ID

VAR-201609-0597

CVE

CVE-2016-2183

TITLE

OpenSSL Information disclosure vulnerability

DESCRIPTION

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. IPSec (full name Internet Protocol Security) is a set of IP security protocols established by the IPSec group of the Internet Engineering Task Force (IETF). Both DES and Triple DES are encryption algorithms. There are information leakage vulnerabilities in the DES and Triple DES encryption algorithms used in the TLS, SSH, and IPSec protocols and other protocols and products. This vulnerability stems from configuration errors in network systems or products during operation. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. (CVE-2016-2183) 3. Solution: For OpenShift Container Platform 4.1 see the following documentation, which will be updated shortly for release 4.1.18, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel ease-notes.html 4. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. (CVE-2017-9788) * It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. JIRA issues fixed (https://issues.jboss.org/): JBCS-329 - Unable to load large CRL openssl problem JBCS-336 - Errata for httpd 2.4.23 SP2 RHEL 7 7. 6) - i386, x86_64 3. Description: IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP41. Security Fix(es): * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3272) 4. Bugs fixed (https://bugzilla.redhat.com/): 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1413554 - CVE-2017-3272 OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344) 1413583 - CVE-2017-3253 OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988) 1413653 - CVE-2017-3261 OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147) 1413717 - CVE-2017-3231 OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934) 1413882 - CVE-2016-5552 OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223) 1413906 - CVE-2017-3252 OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743) 1413911 - CVE-2016-5546 OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714) 1413920 - CVE-2016-5548 OpenJDK: DSA implementation timing attack (Libraries, 8168728) 1413923 - CVE-2016-5549 OpenJDK: ECDSA implementation timing attack (Libraries, 8168724) 1413955 - CVE-2017-3241 OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802) 1414163 - CVE-2017-3259 Oracle JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment) 6. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Web Server security and bug fix update Advisory ID: RHSA-2017:3113-01 Product: Red Hat JBoss Web Server Advisory URL: https://access.redhat.com/errata/RHSA-2017:3113 Issue date: 2017-11-02 CVE Names: CVE-2016-2183 CVE-2017-12615 CVE-2017-12617 CVE-2017-9788 CVE-2017-9798 ===================================================================== 1. Summary: An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server - i386, noarch, x86_64 Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server - noarch, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References. This release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Users of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues. Security Fix(es): * It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788) * A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615) * A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617) * A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798) Red Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno BAPck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and GaA<<tan Leurent (Inria) as the original reporters of CVE-2016-2183. Bug Fix(es): * Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640) * mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709) * CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075) 4. Solution: Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest 1490344 - CVE-2017-9798 httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed) 1493075 - Unable to load large CRL openssl problem 1493220 - CVE-2017-12615 tomcat: Remote Code Execution via JSP Upload 1494283 - CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615 6. Package List: Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server: Source: httpd-2.2.26-57.ep6.el6.src.rpm jbcs-httpd24-openssl-1.0.2h-14.jbcs.el6.src.rpm mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el6.src.rpm tomcat6-6.0.41-19_patch_04.ep6.el6.src.rpm tomcat7-7.0.54-28_patch_05.ep6.el6.src.rpm i386: httpd-2.2.26-57.ep6.el6.i386.rpm httpd-debuginfo-2.2.26-57.ep6.el6.i386.rpm httpd-devel-2.2.26-57.ep6.el6.i386.rpm httpd-manual-2.2.26-57.ep6.el6.i386.rpm httpd-tools-2.2.26-57.ep6.el6.i386.rpm jbcs-httpd24-openssl-1.0.2h-14.jbcs.el6.i686.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el6.i686.rpm jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el6.i686.rpm jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el6.i686.rpm jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el6.i686.rpm jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el6.i686.rpm mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el6.i386.rpm mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el6.i386.rpm mod_ldap-2.2.26-57.ep6.el6.i386.rpm mod_ssl-2.2.26-57.ep6.el6.i386.rpm noarch: tomcat6-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-admin-webapps-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-docs-webapp-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-el-2.1-api-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-javadoc-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-jsp-2.1-api-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-lib-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-log4j-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-maven-devel-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-servlet-2.5-api-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat6-webapps-6.0.41-19_patch_04.ep6.el6.noarch.rpm tomcat7-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-admin-webapps-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-docs-webapp-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-el-2.2-api-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-javadoc-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-jsp-2.2-api-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-lib-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-log4j-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-maven-devel-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-servlet-3.0-api-7.0.54-28_patch_05.ep6.el6.noarch.rpm tomcat7-webapps-7.0.54-28_patch_05.ep6.el6.noarch.rpm x86_64: httpd-2.2.26-57.ep6.el6.x86_64.rpm httpd-debuginfo-2.2.26-57.ep6.el6.x86_64.rpm httpd-devel-2.2.26-57.ep6.el6.x86_64.rpm httpd-manual-2.2.26-57.ep6.el6.x86_64.rpm httpd-tools-2.2.26-57.ep6.el6.x86_64.rpm jbcs-httpd24-openssl-1.0.2h-14.