4843-4026-9B05-E060E9391734\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B066401C-21CF-4BE9-9C55-C9F1E0C7BE3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036FB24F-7D86-4730-8BC9-722875BEC807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDF148A3-1AA7-4F27-85AB-414C609C626F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E15B749E-6808-4788-AE42-7A1587D8697E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58F80C8D-BCA2-40AD-BD22-B70C7BE1B298\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B78EDF-6BB7-42C4-9423-9332C62C6E43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2354F82-A01B-43D2-84F4-4E94B258E091\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73104834-5810-48DD-9B97-549D223853F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9D7A18A-116B-4F68-BEA3-A4E9DDDA55C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFC70262-0DCD-4B46-9C96-FD18D0207511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2E07A34-08A0-4765-AF81-46A3BDC5648A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.1.0d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83B0A3D8-60C7-4F42-9DD6-C535F983D98B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.1.0e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD08E859-BB6D-4909-A873-C2609FA2821A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.1.0f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2BF7D67-EAF4-4D01-9185-0DB69F2C543B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.1.0g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"179144A7-D263-4BD8-A019-35DE39C777FC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.1.2\",\"matchCriteriaId\":\"A47FC4F7-1F77-4314-B4B3-3C5D8E335379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.8.7\",\"matchCriteriaId\":\"3818E441-8DC4-42E6-8D11-E58D195CBE8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndIncluding\":\"6.8.1\",\"matchCriteriaId\":\"D107EC29-67E7-40C3-8E5A-324C9105C5E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"6.9.0\",\"versionEndExcluding\":\"6.12.2\",\"matchCriteriaId\":\"BEA03114-7288-4E7C-9220-C0ABCD5F0389\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.8.1\",\"matchCriteriaId\":\"74FB695D-2C76-47AB-988E-5629D2E695E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"8.9.0\",\"versionEndExcluding\":\"8.9.3\",\"matchCriteriaId\":\"C45E9D50-CD3D-480B-B9B8-451ADFF26505\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.2.1\",\"matchCriteriaId\":\"82FDBB10-3298-4C9A-9CC0-D34643AEC868\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102118\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039978\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0998\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2185\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2186\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2187\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201712-03\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20171208-0001/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2017/dsa-4065\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4157\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20171207.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20180327.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2017-16\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-04\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-06\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-07\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102118\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039978\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2185\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2186\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2187\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201712-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20171208-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2017/dsa-4065\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4157\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20171207.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20180327.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2017-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2018-07\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
wid-sec-w-2023-1594
Vulnerability from csaf_certbund
Published
2023-06-28 22:00
Modified
2023-06-28 22:00
Summary
IBM Tivoli Network Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Tivoli Network Manager ist eine Netzanalysesoftware f\u00fcr das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1594 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1594.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1594 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1594"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/885316"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/884276"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/883428"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/883424"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882926"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882898"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882888"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880403"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880401"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880395"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/879855"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/879841"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870546"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870526"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870508"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870504"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870500"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870498"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/743933"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739297"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739271"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739249"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739247"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739245"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739243"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/738231"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/731931"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730883"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730871"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730845"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730835"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730171"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720307"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720283"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720265"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/718745"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717345"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717335"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717327"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717007"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/716573"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/712213"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/712199"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/570557"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569765"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569727"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569717"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/305321"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/304091"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/304089"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/303663"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/303657"
}
],
"source_lang": "en-US",
"title": "IBM Tivoli Network Manager: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-28T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:53:31.776+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1594",
"initial_release_date": "2023-06-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 5",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 5",
"product_id": "T028343",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_5"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9",
"product_id": "T028344",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.1.1",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.1.1",
"product_id": "T028345",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.1.1"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.2",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.2",
"product_id": "T028346",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.2"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.4",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.4",
"product_id": "T028347",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.4"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.5",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.5",
"product_id": "T028348",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.5"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 4",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 4",
"product_id": "T028349",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_4"
}
}
}
],
"category": "product_name",
"name": "Tivoli Network Manager"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-4046",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-4046"
},
{
"cve": "CVE-2019-4030",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-4030"
},
{
"cve": "CVE-2019-2684",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2684"
},
{
"cve": "CVE-2019-2602",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2602"
},
{
"cve": "CVE-2019-2537",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2537"
},
{
"cve": "CVE-2019-2534",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2534"
},
{
"cve": "CVE-2019-2531",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2531"
},
{
"cve": "CVE-2019-2529",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2529"
},
{
"cve": "CVE-2019-2503",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2503"
},
{
"cve": "CVE-2019-2482",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2482"
},
{
"cve": "CVE-2019-2481",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2481"
},
{
"cve": "CVE-2019-2455",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2455"
},
{
"cve": "CVE-2019-1559",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-1559"
},
{
"cve": "CVE-2019-0220",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-0220"
},
{
"cve": "CVE-2018-8039",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-8039"
},
{
"cve": "CVE-2018-5407",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-5407"
},
{
"cve": "CVE-2018-3282",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3282"
},
{
"cve": "CVE-2018-3278",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3278"
},
{
"cve": "CVE-2018-3276",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3276"
},
{
"cve": "CVE-2018-3251",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3251"
},
{
"cve": "CVE-2018-3247",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3247"
},
{
"cve": "CVE-2018-3174",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3174"
},
{
"cve": "CVE-2018-3156",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3156"
},
{
"cve": "CVE-2018-3143",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3143"
},
{
"cve": "CVE-2018-3123",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3123"
},
{
"cve": "CVE-2018-3084",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3084"
},
{
"cve": "CVE-2018-3082",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3082"
},
{
"cve": "CVE-2018-3081",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3081"
},
{
"cve": "CVE-2018-3080",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3080"
},
{
"cve": "CVE-2018-3079",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3079"
},
{
"cve": "CVE-2018-3078",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3078"
},
{
"cve": "CVE-2018-3077",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3077"
},
{
"cve": "CVE-2018-3075",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3075"
},
{
"cve": "CVE-2018-3074",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3074"
},
{
"cve": "CVE-2018-3073",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3073"
},
{
"cve": "CVE-2018-3071",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3071"
},
{
"cve": "CVE-2018-3070",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3070"
},
{
"cve": "CVE-2018-3067",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3067"
},
{
"cve": "CVE-2018-3066",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3066"
},
{
"cve": "CVE-2018-3065",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3065"
},
{
"cve": "CVE-2018-3064",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3064"
},
{
"cve": "CVE-2018-3063",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3063"
},
{
"cve": "CVE-2018-3062",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3062"
},
{
"cve": "CVE-2018-3061",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3061"
},
{
"cve": "CVE-2018-3060",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3060"
},
{
"cve": "CVE-2018-3058",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3058"
},
{
"cve": "CVE-2018-3056",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3056"
},
{
"cve": "CVE-2018-3054",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3054"
},
{
"cve": "CVE-2018-2877",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2877"
},
{
"cve": "CVE-2018-2846",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2846"
},
{
"cve": "CVE-2018-2839",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2839"
},
{
"cve": "CVE-2018-2819",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2819"
},
{
"cve": "CVE-2018-2818",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2818"
},
{
"cve": "CVE-2018-2817",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2817"
},
{
"cve": "CVE-2018-2816",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2816"
},
{
"cve": "CVE-2018-2813",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2813"
},
{
"cve": "CVE-2018-2812",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2812"
},
{
"cve": "CVE-2018-2810",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2810"
},
{
"cve": "CVE-2018-2805",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2805"
},
{
"cve": "CVE-2018-2787",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2787"
},
{
"cve": "CVE-2018-2786",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2786"
},
{
"cve": "CVE-2018-2784",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2784"
},
{
"cve": "CVE-2018-2782",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2782"
},
{
"cve": "CVE-2018-2781",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2781"
},
{
"cve": "CVE-2018-2780",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2780"
},
{
"cve": "CVE-2018-2779",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2779"
},
{
"cve": "CVE-2018-2778",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2778"
},
{
"cve": "CVE-2018-2777",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2777"
},
{
"cve": "CVE-2018-2776",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2776"
},
{
"cve": "CVE-2018-2775",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2775"
},
{
"cve": "CVE-2018-2773",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2773"
},
{
"cve": "CVE-2018-2771",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2771"
},
{
"cve": "CVE-2018-2769",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2769"
},
{
"cve": "CVE-2018-2766",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2766"
},
{
"cve": "CVE-2018-2762",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2762"
},
{
"cve": "CVE-2018-2761",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2761"
},
{
"cve": "CVE-2018-2759",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2759"
},
{
"cve": "CVE-2018-2758",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2758"
},
{
"cve": "CVE-2018-2755",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2755"
},
{
"cve": "CVE-2018-2598",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2598"
},
{
"cve": "CVE-2018-1996",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1996"
},
{
"cve": "CVE-2018-1926",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1926"
},
{
"cve": "CVE-2018-1904",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1904"
},
{
"cve": "CVE-2018-1902",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1902"
},
{
"cve": "CVE-2018-1901",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1901"
},
{
"cve": "CVE-2018-1798",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1798"
},
{
"cve": "CVE-2018-1797",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1797"
},
{
"cve": "CVE-2018-1794",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1794"
},
{
"cve": "CVE-2018-1793",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1793"
},
{
"cve": "CVE-2018-1777",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1777"
},
{
"cve": "CVE-2018-1770",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1770"
},
{
"cve": "CVE-2018-1767",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1767"
},
{
"cve": "CVE-2018-1719",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1719"
},
{
"cve": "CVE-2018-1695",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1695"
},
{
"cve": "CVE-2018-1656",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1656"
},
{
"cve": "CVE-2018-1643",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1643"
},
{
"cve": "CVE-2018-1621",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1621"
},
{
"cve": "CVE-2018-1614",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1614"
},
{
"cve": "CVE-2018-1567",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1567"
},
{
"cve": "CVE-2018-1447",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1447"
},
{
"cve": "CVE-2018-1428",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1428"
},
{
"cve": "CVE-2018-1427",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1427"
},
{
"cve": "CVE-2018-1426",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1426"
},
{
"cve": "CVE-2018-1301",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1301"
},
{
"cve": "CVE-2018-12539",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-12539"
},
{
"cve": "CVE-2018-10237",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-10237"
},
{
"cve": "CVE-2018-0734",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-0734"
},
{
"cve": "CVE-2018-0732",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2017-9798",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-9798"
},
{
"cve": "CVE-2017-3738",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3738"
},
{
"cve": "CVE-2017-3737",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3737"
},
{
"cve": "CVE-2017-3736",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3736"
},
{
"cve": "CVE-2017-3735",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3735"
},
{
"cve": "CVE-2017-3732",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3732"
},
{
"cve": "CVE-2017-1743",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1743"
},
{
"cve": "CVE-2017-1741",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1741"
},
{
"cve": "CVE-2017-1731",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1731"
},
{
"cve": "CVE-2017-1681",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1681"
},
{
"cve": "CVE-2017-15715",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-15715"
},
{
"cve": "CVE-2017-15710",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-15710"
},
{
"cve": "CVE-2017-12624",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12624"
},
{
"cve": "CVE-2017-12618",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12618"
},
{
"cve": "CVE-2017-12613",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12613"
},
{
"cve": "CVE-2016-0705",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0705"
},
{
"cve": "CVE-2016-0702",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0702"
},
{
"cve": "CVE-2016-0701",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0701"
},
{
"cve": "CVE-2015-0899",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2015-0899"
},
{
"cve": "CVE-2014-7810",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2014-7810"
},
{
"cve": "CVE-2012-5783",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2012-5783"
}
]
}
wid-sec-w-2024-0205
Vulnerability from csaf_certbund
Published
2017-12-07 23:00
Modified
2024-01-25 23:00
Summary
OpenSSL: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0205 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2024-0205.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0205 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0205"
},
{
"category": "external",
"summary": "OpenSSL Security Advisory vom 2017-12-07",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20171208-0001 vom 2017-12-09",
"url": "https://security.netapp.com/advisory/ntap-20171208-0001/"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-17:12.OPENSSL vom 2017-12-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3512-1 vom 2017-12-12",
"url": "http://www.ubuntu.com/usn/usn-3512-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:3343-1 vom 2017-12-16",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173343-1.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4065 vom 2017-12-17",
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:0002-1 vom 2018-01-02",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180002-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:0293-1 vom 2018-01-30",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180293-1.html"
},
{
"category": "external",
"summary": "OpenSSL Security Advisory vom 2018-03-27",
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4157 vom 2018-03-30",
"url": "https://www.debian.org/security/2018/dsa-4157"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA10851 vom 2018-04-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10851"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4077 vom 2018-04-19",
"url": "http://linux.oracle.com/errata/ELSA-2018-4077.html"
},
{
"category": "external",
"summary": "McAfee Security Bulletin",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10220"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2185 vom 2018-07-13",
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"category": "external",
"summary": "Hitachi Security Information hitachi-sec-2018-124",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2018-124/index.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13",
"url": "http://linux.oracle.com/errata/ELSA-2019-4581.html"
},
{
"category": "external",
"summary": "Dell Knowledge Base Article",
"url": "https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "OpenSSL: Mehrere Schwachstellen erm\u00f6glichen Umgehen von Sicherheitsvorkehrungen",
"tracking": {
"current_release_date": "2024-01-25T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:04:18.349+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0205",
"initial_release_date": "2017-12-07T23:00:00.000+00:00",
"revision_history": [
{
"date": "2017-12-07T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2017-12-07T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-12-10T23:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2017-12-11T23:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2017-12-14T23:00:00.000+00:00",
"number": "5",
"summary": "Added references"
},
{
"date": "2018-01-02T23:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2018-01-02T23:00:00.000+00:00",
"number": "7",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-01-30T23:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2018-01-30T23:00:00.000+00:00",
"number": "9",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-04-02T22:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2018-04-12T22:00:00.000+00:00",
"number": "11",
"summary": "New remediations available"
},
{
"date": "2018-04-12T22:00:00.000+00:00",
"number": "12",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-04-18T22:00:00.000+00:00",
"number": "13",
"summary": "New remediations available"
},
{
"date": "2018-07-11T22:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2018-07-12T22:00:00.000+00:00",
"number": "15",
"summary": "New remediations available"
},
{
"date": "2018-08-07T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2018-08-07T22:00:00.000+00:00",
"number": "17",
"summary": "Version nicht vorhanden"
},
{
"date": "2019-03-13T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-01-25T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "19"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell NetWorker \u003c 19.10",
"product": {
"name": "Dell NetWorker \u003c 19.10",
"product_id": "T032354",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.10"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Command Suite",
"product": {
"name": "Hitachi Command Suite",
"product_id": "T010951",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:command_suite:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp OnCommand Unified Manager",
"product": {
"name": "NetApp OnCommand Unified Manager",
"product_id": "T009408",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:oncommand_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source OpenSSL \u003c 1.1.0h",
"product": {
"name": "Open Source OpenSSL \u003c 1.1.0h",
"product_id": "T011392",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.1.0h"
}
}
},
{
"category": "product_name",
"name": "Open Source OpenSSL \u003c 1.0.2n",
"product": {
"name": "Open Source OpenSSL \u003c 1.0.2n",
"product_id": "T011393",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.2n"
}
}
}
],
"category": "product_name",
"name": "OpenSSL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3737",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSL. Die Schwachstelle beruht auf einer unzureichenden Behandlung von Fehlern der bei einem Handshake auftritt. Wenn nach Auftreten des Fehlers eine Anwendung die Funktionen SSL_read() oder SSL_write() direkt aufruft, ist es m\u00f6glich, das die Verschl\u00fcsselungsmechanismen nicht korrekt arbeiten. Ein Angreifer kann dieses nutzen und Sicherheitsmechanismen umgehen. OpenSSL 1.1.0 ist von dieser Schwachstelle nicht betroffen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"T009408",
"67646",
"4035",
"T000126",
"T010951",
"5930",
"T004914",
"T032354"
]
},
"release_date": "2017-12-07T23:00:00.000+00:00",
"title": "CVE-2017-3737"
},
{
"cve": "CVE-2017-3738",
"notes": [
{
"category": "description",
"text": "Es existiert eine Puffer\u00fcberlauf Schwachstelle in OpenSSL. Die Schwachstelle besteht in der Prozedur der AVX2 Montgomery Multiplikation. Ein Angreifer kann dieses nutzen und Zugriff auf TLS gesch\u00fctzte Kommunikation erlangen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"T009408",
"67646",
"4035",
"T000126",
"T010951",
"5930",
"T004914",
"T032354"
]
},
"release_date": "2017-12-07T23:00:00.000+00:00",
"title": "CVE-2017-3738"
}
]
}
rhsa-2018_2185
Vulnerability from csaf_redhat
Published
2018-07-12 16:14
Modified
2024-09-13 14:43
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.29 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this release as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.29 packages that are part
of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes,
enhancements and component upgrades included in this release.
This release upgrades OpenSSL to version 1.0.2.n
Security Fix(es):
* openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() (CVE-2016-2182)
* openssl: Insufficient TLS session ticket HMAC length checks (CVE-2016-6302)
* openssl: certificate message OOB reads (CVE-2016-6306)
* openssl: Carry propagating bug in Montgomery multiplication (CVE-2016-7055)
* openssl: Truncated packet could crash via OOB read (CVE-2017-3731)
* openssl: BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* openssl: Read/write after SSL object in error state (CVE-2017-3737)
* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6306
and CVE-2016-7055. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6306.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Pack Apache Server 2.4.29 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this release as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.29 packages that are part\nof the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes,\nenhancements and component upgrades included in this release.\n\nThis release upgrades OpenSSL to version 1.0.2.n\n\nSecurity Fix(es):\n\n* openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() (CVE-2016-2182)\n\n* openssl: Insufficient TLS session ticket HMAC length checks (CVE-2016-6302)\n\n* openssl: certificate message OOB reads (CVE-2016-6306)\n\n* openssl: Carry propagating bug in Montgomery multiplication (CVE-2016-7055)\n\n* openssl: Truncated packet could crash via OOB read (CVE-2017-3731)\n\n* openssl: BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)\n\n* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)\n\n* openssl: Read/write after SSL object in error state (CVE-2017-3737)\n\n* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6306 \nand CVE-2016-7055. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6306.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2185",
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/"
},
{
"category": "external",
"summary": "1367340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367340"
},
{
"category": "external",
"summary": "1369855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369855"
},
{
"category": "external",
"summary": "1377594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377594"
},
{
"category": "external",
"summary": "1393929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393929"
},
{
"category": "external",
"summary": "1416852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416852"
},
{
"category": "external",
"summary": "1416856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416856"
},
{
"category": "external",
"summary": "1509169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509169"
},
{
"category": "external",
"summary": "1523504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523504"
},
{
"category": "external",
"summary": "1523510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523510"
},
{
"category": "external",
"summary": "JBCS-373",
"url": "https://issues.redhat.com/browse/JBCS-373"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2018/rhsa-2018_2185.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update",
"tracking": {
"current_release_date": "2024-09-13T14:43:19+00:00",
"generator": {
"date": "2024-09-13T14:43:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2018:2185",
"initial_release_date": "2018-07-12T16:14:46+00:00",
"revision_history": [
{
"date": "2018-07-12T16:14:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-12T16:14:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T14:43:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_rt-debuginfo@2.4.1-19.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_rt@2.4.1-19.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-17.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-17.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_auth_kerb@5.4-36.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_auth_kerb-debuginfo@5.4-36.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.43-1.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.43-1.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.43-1.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-14.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-14.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-14.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-9.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2n-11.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2n-11.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2n-11.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2n-11.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2n-11.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2n-11.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.29.0-8.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.29.0-8.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.29.0-8.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.1-23.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.1-23.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.29-17.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.29-17.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.29-17.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.29-17.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.29-17.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.29-17.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.29-17.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.29-17.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.29-17.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1.1.0-1.redhat_2.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo@1.1.0-1.redhat_2.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_rt@2.4.1-19.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-17.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_auth_kerb@5.4-36.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.43-1.redhat_1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-14.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-9.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2n-11.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.29.0-8.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.1-23.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.29-17.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"product_id": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1.1.0-1.redhat_2.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"product_id": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon@1.1.0-1.redhat_2.1.jbcs.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.29-17.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon@1.1.0-1.redhat_2.1.jbcs.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2182",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2016-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367340"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2182"
},
{
"category": "external",
"summary": "RHBZ#1367340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2182",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2182"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()"
},
{
"cve": "CVE-2016-4975",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2016-09-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1375968"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Apache was vulnerable to a HTTP response splitting attack for sites which use mod_userdir. An attacker could use this flaw to inject CRLF characters into the HTTP header and could possibly gain access to secure data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4975"
},
{
"category": "external",
"summary": "RHBZ#1375968",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375968"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4975",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4975"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4975",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4975"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975"
}
],
"release_date": "2018-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir"
},
{
"cve": "CVE-2016-6302",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-08-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1369855"
}
],
"notes": [
{
"category": "description",
"text": "An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Insufficient TLS session ticket HMAC length checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6302"
},
{
"category": "external",
"summary": "RHBZ#1369855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369855"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6302",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6302"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Insufficient TLS session ticket HMAC length checks"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Shi Lei"
],
"organization": "Gear Team of Qihoo 360 Inc.",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-6306",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1377594"
}
],
"notes": [
{
"category": "description",
"text": "Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: certificate message OOB reads",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6306"
},
{
"category": "external",
"summary": "RHBZ#1377594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377594"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6306",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6306"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6306",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6306"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: certificate message OOB reads"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
}
],
"cve": "CVE-2016-7055",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2016-10-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1393929"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker\u0027s direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Carry propagating bug in Montgomery multiplication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-7055"
},
{
"category": "external",
"summary": "RHBZ#1393929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-7055",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7055",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7055"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20161110.txt",
"url": "https://www.openssl.org/news/secadv/20161110.txt"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2016-10-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: Carry propagating bug in Montgomery multiplication"
},
{
"cve": "CVE-2017-3731",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1416852"
}
],
"notes": [
{
"category": "description",
"text": "An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Truncated packet could crash via OOB read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3731"
},
{
"category": "external",
"summary": "RHBZ#1416852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416852"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3731",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3731"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2017-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Truncated packet could crash via OOB read"
},
{
"cve": "CVE-2017-3732",
"discovery_date": "2017-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1416856"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: BN_mod_exp may produce incorrect results on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3732"
},
{
"category": "external",
"summary": "RHBZ#1416856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3732"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2017-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: BN_mod_exp may produce incorrect results on x86_64"
},
{
"cve": "CVE-2017-3736",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2017-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1509169"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: bn_sqrx8x_internal carry bug on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3736"
},
{
"category": "external",
"summary": "RHBZ#1509169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3736"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171102.txt",
"url": "https://www.openssl.org/news/secadv/20171102.txt"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: bn_sqrx8x_internal carry bug on x86_64"
},
{
"cve": "CVE-2017-3737",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2017-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1523504"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an \"error state\" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read/write after SSL object in error state",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3737"
},
{
"category": "external",
"summary": "RHBZ#1523504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523504"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3737"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171207.txt",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
}
],
"release_date": "2017-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read/write after SSL object in error state"
},
{
"cve": "CVE-2017-3738",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2017-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1523510"
}
],
"notes": [
{
"category": "description",
"text": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: rsaz_1024_mul_avx2 overflow bug on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3738"
},
{
"category": "external",
"summary": "RHBZ#1523510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523510"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171207.txt",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
}
],
"release_date": "2017-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: rsaz_1024_mul_avx2 overflow bug on x86_64"
}
]
}
rhsa-2018_2186
Vulnerability from csaf_redhat
Published
2018-07-12 16:14
Modified
2024-09-13 14:43
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.29 packages are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this release as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.29 packages that are part
of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes,
enhancements and component upgrades included in this release.
This release upgrades OpenSSL to version 1.0.2.n
Security Fix(es):
* openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() (CVE-2016-2182)
* openssl: Insufficient TLS session ticket HMAC length checks (CVE-2016-6302)
* openssl: certificate message OOB reads (CVE-2016-6306)
* openssl: Carry propagating bug in Montgomery multiplication (CVE-2016-7055)
* openssl: Truncated packet could crash via OOB read (CVE-2017-3731)
* openssl: BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* openssl: Read/write after SSL object in error state (CVE-2017-3737)
* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6306
and CVE-2016-7055. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6306.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Pack Apache Server 2.4.29 packages are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this release as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.29 packages that are part\nof the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes,\nenhancements and component upgrades included in this release.\n\nThis release upgrades OpenSSL to version 1.0.2.n\n\nSecurity Fix(es):\n\n* openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() (CVE-2016-2182)\n\n* openssl: Insufficient TLS session ticket HMAC length checks (CVE-2016-6302)\n\n* openssl: certificate message OOB reads (CVE-2016-6306)\n\n* openssl: Carry propagating bug in Montgomery multiplication (CVE-2016-7055)\n\n* openssl: Truncated packet could crash via OOB read (CVE-2017-3731)\n\n* openssl: BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)\n\n* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)\n\n* openssl: Read/write after SSL object in error state (CVE-2017-3737)\n\n* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6306 \nand CVE-2016-7055. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6306.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2186",
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/"
},
{
"category": "external",
"summary": "1367340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367340"
},
{
"category": "external",
"summary": "1369855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369855"
},
{
"category": "external",
"summary": "1377594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377594"
},
{
"category": "external",
"summary": "1393929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393929"
},
{
"category": "external",
"summary": "1416852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416852"
},
{
"category": "external",
"summary": "1416856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416856"
},
{
"category": "external",
"summary": "1509169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509169"
},
{
"category": "external",
"summary": "1523504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523504"
},
{
"category": "external",
"summary": "1523510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523510"
},
{
"category": "external",
"summary": "JBCS-372",
"url": "https://issues.redhat.com/browse/JBCS-372"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2018/rhsa-2018_2186.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update",
"tracking": {
"current_release_date": "2024-09-13T14:43:18+00:00",
"generator": {
"date": "2024-09-13T14:43:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2018:2186",
"initial_release_date": "2018-07-12T16:14:52+00:00",
"revision_history": [
{
"date": "2018-07-12T16:14:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-12T16:14:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T14:43:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_rt-debuginfo@2.4.1-19.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_rt@2.4.1-19.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-17.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-17.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_auth_kerb@5.4-36.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_auth_kerb-debuginfo@5.4-36.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.43-1.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.43-1.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.43-1.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-14.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-14.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-14.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-9.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2n-11.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2n-11.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2n-11.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2n-11.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2n-11.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2n-11.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.29.0-8.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.29.0-8.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.29.0-8.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.1-23.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.1-23.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.29-17.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.29-17.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.29-17.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.29-17.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.29-17.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.29-17.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.29-17.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.29-17.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.29-17.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1.1.0-1.redhat_2.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo@1.1.0-1.redhat_2.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_rt-debuginfo@2.4.1-19.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_rt@2.4.1-19.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-17.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-17.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_auth_kerb@5.4-36.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_auth_kerb-debuginfo@5.4-36.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_2.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_2.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.43-1.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.43-1.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.43-1.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-14.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-14.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-14.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-9.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2n-11.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2n-11.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2n-11.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2n-11.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2n-11.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"product_id": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2n-11.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.29.0-8.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.29.0-8.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.29.0-8.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.1-23.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.1-23.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.29-17.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.29-17.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.29-17.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.29-17.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.29-17.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.29-17.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.29-17.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.29-17.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.29-17.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1.1.0-1.redhat_2.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"product_id": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo@1.1.0-1.redhat_2.jbcs.el6?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_rt@2.4.1-19.GA.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-17.GA.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_auth_kerb@5.4-36.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_2.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.43-1.redhat_1.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-14.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-9.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"product_id": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2n-11.jbcs.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.29.0-8.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.1-23.GA.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.29-17.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"product_id": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1.1.0-1.redhat_2.jbcs.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"product_id": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon@1.1.0-1.redhat_2.1.jbcs.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.29-17.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"product": {
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"product_id": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon@1.1.0-1.redhat_2.1.jbcs.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2182",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2016-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367340"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2182"
},
{
"category": "external",
"summary": "RHBZ#1367340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2182",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2182"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()"
},
{
"cve": "CVE-2016-4975",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2016-09-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1375968"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Apache was vulnerable to a HTTP response splitting attack for sites which use mod_userdir. An attacker could use this flaw to inject CRLF characters into the HTTP header and could possibly gain access to secure data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4975"
},
{
"category": "external",
"summary": "RHBZ#1375968",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375968"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4975",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4975"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4975",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4975"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975"
}
],
"release_date": "2018-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir"
},
{
"cve": "CVE-2016-6302",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-08-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1369855"
}
],
"notes": [
{
"category": "description",
"text": "An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Insufficient TLS session ticket HMAC length checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6302"
},
{
"category": "external",
"summary": "RHBZ#1369855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369855"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6302",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6302"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Insufficient TLS session ticket HMAC length checks"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Shi Lei"
],
"organization": "Gear Team of Qihoo 360 Inc.",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-6306",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1377594"
}
],
"notes": [
{
"category": "description",
"text": "Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: certificate message OOB reads",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6306"
},
{
"category": "external",
"summary": "RHBZ#1377594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377594"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6306",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6306"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6306",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6306"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: certificate message OOB reads"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
}
],
"cve": "CVE-2016-7055",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2016-10-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1393929"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker\u0027s direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Carry propagating bug in Montgomery multiplication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-7055"
},
{
"category": "external",
"summary": "RHBZ#1393929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-7055",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7055",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7055"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20161110.txt",
"url": "https://www.openssl.org/news/secadv/20161110.txt"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2016-10-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: Carry propagating bug in Montgomery multiplication"
},
{
"cve": "CVE-2017-3731",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1416852"
}
],
"notes": [
{
"category": "description",
"text": "An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Truncated packet could crash via OOB read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3731"
},
{
"category": "external",
"summary": "RHBZ#1416852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416852"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3731",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3731"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2017-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Truncated packet could crash via OOB read"
},
{
"cve": "CVE-2017-3732",
"discovery_date": "2017-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1416856"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: BN_mod_exp may produce incorrect results on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3732"
},
{
"category": "external",
"summary": "RHBZ#1416856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3732"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2017-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: BN_mod_exp may produce incorrect results on x86_64"
},
{
"cve": "CVE-2017-3736",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2017-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1509169"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: bn_sqrx8x_internal carry bug on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3736"
},
{
"category": "external",
"summary": "RHBZ#1509169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3736"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171102.txt",
"url": "https://www.openssl.org/news/secadv/20171102.txt"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: bn_sqrx8x_internal carry bug on x86_64"
},
{
"cve": "CVE-2017-3737",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2017-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1523504"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an \"error state\" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read/write after SSL object in error state",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3737"
},
{
"category": "external",
"summary": "RHBZ#1523504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523504"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3737"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171207.txt",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
}
],
"release_date": "2017-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read/write after SSL object in error state"
},
{
"cve": "CVE-2017-3738",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2017-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1523510"
}
],
"notes": [
{
"category": "description",
"text": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: rsaz_1024_mul_avx2 overflow bug on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3738"
},
{
"category": "external",
"summary": "RHBZ#1523510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523510"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171207.txt",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
}
],
"release_date": "2017-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-9.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.29-17.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_auth_kerb-debuginfo-0:5.4-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-17.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.43-1.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.43-1.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_rt-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_rt-debuginfo-0:2.4.1-19.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.1-23.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.29-17.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.29.0-8.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2n-11.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2n-11.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: rsaz_1024_mul_avx2 overflow bug on x86_64"
}
]
}
rhsa-2018_2187
Vulnerability from csaf_redhat
Published
2018-07-12 16:04
Modified
2024-09-13 14:44
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.29 packages are now available.
Red Hat Product Security has rated this release as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.29 packages that are part
of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer
to the Release Notes for information on the most significant bug fixes,
enhancements and component upgrades included in this release.
This release upgrades OpenSSL to version 1.0.2.n
Security Fix(es):
* openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() (CVE-2016-2182)
* openssl: Insufficient TLS session ticket HMAC length checks (CVE-2016-6302)
* openssl: certificate message OOB reads (CVE-2016-6306)
* openssl: Carry propagating bug in Montgomery multiplication (CVE-2016-7055)
* openssl: Truncated packet could crash via OOB read (CVE-2017-3731)
* openssl: BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* openssl: Read/write after SSL object in error state (CVE-2017-3737)
* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6306
and CVE-2016-7055. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360
Inc.) as the original reporter of CVE-2016-6306.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Pack Apache Server 2.4.29 packages are now available.\n\nRed Hat Product Security has rated this release as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.29 packages that are part\nof the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer\nto the Release Notes for information on the most significant bug fixes,\nenhancements and component upgrades included in this release.\n\nThis release upgrades OpenSSL to version 1.0.2.n\n\nSecurity Fix(es):\n\n* openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() (CVE-2016-2182)\n\n* openssl: Insufficient TLS session ticket HMAC length checks (CVE-2016-6302)\n\n* openssl: certificate message OOB reads (CVE-2016-6306)\n\n* openssl: Carry propagating bug in Montgomery multiplication (CVE-2016-7055)\n\n* openssl: Truncated packet could crash via OOB read (CVE-2017-3731)\n\n* openssl: BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)\n\n* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)\n\n* openssl: Read/write after SSL object in error state (CVE-2017-3737)\n\n* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6306\nand CVE-2016-7055. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360\nInc.) as the original reporter of CVE-2016-6306.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2187",
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/"
},
{
"category": "external",
"summary": "1367340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367340"
},
{
"category": "external",
"summary": "1369855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369855"
},
{
"category": "external",
"summary": "1377594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377594"
},
{
"category": "external",
"summary": "1393929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393929"
},
{
"category": "external",
"summary": "1416852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416852"
},
{
"category": "external",
"summary": "1416856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416856"
},
{
"category": "external",
"summary": "1509169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509169"
},
{
"category": "external",
"summary": "1523504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523504"
},
{
"category": "external",
"summary": "1523510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523510"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2018/rhsa-2018_2187.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update",
"tracking": {
"current_release_date": "2024-09-13T14:44:14+00:00",
"generator": {
"date": "2024-09-13T14:44:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2018:2187",
"initial_release_date": "2018-07-12T16:04:49+00:00",
"revision_history": [
{
"date": "2018-07-12T16:04:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-12T16:04:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T14:44:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 1",
"product": {
"name": "Red Hat JBoss Core Services 1",
"product_id": "Red Hat JBoss Core Services 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2182",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2016-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367340"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2182"
},
{
"category": "external",
"summary": "RHBZ#1367340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2182",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2182"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()"
},
{
"cve": "CVE-2016-6302",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-08-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1369855"
}
],
"notes": [
{
"category": "description",
"text": "An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Insufficient TLS session ticket HMAC length checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6302"
},
{
"category": "external",
"summary": "RHBZ#1369855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369855"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6302",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6302"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Insufficient TLS session ticket HMAC length checks"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Shi Lei"
],
"organization": "Gear Team of Qihoo 360 Inc.",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-6306",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1377594"
}
],
"notes": [
{
"category": "description",
"text": "Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: certificate message OOB reads",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6306"
},
{
"category": "external",
"summary": "RHBZ#1377594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377594"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6306",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6306"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6306",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6306"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160922.txt",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
}
],
"release_date": "2016-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: certificate message OOB reads"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
}
],
"cve": "CVE-2016-7055",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2016-10-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1393929"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker\u0027s direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Carry propagating bug in Montgomery multiplication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-7055"
},
{
"category": "external",
"summary": "RHBZ#1393929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-7055",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7055",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7055"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20161110.txt",
"url": "https://www.openssl.org/news/secadv/20161110.txt"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2016-10-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: Carry propagating bug in Montgomery multiplication"
},
{
"cve": "CVE-2017-3731",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1416852"
}
],
"notes": [
{
"category": "description",
"text": "An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Truncated packet could crash via OOB read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3731"
},
{
"category": "external",
"summary": "RHBZ#1416852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416852"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3731",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3731"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2017-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Truncated packet could crash via OOB read"
},
{
"cve": "CVE-2017-3732",
"discovery_date": "2017-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1416856"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: BN_mod_exp may produce incorrect results on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3732"
},
{
"category": "external",
"summary": "RHBZ#1416856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3732"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20170126.txt",
"url": "https://www.openssl.org/news/secadv/20170126.txt"
}
],
"release_date": "2017-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: BN_mod_exp may produce incorrect results on x86_64"
},
{
"cve": "CVE-2017-3736",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2017-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1509169"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: bn_sqrx8x_internal carry bug on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3736"
},
{
"category": "external",
"summary": "RHBZ#1509169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3736"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171102.txt",
"url": "https://www.openssl.org/news/secadv/20171102.txt"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: bn_sqrx8x_internal carry bug on x86_64"
},
{
"cve": "CVE-2017-3737",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2017-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1523504"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an \"error state\" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read/write after SSL object in error state",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3737"
},
{
"category": "external",
"summary": "RHBZ#1523504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523504"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3737"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171207.txt",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
}
],
"release_date": "2017-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read/write after SSL object in error state"
},
{
"cve": "CVE-2017-3738",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2017-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1523510"
}
],
"notes": [
{
"category": "description",
"text": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: rsaz_1024_mul_avx2 overflow bug on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3738"
},
{
"category": "external",
"summary": "RHBZ#1523510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523510"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171207.txt",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
}
],
"release_date": "2017-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: rsaz_1024_mul_avx2 overflow bug on x86_64"
}
]
}
rhsa-2018_0998
Vulnerability from csaf_redhat
Published
2018-04-10 11:21
Modified
2024-11-05 20:27
Summary
Red Hat Security Advisory: openssl security and bug fix update
Notes
Topic
An update for openssl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* openssl: Read/write after SSL object in error state (CVE-2017-3737)
* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openssl is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)\n\n* openssl: Read/write after SSL object in error state (CVE-2017-3737)\n\n* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0998",
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html",
"url": "https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html"
},
{
"category": "external",
"summary": "1509169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509169"
},
{
"category": "external",
"summary": "1523504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523504"
},
{
"category": "external",
"summary": "1523510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523510"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0998.json"
}
],
"title": "Red Hat Security Advisory: openssl security and bug fix update",
"tracking": {
"current_release_date": "2024-11-05T20:27:58+00:00",
"generator": {
"date": "2024-11-05T20:27:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2018:0998",
"initial_release_date": "2018-04-10T11:21:46+00:00",
"revision_history": [
{
"date": "2018-04-10T11:21:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-04-10T11:21:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:27:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-12.el7.x86_64",
"product": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64",
"product_id": "openssl-static-1:1.0.2k-12.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-12.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"product_id": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-12.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"product": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"product_id": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-12.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"product": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"product_id": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-12.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"product": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"product_id": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-12.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-12.el7.x86_64",
"product": {
"name": "openssl-1:1.0.2k-12.el7.x86_64",
"product_id": "openssl-1:1.0.2k-12.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-12.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-12.el7.i686",
"product": {
"name": "openssl-static-1:1.0.2k-12.el7.i686",
"product_id": "openssl-static-1:1.0.2k-12.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-12.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"product_id": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-12.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-12.el7.i686",
"product": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686",
"product_id": "openssl-libs-1:1.0.2k-12.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-12.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-12.el7.i686",
"product": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686",
"product_id": "openssl-devel-1:1.0.2k-12.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-12.el7?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:1.0.2k-12.el7.src",
"product": {
"name": "openssl-1:1.0.2k-12.el7.src",
"product_id": "openssl-1:1.0.2k-12.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-12.el7?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-12.el7.ppc",
"product": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc",
"product_id": "openssl-libs-1:1.0.2k-12.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-12.el7?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-12.el7.ppc",
"product": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc",
"product_id": "openssl-devel-1:1.0.2k-12.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-12.el7?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"product_id": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-12.el7?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-12.el7.ppc",
"product": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc",
"product_id": "openssl-static-1:1.0.2k-12.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-12.el7?arch=ppc\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"product": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"product_id": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-12.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"product": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"product_id": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-12.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-12.el7.ppc64",
"product": {
"name": "openssl-1:1.0.2k-12.el7.ppc64",
"product_id": "openssl-1:1.0.2k-12.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-12.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"product_id": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-12.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-12.el7.ppc64",
"product": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64",
"product_id": "openssl-static-1:1.0.2k-12.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-12.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"product": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"product_id": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-12.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-12.el7.s390",
"product": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390",
"product_id": "openssl-libs-1:1.0.2k-12.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-12.el7?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-12.el7.s390",
"product": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390",
"product_id": "openssl-devel-1:1.0.2k-12.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-12.el7?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"product_id": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-12.el7?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-12.el7.s390",
"product": {
"name": "openssl-static-1:1.0.2k-12.el7.s390",
"product_id": "openssl-static-1:1.0.2k-12.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-12.el7?arch=s390\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-12.el7.s390x",
"product": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x",
"product_id": "openssl-libs-1:1.0.2k-12.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-12.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-12.el7.s390x",
"product": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x",
"product_id": "openssl-devel-1:1.0.2k-12.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-12.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-12.el7.s390x",
"product": {
"name": "openssl-1:1.0.2k-12.el7.s390x",
"product_id": "openssl-1:1.0.2k-12.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-12.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"product_id": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-12.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-12.el7.s390x",
"product": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x",
"product_id": "openssl-static-1:1.0.2k-12.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-12.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-12.el7.s390x",
"product": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x",
"product_id": "openssl-perl-1:1.0.2k-12.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-12.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"product": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"product_id": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-12.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"product": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"product_id": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-12.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-12.el7.ppc64le",
"product": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le",
"product_id": "openssl-1:1.0.2k-12.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-12.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"product_id": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-12.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"product": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"product_id": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-12.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"product": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"product_id": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-12.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-static-1:1.0.2k-12.el7.aarch64",
"product": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64",
"product_id": "openssl-static-1:1.0.2k-12.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-static@1.0.2k-12.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"product": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"product_id": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@1.0.2k-12.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"product": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"product_id": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@1.0.2k-12.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"product": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"product_id": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@1.0.2k-12.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"product": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"product_id": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@1.0.2k-12.el7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:1.0.2k-12.el7.aarch64",
"product": {
"name": "openssl-1:1.0.2k-12.el7.aarch64",
"product_id": "openssl-1:1.0.2k-12.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@1.0.2k-12.el7?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src"
},
"product_reference": "openssl-1:1.0.2k-12.el7.src",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-devel-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-libs-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-perl-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.i686",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-static-1:1.0.2k-12.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
},
"product_reference": "openssl-static-1:1.0.2k-12.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3736",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2017-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1509169"
}
],
"notes": [
{
"category": "description",
"text": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: bn_sqrx8x_internal carry bug on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3736"
},
{
"category": "external",
"summary": "RHBZ#1509169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3736"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171102.txt",
"url": "https://www.openssl.org/news/secadv/20171102.txt"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-04-10T11:21:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: bn_sqrx8x_internal carry bug on x86_64"
},
{
"cve": "CVE-2017-3737",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2017-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1523504"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an \"error state\" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read/write after SSL object in error state",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3737"
},
{
"category": "external",
"summary": "RHBZ#1523504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523504"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3737"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171207.txt",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
}
],
"release_date": "2017-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-04-10T11:21:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read/write after SSL object in error state"
},
{
"cve": "CVE-2017-3738",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2017-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1523510"
}
],
"notes": [
{
"category": "description",
"text": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: rsaz_1024_mul_avx2 overflow bug on x86_64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3738"
},
{
"category": "external",
"summary": "RHBZ#1523510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523510"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20171207.txt",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
}
],
"release_date": "2017-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-04-10T11:21:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Client-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Client-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7ComputeNode-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7ComputeNode-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-Alt-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-Alt-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Server-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Server-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-7.5:openssl-static-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.src",
"7Workstation-optional-7.5:openssl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-debuginfo-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-devel-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-libs-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-perl-1:1.0.2k-12.el7.x86_64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.aarch64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.i686",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.ppc64le",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.s390x",
"7Workstation-optional-7.5:openssl-static-1:1.0.2k-12.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: rsaz_1024_mul_avx2 overflow bug on x86_64"
}
]
}
var-201712-0248
Vulnerability from variot
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository. This vulnerability CVE-2017-3736 , CVE-2017-3732 and CVE-2015-3193 Similar problem.It may be affected unspecified.
Ubuntu Security Notice USN-3512-1 December 11, 2017
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 17.04
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in OpenSSL.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
David Benjamin discovered that OpenSSL did not correctly prevent buggy applications that ignore handshake errors from subsequently calling certain functions. While unlikely, a remote attacker could possibly use this issue to recover private keys. (CVE-2017-3738)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: libssl1.0.0 1.0.2g-1ubuntu13.3
Ubuntu 17.04: libssl1.0.0 1.0.2g-1ubuntu11.4
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.10
After a standard system update you need to reboot your computer to make all the necessary changes. Corrected: 2017-12-07 18:04:48 UTC (stable/11, 11.1-STABLE) 2017-12-09 03:44:26 UTC (releng/11.1, 11.1-RELEASE-p6) 2017-12-09 03:41:31 UTC (stable/10, 10.4-STABLE) 2017-12-09 03:45:23 UTC (releng/10.4, 10.4-RELEASE-p5) 2017-12-09 03:45:23 UTC (releng/10.3, 10.3-RELEASE-p26) CVE Name: CVE-2017-3737, CVE-2017-3738
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
FreeBSD includes software from the OpenSSL Project. It is also a full-strength general purpose cryptography library.
II. Problem Description
Invoking SSL_read()/SSL_write() while in an error state causes data to be passed without being decrypted/encrypted directly from the SSL/TLS record layer.
In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. [CVE-2017-3738] This bug only affects FreeBSD 11.x.
III. Impact
Applications with incorrect error handling may inappropriately pass unencrypted data. [CVE-2017-3737]
Mishandling of carry propagation will produce incorrect output, and make it easier for a remote attacker to obtain sensitive private-key information. [CVE-2017-3738]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart all daemons that use the library, or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart all daemons that use the library, or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.x]
fetch https://security.FreeBSD.org/patches/SA-17:12/openssl-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:12/openssl-10.patch.asc
gpg --verify openssl-10.patch.asc
[FreeBSD 11.x]
fetch https://security.FreeBSD.org/patches/SA-17:12/openssl-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:12/openssl-11.patch.asc
gpg --verify openssl-11.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in
Restart all daemons that use the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/10/ r326721 releng/10.3/ r326723 releng/10.4/ r326723 stable/11/ r326663 releng/11.1/ r326722
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security and bug fix update Advisory ID: RHSA-2018:0998-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0998 Issue date: 2018-04-10 CVE Names: CVE-2017-3736 CVE-2017-3737 CVE-2017-3738 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
-
openssl: Read/write after SSL object in error state (CVE-2017-3737)
-
openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.2k-12.el7.src.rpm
x86_64: openssl-1.0.2k-12.el7.x86_64.rpm openssl-debuginfo-1.0.2k-12.el7.i686.rpm openssl-debuginfo-1.0.2k-12.el7.x86_64.rpm openssl-libs-1.0.2k-12.el7.i686.rpm openssl-libs-1.0.2k-12.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.2k-12.el7.i686.rpm openssl-debuginfo-1.0.2k-12.el7.x86_64.rpm openssl-devel-1.0.2k-12.el7.i686.rpm openssl-devel-1.0.2k-12.el7.x86_64.rpm openssl-perl-1.0.2k-12.el7.x86_64.rpm openssl-static-1.0.2k-12.el7.i686.rpm openssl-static-1.0.2k-12.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.2k-12.el7.src.rpm
x86_64: openssl-1.0.2k-12.el7.x86_64.rpm openssl-debuginfo-1.0.2k-12.el7.i686.rpm openssl-debuginfo-1.0.2k-12.el7.x86_64.rpm openssl-libs-1.0.2k-12.el7.i686.rpm openssl-libs-1.0.2k-12.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.2k-12.el7.i686.rpm openssl-debuginfo-1.0.2k-12.el7.x86_64.rpm openssl-devel-1.0.2k-12.el7.i686.rpm openssl-devel-1.0.2k-12.el7.x86_64.rpm openssl-perl-1.0.2k-12.el7.x86_64.rpm openssl-static-1.0.2k-12.el7.i686.rpm openssl-static-1.0.2k-12.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.2k-12.el7.src.rpm
ppc64: openssl-1.0.2k-12.el7.ppc64.rpm openssl-debuginfo-1.0.2k-12.el7.ppc.rpm openssl-debuginfo-1.0.2k-12.el7.ppc64.rpm openssl-devel-1.0.2k-12.el7.ppc.rpm openssl-devel-1.0.2k-12.el7.ppc64.rpm openssl-libs-1.0.2k-12.el7.ppc.rpm openssl-libs-1.0.2k-12.el7.ppc64.rpm
ppc64le: openssl-1.0.2k-12.el7.ppc64le.rpm openssl-debuginfo-1.0.2k-12.el7.ppc64le.rpm openssl-devel-1.0.2k-12.el7.ppc64le.rpm openssl-libs-1.0.2k-12.el7.ppc64le.rpm
s390x: openssl-1.0.2k-12.el7.s390x.rpm openssl-debuginfo-1.0.2k-12.el7.s390.rpm openssl-debuginfo-1.0.2k-12.el7.s390x.rpm openssl-devel-1.0.2k-12.el7.s390.rpm openssl-devel-1.0.2k-12.el7.s390x.rpm openssl-libs-1.0.2k-12.el7.s390.rpm openssl-libs-1.0.2k-12.el7.s390x.rpm
x86_64: openssl-1.0.2k-12.el7.x86_64.rpm openssl-debuginfo-1.0.2k-12.el7.i686.rpm openssl-debuginfo-1.0.2k-12.el7.x86_64.rpm openssl-devel-1.0.2k-12.el7.i686.rpm openssl-devel-1.0.2k-12.el7.x86_64.rpm openssl-libs-1.0.2k-12.el7.i686.rpm openssl-libs-1.0.2k-12.el7.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: openssl-1.0.2k-12.el7.src.rpm
aarch64: openssl-1.0.2k-12.el7.aarch64.rpm openssl-debuginfo-1.0.2k-12.el7.aarch64.rpm openssl-devel-1.0.2k-12.el7.aarch64.rpm openssl-libs-1.0.2k-12.el7.aarch64.rpm
ppc64le: openssl-1.0.2k-12.el7.ppc64le.rpm openssl-debuginfo-1.0.2k-12.el7.ppc64le.rpm openssl-devel-1.0.2k-12.el7.ppc64le.rpm openssl-libs-1.0.2k-12.el7.ppc64le.rpm
s390x: openssl-1.0.2k-12.el7.s390x.rpm openssl-debuginfo-1.0.2k-12.el7.s390.rpm openssl-debuginfo-1.0.2k-12.el7.s390x.rpm openssl-devel-1.0.2k-12.el7.s390.rpm openssl-devel-1.0.2k-12.el7.s390x.rpm openssl-libs-1.0.2k-12.el7.s390.rpm openssl-libs-1.0.2k-12.el7.s390x.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
aarch64: openssl-debuginfo-1.0.2k-12.el7.aarch64.rpm openssl-perl-1.0.2k-12.el7.aarch64.rpm openssl-static-1.0.2k-12.el7.aarch64.rpm
ppc64le: openssl-debuginfo-1.0.2k-12.el7.ppc64le.rpm openssl-perl-1.0.2k-12.el7.ppc64le.rpm openssl-static-1.0.2k-12.el7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.2k-12.el7.s390.rpm openssl-debuginfo-1.0.2k-12.el7.s390x.rpm openssl-perl-1.0.2k-12.el7.s390x.rpm openssl-static-1.0.2k-12.el7.s390.rpm openssl-static-1.0.2k-12.el7.s390x.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.2k-12.el7.ppc.rpm openssl-debuginfo-1.0.2k-12.el7.ppc64.rpm openssl-perl-1.0.2k-12.el7.ppc64.rpm openssl-static-1.0.2k-12.el7.ppc.rpm openssl-static-1.0.2k-12.el7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.2k-12.el7.ppc64le.rpm openssl-perl-1.0.2k-12.el7.ppc64le.rpm openssl-static-1.0.2k-12.el7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.2k-12.el7.s390.rpm openssl-debuginfo-1.0.2k-12.el7.s390x.rpm openssl-perl-1.0.2k-12.el7.s390x.rpm openssl-static-1.0.2k-12.el7.s390.rpm openssl-static-1.0.2k-12.el7.s390x.rpm
x86_64: openssl-debuginfo-1.0.2k-12.el7.i686.rpm openssl-debuginfo-1.0.2k-12.el7.x86_64.rpm openssl-perl-1.0.2k-12.el7.x86_64.rpm openssl-static-1.0.2k-12.el7.i686.rpm openssl-static-1.0.2k-12.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.2k-12.el7.src.rpm
x86_64: openssl-1.0.2k-12.el7.x86_64.rpm openssl-debuginfo-1.0.2k-12.el7.i686.rpm openssl-debuginfo-1.0.2k-12.el7.x86_64.rpm openssl-devel-1.0.2k-12.el7.i686.rpm openssl-devel-1.0.2k-12.el7.x86_64.rpm openssl-libs-1.0.2k-12.el7.i686.rpm openssl-libs-1.0.2k-12.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.2k-12.el7.i686.rpm openssl-debuginfo-1.0.2k-12.el7.x86_64.rpm openssl-perl-1.0.2k-12.el7.x86_64.rpm openssl-static-1.0.2k-12.el7.i686.rpm openssl-static-1.0.2k-12.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-3736 https://access.redhat.com/security/cve/CVE-2017-3737 https://access.redhat.com/security/cve/CVE-2017-3738 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFazHmPXlSAg2UNWIIRAqu6AKDErP0kbrPwLuGhT0FWhHa/Os9K1gCfRI4r j0HnnUq1AsYgW3JsOqRcuTk= =hlqc -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description:
This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6306. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
JBCS-373 - Errata for httpd 2.4.29 GA RHEL 7
CVE-2018-0739
It was discovered that constructed ASN.1 types with a recursive
definition could exceed the stack, potentially leading to a denial
of service.
Details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20180327.txt
For the oldstable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u8. The oldstable distribution is not affected by CVE-2017-3738.
For the stable distribution (stretch), these problems have been fixed in version 1.1.0f-3+deb9u2.
For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlq9UxtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Qi/Q//U7BsT4ITKgPcpErXfKx5RXi2xcPw/trUr83HqZvNIR99HUnQPVYbkyyX PLvB6xhmPAjx4cQFff8e5EIHR2OpoRzZ5nAvqo2b2bn1liVL1/pllYmj5HiHz5tb 8NXuDrDpO432rFDgrba6LDlXulq4Kux/NJpg1G/CkzNHMXXZR9xi3JZDMZU7jiZC eGynQd1MLlF2+6qWIX/7KJHI+tmT4ZNDK9IDMv/YH71gvku0ICY8zB+1qeHP7mPN dYYC6v5rqrES1SF//NxYu26E/YNo7krn6tN0OPhoDRZ3aPuqyOfB7QpxHOsdztfQ 2mIcXzS5JXdhQ5J8aEBrziAQ/nSoW+T533LniXVIiSQn+sYjrjg1vRt5PrBLx2N0 CNX4OVcstV2bGYKknOGYBVnEzURGoeydHx3zZn/OflCe+X6lpxQAwmfgrw4+T+FX QxnjVEn4e5HeR2RGOnHzA6g3GuyJ+OeU3g0WEbAgOhqowTx3OOX7/htYnt702GKQ 9aA4ypYG8228owbno857nfnDb6eGbeqeH3BF8B20p4VHwlL1+XxyMmM+yzgbwCoA 8npl1DiiyUNBFl3WpQrjg7NwWXw+EGp5F+GxRip9yO/8cxKXn3+LqZP7gGR/+Mz5 ATXpKzuY6L8Gzh4Y+W7IH+iApSpSOlDXzo18PVCfp9qxnKNjetA= =whaV -----END PGP SIGNATURE----- . The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call.
OpenSSL 1.0.2 users should upgrade to 1.0.2n
This issue was reported to OpenSSL on 10th November 2017 by David Benjamin (Google). The fix was proposed by David Benjamin and implemented by Matt Caswell of the OpenSSL development team.
OpenSSL 1.0.2 users should upgrade to 1.0.2n
This issue was reported to OpenSSL on 22nd November 2017 by David Benjamin (Google). The issue was originally found via the OSS-Fuzz project.
Note
Support for version 1.0.1 ended on 31st December 2016. Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20171207.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0248",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0b"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "9.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.9.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0a"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.12.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2i"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.8.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.2.0"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.8.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2j"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.0.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.8.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2l"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0e"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "9.2.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0c"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.1.2"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "gnu/linux",
"scope": "eq",
"trust": 0.8,
"vendor": "debian",
"version": "9.0"
},
{
"model": "openssl",
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cosminexus http server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "automation director",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "( overseas edition )"
},
{
"model": "automation director",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "( domestic version )"
},
{
"model": "compute systems manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "configuration manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "device manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "global link manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "infrastructure analytics advisor",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "replication manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "tiered storage manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "tuning manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/automatic job management system 3",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web console (windows"
},
{
"model": "jp1/automatic job management system 3",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "linux)"
},
{
"model": "jp1/automatic operation",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - smart device manager"
},
{
"model": "jp1/operations analytics",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/performance management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web console"
},
{
"model": "jp1/snmp system observer",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"model": "ucosminexus developer",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-216"
},
{
"db": "NVD",
"id": "CVE-2017-3738"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:debian:debian_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:automation_director",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:compute_systems_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:configuration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:device_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:global_link_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:infrastructure_analytics_advisor",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:replication_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:tiered_storage_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:tuning_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:jp1_automatic_job_management_system_3",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:jp1_automatic_operation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:jp1_it_desktop_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:jp1_operation_analytics",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:jp1_performance_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:jp1_snmp_system_observer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "147117"
},
{
"db": "PACKETSTORM",
"id": "148524"
}
],
"trust": 0.2
},
"cve": "CVE-2017-3738",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-3738",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-3738",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-3738",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-3738",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-3738",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-216",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-3738",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3738"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-216"
},
{
"db": "NVD",
"id": "CVE-2017-3738"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository. This vulnerability CVE-2017-3736 , CVE-2017-3732 and CVE-2015-3193 Similar problem.It may be affected unspecified. \n===========================================================================\nUbuntu Security Notice USN-3512-1\nDecember 11, 2017\n\nopenssl vulnerabilities\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.10\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nDavid Benjamin discovered that OpenSSL did not correctly prevent\nbuggy applications that ignore handshake errors from subsequently calling\ncertain functions. While unlikely, a remote attacker could possibly\nuse this issue to recover private keys. (CVE-2017-3738)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.10:\n libssl1.0.0 1.0.2g-1ubuntu13.3\n\nUbuntu 17.04:\n libssl1.0.0 1.0.2g-1ubuntu11.4\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.10\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \nCorrected: 2017-12-07 18:04:48 UTC (stable/11, 11.1-STABLE)\n 2017-12-09 03:44:26 UTC (releng/11.1, 11.1-RELEASE-p6)\n 2017-12-09 03:41:31 UTC (stable/10, 10.4-STABLE)\n 2017-12-09 03:45:23 UTC (releng/10.4, 10.4-RELEASE-p5)\n 2017-12-09 03:45:23 UTC (releng/10.3, 10.3-RELEASE-p26)\nCVE Name: CVE-2017-3737, CVE-2017-3738\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. It is also a full-strength general purpose\ncryptography library. \n\nII. Problem Description\n\nInvoking SSL_read()/SSL_write() while in an error state causes data to be\npassed without being decrypted/encrypted directly from the SSL/TLS record\nlayer. \n\nIn order to exploit this issue an application bug would have to be present\nthat resulted in a call to SSL_read()/SSL_write() being issued after having\nalready received a fatal error. [CVE-2017-3738] This bug only affects FreeBSD 11.x. \n\nIII. Impact\n\nApplications with incorrect error handling may inappropriately pass\nunencrypted data. [CVE-2017-3737]\n\nMishandling of carry propagation will produce incorrect output, and make it\neasier for a remote attacker to obtain sensitive private-key information. [CVE-2017-3738]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart all daemons that use the library, or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart all daemons that use the library, or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.x]\n# fetch https://security.FreeBSD.org/patches/SA-17:12/openssl-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:12/openssl-10.patch.asc\n# gpg --verify openssl-10.patch.asc\n\n[FreeBSD 11.x]\n# fetch https://security.FreeBSD.org/patches/SA-17:12/openssl-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:12/openssl-11.patch.asc\n# gpg --verify openssl-11.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all daemons that use the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/10/ r326721\nreleng/10.3/ r326723\nreleng/10.4/ r326723\nstable/11/ r326663\nreleng/11.1/ r326722\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security and bug fix update\nAdvisory ID: RHSA-2018:0998-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:0998\nIssue date: 2018-04-10\nCVE Names: CVE-2017-3736 CVE-2017-3737 CVE-2017-3738 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)\n\n* openssl: Read/write after SSL object in error state (CVE-2017-3737)\n\n* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.2k-12.el7.src.rpm\n\nx86_64:\nopenssl-1.0.2k-12.el7.x86_64.rpm\nopenssl-debuginfo-1.0.2k-12.el7.i686.rpm\nopenssl-debuginfo-1.0.2k-12.el7.x86_64.rpm\nopenssl-libs-1.0.2k-12.el7.i686.rpm\nopenssl-libs-1.0.2k-12.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.2k-12.el7.i686.rpm\nopenssl-debuginfo-1.0.2k-12.el7.x86_64.rpm\nopenssl-devel-1.0.2k-12.el7.i686.rpm\nopenssl-devel-1.0.2k-12.el7.x86_64.rpm\nopenssl-perl-1.0.2k-12.el7.x86_64.rpm\nopenssl-static-1.0.2k-12.el7.i686.rpm\nopenssl-static-1.0.2k-12.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.2k-12.el7.src.rpm\n\nx86_64:\nopenssl-1.0.2k-12.el7.x86_64.rpm\nopenssl-debuginfo-1.0.2k-12.el7.i686.rpm\nopenssl-debuginfo-1.0.2k-12.el7.x86_64.rpm\nopenssl-libs-1.0.2k-12.el7.i686.rpm\nopenssl-libs-1.0.2k-12.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.2k-12.el7.i686.rpm\nopenssl-debuginfo-1.0.2k-12.el7.x86_64.rpm\nopenssl-devel-1.0.2k-12.el7.i686.rpm\nopenssl-devel-1.0.2k-12.el7.x86_64.rpm\nopenssl-perl-1.0.2k-12.el7.x86_64.rpm\nopenssl-static-1.0.2k-12.el7.i686.rpm\nopenssl-static-1.0.2k-12.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.2k-12.el7.src.rpm\n\nppc64:\nopenssl-1.0.2k-12.el7.ppc64.rpm\nopenssl-debuginfo-1.0.2k-12.el7.ppc.rpm\nopenssl-debuginfo-1.0.2k-12.el7.ppc64.rpm\nopenssl-devel-1.0.2k-12.el7.ppc.rpm\nopenssl-devel-1.0.2k-12.el7.ppc64.rpm\nopenssl-libs-1.0.2k-12.el7.ppc.rpm\nopenssl-libs-1.0.2k-12.el7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.2k-12.el7.ppc64le.rpm\nopenssl-debuginfo-1.0.2k-12.el7.ppc64le.rpm\nopenssl-devel-1.0.2k-12.el7.ppc64le.rpm\nopenssl-libs-1.0.2k-12.el7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.2k-12.el7.s390x.rpm\nopenssl-debuginfo-1.0.2k-12.el7.s390.rpm\nopenssl-debuginfo-1.0.2k-12.el7.s390x.rpm\nopenssl-devel-1.0.2k-12.el7.s390.rpm\nopenssl-devel-1.0.2k-12.el7.s390x.rpm\nopenssl-libs-1.0.2k-12.el7.s390.rpm\nopenssl-libs-1.0.2k-12.el7.s390x.rpm\n\nx86_64:\nopenssl-1.0.2k-12.el7.x86_64.rpm\nopenssl-debuginfo-1.0.2k-12.el7.i686.rpm\nopenssl-debuginfo-1.0.2k-12.el7.x86_64.rpm\nopenssl-devel-1.0.2k-12.el7.i686.rpm\nopenssl-devel-1.0.2k-12.el7.x86_64.rpm\nopenssl-libs-1.0.2k-12.el7.i686.rpm\nopenssl-libs-1.0.2k-12.el7.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nSource:\nopenssl-1.0.2k-12.el7.src.rpm\n\naarch64:\nopenssl-1.0.2k-12.el7.aarch64.rpm\nopenssl-debuginfo-1.0.2k-12.el7.aarch64.rpm\nopenssl-devel-1.0.2k-12.el7.aarch64.rpm\nopenssl-libs-1.0.2k-12.el7.aarch64.rpm\n\nppc64le:\nopenssl-1.0.2k-12.el7.ppc64le.rpm\nopenssl-debuginfo-1.0.2k-12.el7.ppc64le.rpm\nopenssl-devel-1.0.2k-12.el7.ppc64le.rpm\nopenssl-libs-1.0.2k-12.el7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.2k-12.el7.s390x.rpm\nopenssl-debuginfo-1.0.2k-12.el7.s390.rpm\nopenssl-debuginfo-1.0.2k-12.el7.s390x.rpm\nopenssl-devel-1.0.2k-12.el7.s390.rpm\nopenssl-devel-1.0.2k-12.el7.s390x.rpm\nopenssl-libs-1.0.2k-12.el7.s390.rpm\nopenssl-libs-1.0.2k-12.el7.s390x.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):\n\naarch64:\nopenssl-debuginfo-1.0.2k-12.el7.aarch64.rpm\nopenssl-perl-1.0.2k-12.el7.aarch64.rpm\nopenssl-static-1.0.2k-12.el7.aarch64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.2k-12.el7.ppc64le.rpm\nopenssl-perl-1.0.2k-12.el7.ppc64le.rpm\nopenssl-static-1.0.2k-12.el7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.2k-12.el7.s390.rpm\nopenssl-debuginfo-1.0.2k-12.el7.s390x.rpm\nopenssl-perl-1.0.2k-12.el7.s390x.rpm\nopenssl-static-1.0.2k-12.el7.s390.rpm\nopenssl-static-1.0.2k-12.el7.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.2k-12.el7.ppc.rpm\nopenssl-debuginfo-1.0.2k-12.el7.ppc64.rpm\nopenssl-perl-1.0.2k-12.el7.ppc64.rpm\nopenssl-static-1.0.2k-12.el7.ppc.rpm\nopenssl-static-1.0.2k-12.el7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.2k-12.el7.ppc64le.rpm\nopenssl-perl-1.0.2k-12.el7.ppc64le.rpm\nopenssl-static-1.0.2k-12.el7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.2k-12.el7.s390.rpm\nopenssl-debuginfo-1.0.2k-12.el7.s390x.rpm\nopenssl-perl-1.0.2k-12.el7.s390x.rpm\nopenssl-static-1.0.2k-12.el7.s390.rpm\nopenssl-static-1.0.2k-12.el7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.2k-12.el7.i686.rpm\nopenssl-debuginfo-1.0.2k-12.el7.x86_64.rpm\nopenssl-perl-1.0.2k-12.el7.x86_64.rpm\nopenssl-static-1.0.2k-12.el7.i686.rpm\nopenssl-static-1.0.2k-12.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.2k-12.el7.src.rpm\n\nx86_64:\nopenssl-1.0.2k-12.el7.x86_64.rpm\nopenssl-debuginfo-1.0.2k-12.el7.i686.rpm\nopenssl-debuginfo-1.0.2k-12.el7.x86_64.rpm\nopenssl-devel-1.0.2k-12.el7.i686.rpm\nopenssl-devel-1.0.2k-12.el7.x86_64.rpm\nopenssl-libs-1.0.2k-12.el7.i686.rpm\nopenssl-libs-1.0.2k-12.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.2k-12.el7.i686.rpm\nopenssl-debuginfo-1.0.2k-12.el7.x86_64.rpm\nopenssl-perl-1.0.2k-12.el7.x86_64.rpm\nopenssl-static-1.0.2k-12.el7.i686.rpm\nopenssl-static-1.0.2k-12.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-3736\nhttps://access.redhat.com/security/cve/CVE-2017-3737\nhttps://access.redhat.com/security/cve/CVE-2017-3738\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFazHmPXlSAg2UNWIIRAqu6AKDErP0kbrPwLuGhT0FWhHa/Os9K1gCfRI4r\nj0HnnUq1AsYgW3JsOqRcuTk=\n=hlqc\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nThis release adds the new Apache HTTP Server 2.4.29 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes and enhancements. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360\nInc.) as the original reporter of CVE-2016-6306. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-373 - Errata for httpd 2.4.29 GA RHEL 7\n\n7. \n\nCVE-2018-0739\n\n It was discovered that constructed ASN.1 types with a recursive\n definition could exceed the stack, potentially leading to a denial\n of service. \n\nDetails can be found in the upstream advisory:\nhttps://www.openssl.org/news/secadv/20180327.txt\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 1.0.1t-1+deb8u8. The oldstable distribution is not affected\nby CVE-2017-3738. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.1.0f-3+deb9u2. \n\nFor the detailed security status of openssl please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlq9UxtfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0Qi/Q//U7BsT4ITKgPcpErXfKx5RXi2xcPw/trUr83HqZvNIR99HUnQPVYbkyyX\nPLvB6xhmPAjx4cQFff8e5EIHR2OpoRzZ5nAvqo2b2bn1liVL1/pllYmj5HiHz5tb\n8NXuDrDpO432rFDgrba6LDlXulq4Kux/NJpg1G/CkzNHMXXZR9xi3JZDMZU7jiZC\neGynQd1MLlF2+6qWIX/7KJHI+tmT4ZNDK9IDMv/YH71gvku0ICY8zB+1qeHP7mPN\ndYYC6v5rqrES1SF//NxYu26E/YNo7krn6tN0OPhoDRZ3aPuqyOfB7QpxHOsdztfQ\n2mIcXzS5JXdhQ5J8aEBrziAQ/nSoW+T533LniXVIiSQn+sYjrjg1vRt5PrBLx2N0\nCNX4OVcstV2bGYKknOGYBVnEzURGoeydHx3zZn/OflCe+X6lpxQAwmfgrw4+T+FX\nQxnjVEn4e5HeR2RGOnHzA6g3GuyJ+OeU3g0WEbAgOhqowTx3OOX7/htYnt702GKQ\n9aA4ypYG8228owbno857nfnDb6eGbeqeH3BF8B20p4VHwlL1+XxyMmM+yzgbwCoA\n8npl1DiiyUNBFl3WpQrjg7NwWXw+EGp5F+GxRip9yO/8cxKXn3+LqZP7gGR/+Mz5\nATXpKzuY6L8Gzh4Y+W7IH+iApSpSOlDXzo18PVCfp9qxnKNjetA=\n=whaV\n-----END PGP SIGNATURE-----\n. The intent was that if a fatal error occurred during a handshake then\nOpenSSL would move into the error state and would immediately fail if you\nattempted to continue the handshake. This works as designed for the explicit\nhandshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()),\nhowever due to a bug it does not work correctly if SSL_read() or SSL_write() is\ncalled directly. In that scenario, if the handshake fails then a fatal error\nwill be returned in the initial function call. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2n\n\nThis issue was reported to OpenSSL on 10th November 2017 by David Benjamin\n(Google). The fix was proposed by David Benjamin and implemented by Matt Caswell\nof the OpenSSL development team. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2n\n\nThis issue was reported to OpenSSL on 22nd November 2017 by David Benjamin\n(Google). The issue was originally found via the OSS-Fuzz project. \n\nNote\n====\n\nSupport for version 1.0.1 ended on 31st December 2016. Support for versions\n0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer\nreceiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20171207.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3738"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"db": "VULMON",
"id": "CVE-2017-3738"
},
{
"db": "PACKETSTORM",
"id": "145372"
},
{
"db": "PACKETSTORM",
"id": "145367"
},
{
"db": "PACKETSTORM",
"id": "147117"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "146958"
},
{
"db": "PACKETSTORM",
"id": "169655"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3738",
"trust": 3.1
},
{
"db": "TENABLE",
"id": "TNS-2018-04",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2018-07",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2017-16",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2018-06",
"trust": 1.7
},
{
"db": "BID",
"id": "102118",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039978",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU93502675",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011252",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.4645",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2261",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1089",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2536",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1054",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201712-216",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-3738",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145372",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145367",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147117",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148524",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169655",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3738"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"db": "PACKETSTORM",
"id": "145372"
},
{
"db": "PACKETSTORM",
"id": "145367"
},
{
"db": "PACKETSTORM",
"id": "147117"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "146958"
},
{
"db": "PACKETSTORM",
"id": "169655"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-216"
},
{
"db": "NVD",
"id": "CVE-2017-3738"
}
]
},
"id": "VAR-201712-0248",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.22708334
},
"last_update_date": "2024-09-19T20:59:04.170000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DSA-4065",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"title": "hitachi-sec-2018-106",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2018-106/index.html"
},
{
"title": "hitachi-sec-2018-124",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2018-124/index.html"
},
{
"title": "hitachi-sec-2019-105",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-105/index.html"
},
{
"title": "NV18-010",
"trust": 0.8,
"url": "https://jpn.nec.com/security-info/secinfo/nv18-010.html"
},
{
"title": "NTAP-20171208-0001",
"trust": 0.8,
"url": "https://security.netapp.com/advisory/ntap-20171208-0001/"
},
{
"title": "Data Confidentiality/Integrity Vulnerability, December 2017",
"trust": 0.8,
"url": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"
},
{
"title": "Read/write after SSL object in error state (CVE-2017-3737)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"title": "hitachi-sec-2018-106",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2018-106/index.html"
},
{
"title": "hitachi-sec-2018-124",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2018-124/index.html"
},
{
"title": "hitachi-sec-2019-105",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2019-105/index.html"
},
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76995"
},
{
"title": "Red Hat: Moderate: openssl security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20180998 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3512-1"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182186 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182187 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-4157-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=c79d1e1d762e93b378a3fac64f240919"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182185 - Security Advisory"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerabilities in OpenSSL affect QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter and QLogic Virtual Fabric Extension Module for IBM BladeCenter",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=29a34ceeb17cecefa4b82c6b5a2da56d"
},
{
"title": "Red Hat: CVE-2017-3738",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-3738"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-3738"
},
{
"title": "Hitachi Security Advisories: Multiple Vulnerabilities in JP1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories\u0026qid=hitachi-sec-2019-105"
},
{
"title": "Arch Linux Advisories: [ASA-201804-6] lib32-openssl: private key recovery",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201804-6"
},
{
"title": "Amazon Linux AMI: ALAS-2018-1016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2018-1016"
},
{
"title": "Symantec Security Advisories: SA159: OpenSSL Vulnerabilities 7-Dec-2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=7a23414ce58f57534a106c24bd753c6b"
},
{
"title": "Arch Linux Advisories: [ASA-201804-2] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201804-2"
},
{
"title": "Amazon Linux 2: ALAS2-2018-1004",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2018-1004"
},
{
"title": "Tenable Security Advisories: [R1] OpenSSL Stand-alone Patch Available for SecurityCenter versions 5.0 or Later",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2018-04"
},
{
"title": "Tenable Security Advisories: [R1] Industrial Security 1.1.0 Fixes One Third-party Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2018-06"
},
{
"title": "Tenable Security Advisories: [R2] SecurityCenter 5.6.1 Fixes Multiple Third-party Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2017-16"
},
{
"title": "Arch Linux Advisories: [ASA-201712-11] lib32-openssl-1.0: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201712-11"
},
{
"title": "Tenable Security Advisories: [R1] Nessus Network Monitor 5.5.0 Fixes One Third-party Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2018-07"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=72fe5ebf222112c8481815fd7cefc7af"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=f655264a6935505d167bbf45f409a57b"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f5bb2b180c7c77e5a02747a1f31830d9"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=81c63752a6f26433af2128b2e8c02385"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=ae57a14ec914f60b7203332a77613077"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=525e4e31765e47b9e53b24e880af9d6e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "core-kit",
"trust": 0.1,
"url": "https://github.com/funtoo/core-kit "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3738"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-216"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"db": "NVD",
"id": "CVE-2017-3738"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/102118"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:0998"
},
{
"trust": 1.8,
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"trust": 1.8,
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2185"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039978"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20171208-0001/"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:12.openssl.asc"
},
{
"trust": 1.7,
"url": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201712-03"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2017-16"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2018/dsa-4157"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2018-04"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2018-07"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2018-06"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:2187"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:2186"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbst03881en_us"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3738"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3738"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu93502675"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887987"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887995"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887989"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887985"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887991"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2261/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2536/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10887987"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78218"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78082"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10888295"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3737"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3736"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-3736"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-3738"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-3737"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3512-1/"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=56193"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu13.3"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3512-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu11.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.10"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20171207.txt\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3738\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:12/openssl-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:12/openssl-11.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3737\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:12/openssl-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:12.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:12/openssl-10.patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3731"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-3731"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-3732"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7055"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6302"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0739"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/openssl"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0701"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3193"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3738"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"db": "PACKETSTORM",
"id": "145372"
},
{
"db": "PACKETSTORM",
"id": "145367"
},
{
"db": "PACKETSTORM",
"id": "147117"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "146958"
},
{
"db": "PACKETSTORM",
"id": "169655"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-216"
},
{
"db": "NVD",
"id": "CVE-2017-3738"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-3738"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"db": "PACKETSTORM",
"id": "145372"
},
{
"db": "PACKETSTORM",
"id": "145367"
},
{
"db": "PACKETSTORM",
"id": "147117"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "146958"
},
{
"db": "PACKETSTORM",
"id": "169655"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-216"
},
{
"db": "NVD",
"id": "CVE-2017-3738"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3738"
},
{
"date": "2018-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"date": "2017-12-12T05:29:29",
"db": "PACKETSTORM",
"id": "145372"
},
{
"date": "2017-12-12T05:27:14",
"db": "PACKETSTORM",
"id": "145367"
},
{
"date": "2018-04-11T01:25:17",
"db": "PACKETSTORM",
"id": "147117"
},
{
"date": "2018-07-12T21:48:49",
"db": "PACKETSTORM",
"id": "148524"
},
{
"date": "2018-03-30T15:44:00",
"db": "PACKETSTORM",
"id": "146958"
},
{
"date": "2017-12-07T12:12:12",
"db": "PACKETSTORM",
"id": "169655"
},
{
"date": "2017-12-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-216"
},
{
"date": "2017-12-07T16:29:00.240000",
"db": "NVD",
"id": "CVE-2017-3738"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3738"
},
{
"date": "2018-08-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011252"
},
{
"date": "2022-08-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-216"
},
{
"date": "2022-08-19T11:49:42.737000",
"db": "NVD",
"id": "CVE-2017-3738"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "145372"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-216"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011252"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-216"
}
],
"trust": 0.6
}
}
gsd-2017-3738
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3738",
"description": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.",
"id": "GSD-2017-3738",
"references": [
"https://www.suse.com/security/cve/CVE-2017-3738.html",
"https://www.debian.org/security/2018/dsa-4157",
"https://www.debian.org/security/2017/dsa-4065",
"https://access.redhat.com/errata/RHSA-2018:2187",
"https://access.redhat.com/errata/RHSA-2018:2186",
"https://access.redhat.com/errata/RHSA-2018:2185",
"https://access.redhat.com/errata/RHSA-2018:0998",
"https://ubuntu.com/security/CVE-2017-3738",
"https://advisories.mageia.org/CVE-2017-3738.html",
"https://security.archlinux.org/CVE-2017-3738",
"https://alas.aws.amazon.com/cve/html/CVE-2017-3738.html",
"https://linux.oracle.com/cve/CVE-2017-3738.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3738"
],
"details": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.",
"id": "GSD-2017-3738",
"modified": "2023-12-13T01:21:16.179823Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2017-12-07T00:00:00",
"ID": "CVE-2017-3738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_value": "1.0.2-1.02m"
},
{
"version_value": "1.1.0-1.1.0g"
}
]
}
}
]
},
"vendor_name": "OpenSSL Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "carry-propagating bug"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/tns-2018-07",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-07"
},
{
"name": "https://www.tenable.com/security/tns-2018-04",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-04"
},
{
"name": "RHSA-2018:2185",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"name": "RHSA-2018:2186",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "FreeBSD-SA-17:12",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc"
},
{
"name": "GLSA-201712-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201712-03"
},
{
"name": "1039978",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039978"
},
{
"name": "DSA-4157",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4157"
},
{
"name": "https://www.openssl.org/news/secadv/20171207.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"name": "RHSA-2018:0998",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a",
"refsource": "MISC",
"url": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a"
},
{
"name": "https://www.tenable.com/security/tns-2018-06",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-06"
},
{
"name": "DSA-4065",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "102118",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102118"
},
{
"name": "https://www.tenable.com/security/tns-2017-16",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2017-16"
},
{
"name": "https://www.openssl.org/news/secadv/20180327.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us"
},
{
"name": "RHSA-2018:2187",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171208-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171208-0001/"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.8.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.8.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.2.1",
"versionStartIncluding": "9.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.9.3",
"versionStartIncluding": "8.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.12.2",
"versionStartIncluding": "6.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.8.7",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"ID": "CVE-2017-3738"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openssl.org/news/secadv/20171207.txt",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"name": "1039978",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039978"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171208-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171208-0001/"
},
{
"name": "102118",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102118"
},
{
"name": "FreeBSD-SA-17:12",
"refsource": "FREEBSD",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"
},
{
"name": "GLSA-201712-03",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201712-03"
},
{
"name": "DSA-4065",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"name": "https://www.tenable.com/security/tns-2017-16",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2017-16"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a"
},
{
"name": "https://www.openssl.org/news/secadv/20180327.txt",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"name": "DSA-4157",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4157"
},
{
"name": "RHSA-2018:0998",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "https://www.tenable.com/security/tns-2018-04",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2018-04"
},
{
"name": "https://www.tenable.com/security/tns-2018-07",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2018-07"
},
{
"name": "https://www.tenable.com/security/tns-2018-06",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2018-06"
},
{
"name": "RHSA-2018:2187",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"name": "RHSA-2018:2186",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"name": "RHSA-2018:2185",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-08-19T11:49Z",
"publishedDate": "2017-12-07T16:29Z"
}
}
}
ghsa-gj3m-w8pf-46c5
Vulnerability from github
Published
2022-05-14 01:07
Modified
2025-04-20 03:49
Severity ?
Details
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.
{
"affected": [],
"aliases": [
"CVE-2017-3738"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-07T16:29:00Z",
"severity": "MODERATE"
},
"details": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.",
"id": "GHSA-gj3m-w8pf-46c5",
"modified": "2025-04-20T03:49:36Z",
"published": "2022-05-14T01:07:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3738"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/e502cc86df9dafded1694fceb3228ee34d11c11a"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2018-07"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2018-06"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2018-04"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2017-16"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"type": "WEB",
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"type": "WEB",
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4157"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-4065"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03881en_us"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20171208-0001"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201712-03"
},
{
"type": "WEB",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc"
},
{
"type": "WEB",
"url": "https://nodejs.org/en/blog/vulnerability/december-2017-security-releases"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102118"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039978"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.