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el6.x86_64.rpm mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el6.x86_64.rpm mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el6.x86_64.rpm mod_ldap-2.2.26-57.ep6.el6.x86_64.rpm mod_ssl-2.2.26-57.ep6.el6.x86_64.rpm Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server: Source: httpd22-2.2.26-58.ep6.el7.src.rpm jbcs-httpd24-openssl-1.0.2h-14.jbcs.el7.src.rpm mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el7.src.rpm tomcat6-6.0.41-19_patch_04.ep6.el7.src.rpm tomcat7-7.0.54-28_patch_05.ep6.el7.src.rpm noarch: tomcat6-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-admin-webapps-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-docs-webapp-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-el-2.1-api-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-javadoc-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-jsp-2.1-api-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-lib-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-log4j-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-maven-devel-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-servlet-2.5-api-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat6-webapps-6.0.41-19_patch_04.ep6.el7.noarch.rpm tomcat7-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-admin-webapps-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-docs-webapp-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-el-2.2-api-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-javadoc-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-jsp-2.2-api-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-lib-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-log4j-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-maven-devel-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-servlet-3.0-api-7.0.54-28_patch_05.ep6.el7.noarch.rpm tomcat7-webapps-7.0.54-28_patch_05.ep6.el7.noarch.rpm x86_64: httpd22-2.2.26-58.ep6.el7.x86_64.rpm httpd22-debuginfo-2.2.26-58.ep6.el7.x86_64.rpm httpd22-devel-2.2.26-58.ep6.el7.x86_64.rpm httpd22-manual-2.2.26-58.ep6.el7.x86_64.rpm httpd22-tools-2.2.26-58.ep6.el7.x86_64.rpm jbcs-httpd24-openssl-1.0.2h-14.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el7.x86_64.rpm mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el7.x86_64.rpm mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el7.x86_64.rpm mod_ldap22-2.2.26-58.ep6.el7.x86_64.rpm mod_ssl22-2.2.26-58.ep6.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-2183 https://access.redhat.com/security/cve/CVE-2017-12615 https://access.redhat.com/security/cve/CVE-2017-12617 https://access.redhat.com/security/cve/CVE-2017-9788 https://access.redhat.com/security/cve/CVE-2017-9798 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/3227901 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZ+28JXlSAg2UNWIIRAuSpAKCFkBoOw+m9aijvXzxKriSHgUoKmACeKRlD egp9FqnDcfyGbgqbKnK0HOk= =5mAC -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016 openssl regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. (CVE-2016-6304) Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2177) CA(c)sar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL did not properly use constant-time operations when performing DSA signing. A remote attacker could possibly use this issue to perform a cache-timing attack and recover private DSA keys. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2179) Shi Lei discovered that OpenSSL incorrectly handled memory in the TS_OBJ_print_bio() function. (CVE-2016-2180) It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay feature. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. This update moves DES from the HIGH cipher list to MEDIUM. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. A remote attacker could use this issue to cause a denial of service. (CVE-2016-6302) Shi Lei discovered that OpenSSL incorrectly handled memory in the MDC2_Update() function. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5 Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21 Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38 After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/document/-/facetsearch/document/KM03158613 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM03158613 Version: 1 MFSBGN03805 - HP Service Manager, Remote Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2018-05-10 Last Updated: 2018-05-10 Potential Security Impact: Remote: Disclosure of Information Source: Micro Focus, Product Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified in Service Manager. This vulnerability may allow an exploit against a long-duration encrypted session known as the Sweet32 attack, and which may be exploited remotely. References: - CVE-2016-2183 - CVE-2016-6329 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - HP Service Manager Software - v9.30, v9.31, v9.32, v9.33, v9.34, v9.35, v9.40, v9.41, v9.50, v9.51 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector RESOLUTION MicroFocus has made the following information available to resolve the vulnerability for the impacted versions of Service Manager: For versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35 please upgrade to SM 9.35.P6: SM9.35 P6 packages, SM 9.35 AIX Server 9.35.6007 p6 <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00916> SM 9.35 HP Itanium Server 9.35.6007 p6 <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00917> SM 9.35 HP Itanium Server for Oracle 12c 9.35.6007 p6 <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00918> SM 9.35 Linux Server 9.35.6007 p6 <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00919> SM 9.35 Solaris Server 9.35.6007 p6 <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00920> SM 9.35 Windows Server 9.35.6007 p6 <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00921> For version 9.40, 9.41 please upgrade to SM 9.41.P6: SM9.41.P6 packages, Service Manager 9.41.6000 p6 - Server for AIX <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00891> Service Manager 9.41.6000 p6 - Server for HP-UX/IA <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00892> Service Manager 9.41.6000 p6 - Server for Linux <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00893> Service Manager 9.41.6000 p6 - Server for Solaris <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00894> Service Manager 9.41.6000 p6 - Server for Windows <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00895> For version 9.50, 9.51 Server and KM components please upgrade to SM 9.52.P2: SM9.52.P2 packages, Service Manager 9.52.2021 p2 - Server for Windows <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00906> Service Manager 9.52.2021 p2 - Server for Linux <http://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/- facetsearch/document/LID/HPSM_00907> For version 9.50, 9.51 SMSP and SMC components please upgrade to SM 9.52: SM9.52 packages, Service Manager 9.52 as a minor.minor full (MMF) release (due to the new SP aggregation SKU for Propel customers) is released on the following sites instead of SSO. <https://h22255.www2.hpe.com/mysoftware/index> HISTORY Version:1 (rev.1) - 10 May 2018 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Micro Focus products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal Micro Focus services support channel. For other issues about the content of this Security Bulletin, send e-mail to cyber-psrt@microfocus.com. Report: To report a potential security vulnerability for any supported product: Web form: https://www.microfocus.com/support-and-services/report-security Email: security@microfocus.com Subscribe: To initiate receiving subscriptions for future Micro Focus Security Bulletin alerts via Email, please subscribe here - https://softwaresupport.hpe.com/group/softwaresupport/email-notification/-/subscriptions/registerdocumentnotification Once you are logged in to the portal, please choose security bulletins under product and document types. Please note that you will need to sign in using a Passport account. If you do not have a Passport account yet, you can create one- its free and easy https://cf.passport.softwaregrp.com/hppcf/createuser.do Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://softwaresupport.hpe.com/security-vulnerability Software Product Category: The Software Product Category is represented in the title by the two characters following Micro Focus Security Bulletin. 3P = 3rd Party Software GN = Micro Focus General Software MU = Multi-Platform Software System management and security procedures must be reviewed frequently to maintain system integrity. Micro Focus is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends that all users determine the applicability of this information to their individual situations and take appropriate action. Micro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, Micro Focus will not be responsible for any damages resulting from user's use or disregard of the information provided in this Security Bulletin. To the extent permitted by law, Micro Focus disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2017 EntIT Software LLC Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither Micro Focus nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Micro Focus and the names of Micro Focus products referenced herein are trademarks of Micro Focus in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-65 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 25, 2017 Bugs: #606118 ID: 201701-65 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, the worst of which may allow execution of arbitrary code Background ========== Java Platform, Standard Edition (Java SE) lets you develop and deploy Java applications on desktops and servers, as well as in today's demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today's applications require. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/oracle-jre-bin < 1.8.0.121 >= 1.8.0.121 2 dev-java/oracle-jdk-bin < 1.8.0.121 >= 1.8.0.121 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple vulnerabilities have been discovered in in Oracle's JRE and JDK. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JRE users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.8.0.121" All Oracle JDK users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.8.0.121" References ========== [ 1 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 2 ] CVE-2016-5546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5546 [ 3 ] CVE-2016-5547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5547 [ 4 ] CVE-2016-5548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5548 [ 5 ] CVE-2016-5549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5549 [ 6 ] CVE-2016-5552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5552 [ 7 ] CVE-2016-8328 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8328 [ 8 ] CVE-2017-3231 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3231 [ 9 ] CVE-2017-3241 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3241 [ 10 ] CVE-2017-3252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3252 [ 11 ] CVE-2017-3253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3253 [ 12 ] CVE-2017-3259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3259 [ 13 ] CVE-2017-3260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3260 [ 14 ] CVE-2017-3261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3261 [ 15 ] CVE-2017-3262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3262 [ 16 ] CVE-2017-3272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3272 [ 17 ] CVE-2017-3289 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3289 [ 18 ] Oracle Critical Patch Update Advisory - January 2017 http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.ht= ml#AppendixJAVA Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201701-65 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --WTU590MbkrsqL77kX5fo3Ril9tU2ORoki-- . This update moves those algorithms to the legacy algorithm set and causes them to be used only if no non-legacy algorithms can be negotiated. (CVE-2016-2183) It was discovered that OpenJDK accepted ECSDA signatures using non-canonical DER encoding. (CVE-2016-5546) It was discovered that covert timing channel vulnerabilities existed in the DSA implementations in OpenJDK. (CVE-2016-5548) It was discovered that the URLStreamHandler class in OpenJDK did not properly parse user information from a URL. (CVE-2016-5552) It was discovered that the URLClassLoader class in OpenJDK did not properly check access control context when downloading class files. (CVE-2017-3231) It was discovered that the Remote Method Invocation (RMI) implementation in OpenJDK performed deserialization of untrusted inputs. (CVE-2017-3241) It was discovered that the Java Authentication and Authorization Service (JAAS) component of OpenJDK did not properly perform user search LDAP queries. An attacker could use a specially constructed LDAP entry to expose or modify sensitive information. (CVE-2017-3252) It was discovered that the PNGImageReader class in OpenJDK did not properly handle iTXt and zTXt chunks. (CVE-2017-3253) It was discovered that integer overflows existed in the SocketInputStream and SocketOutputStream classes of OpenJDK. (CVE-2017-3261) It was discovered that the atomic field updaters in the java.util.concurrent.atomic package in OpenJDK did not properly restrict access to protected field members. An attacker could use this to specially craft a Java application or applet that could bypass Java sandbox restrictions. The References section of this erratum contains a download link (you must log in to download the update)

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

information disclosure

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat,Karthik Bhargavan and Gaetan Leurent from Inria.,The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

SOURCES

LAST UPDATE DATE

2026-02-05T13:11:44.502000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE