VARIoT IoT vulnerabilities database
| VAR-201410-1151 | CVE-2014-3568 | OpenSSL Vulnerable to access restrictions |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c. OpenSSL is prone to a security-bypass vulnerability.
Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions. OpenSSL Security Advisory [15 Oct 2014]
=======================================
SRTP Memory Leak (CVE-2014-3513)
================================
Severity: High
A flaw in the DTLS SRTP extension parsing code allows an attacker, who
sends a carefully crafted handshake message, to cause OpenSSL to fail
to free up to 64k of memory causing a memory leak. This issue affects OpenSSL
1.0.1 server implementations for both SSL/TLS and DTLS regardless of
whether SRTP is used or configured. Implementations of OpenSSL that
have been compiled with OPENSSL_NO_SRTP defined are not affected.
OpenSSL 1.0.1 users should upgrade to 1.0.1j.
This issue was reported to OpenSSL on 26th September 2014, based on an original
issue and patch developed by the LibreSSL project.
The fix was developed by the OpenSSL team.
Session Ticket Memory Leak (CVE-2014-3567)
==========================================
Severity: Medium
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
integrity of that ticket is first verified. In the event of a session
ticket integrity check failing, OpenSSL will fail to free memory
causing a memory leak. By sending a large number of invalid session
tickets an attacker could exploit this issue in a Denial Of Service
attack.
OpenSSL 1.0.1 users should upgrade to 1.0.1j.
OpenSSL 1.0.0 users should upgrade to 1.0.0o.
OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
This issue was reported to OpenSSL on 8th October 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL 3.0 Fallback protection
===========================
Severity: Medium
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
to block the ability for a MITM attacker to force a protocol
downgrade.
Some client applications (such as browsers) will reconnect using a
downgraded protocol to work around interoperability bugs in older
servers. This could be exploited by an active man-in-the-middle to
downgrade connections to SSL 3.0 even if both sides of the connection
support higher protocols. SSL 3.0 contains a number of weaknesses
including POODLE (CVE-2014-3566).
OpenSSL 1.0.1 users should upgrade to 1.0.1j.
OpenSSL 1.0.0 users should upgrade to 1.0.0o.
OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
https://www.openssl.org/~bodo/ssl-poodle.pdf
Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.
OpenSSL 1.0.1 users should upgrade to 1.0.1j.
OpenSSL 1.0.0 users should upgrade to 1.0.0o.
OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.
The fix was developed by Akamai and the OpenSSL team.
References
==========
URL for this Security Advisory:
https://www.openssl.org/news/secadv_20141015.txt
Note: the online version of the advisory may be updated with additional
details over time.
For details of OpenSSL severity classifications please see:
https://www.openssl.org/about/secpolicy.html
.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded.
(* Security fix *)
patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded.
For more information, see:
https://www.openssl.org/news/secadv_20141015.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated packages for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz
Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 13.0 packages:
44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz
8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages:
671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz
21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz
Slackware 13.1 packages:
64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz
5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages:
94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz
2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz
Slackware 13.37 packages:
4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz
fedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages:
5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz
6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz
Slackware 14.0 packages:
2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz
f7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages:
41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz
40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz
Slackware 14.1 packages:
024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz
0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages:
d07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz
1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz
Slackware -current packages:
53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz
cc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz
Slackware x86_64 -current packages:
500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz
c483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001
OS X 10.10.2 and Security Update 2015-001 are now available and
address the following:
AFP Server
Available for: OS X Mavericks v10.9.5
Impact: A remote attacker may be able to determine all the network
addresses of the system
Description: The AFP file server supported a command which returned
all the network addresses of the system. This issue was addressed by
removing the addresses from the result.
CVE-ID
CVE-2014-4426 : Craig Young of Tripwire VERT
bash
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: Multiple vulnerabilities in bash, including one that may
allow local attackers to execute arbitrary code
Description: Multiple vulnerabilities existed in bash. These issues
were addressed by updating bash to patch level 57.
CVE-ID
CVE-2014-6277
CVE-2014-7186
CVE-2014-7187
Bluetooth
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: An integer signedness error existed in
IOBluetoothFamily which allowed manipulation of kernel memory. This
issue was addressed through improved bounds checking. This issue does
not affect OS X Yosemite systems.
CVE-ID
CVE-2014-4497
Bluetooth
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: An error existed in the Bluetooth driver that allowed a
malicious application to control the size of a write to kernel
memory. The issue was addressed through additional input validation.
CVE-ID
CVE-2014-8836 : Ian Beer of Google Project Zero
Bluetooth
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: Multiple security issues existed in the Bluetooth
driver, allowing a malicious application to execute arbitrary code
with system privilege. The issues were addressed through additional
input validation.
CVE-ID
CVE-2014-8837 : Roberto Paleari and Aristide Fattori of Emaze
Networks
CFNetwork Cache
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: Website cache may not be fully cleared after leaving private
browsing
Description: A privacy issue existed where browsing data could
remain in the cache after leaving private browsing. This issue was
addressed through a change in caching behavior.
CVE-ID
CVE-2014-4460
CoreGraphics
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: An integer overflow existed in the handling of PDF
files. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-4481 : Felipe Andres Manzano of the Binamuse VRT, via the
iSIGHT Partners GVP Program
CPU Software
Available for: OS X Yosemite v10.10 and v10.10.1,
for: MacBook Pro Retina, MacBook Air (Mid 2013 and later),
iMac (Late 2013 and later), Mac Pro (Late 2013)
Impact: A malicious Thunderbolt device may be able to affect
firmware flashing
Description: Thunderbolt devices could modify the host firmware if
connected during an EFI update. This issue was addressed by not
loading option ROMs during updates.
CVE-ID
CVE-2014-4498 : Trammell Hudson of Two Sigma Investments
CommerceKit Framework
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: An attacker with access to a system may be able to recover
Apple ID credentials
Description: An issue existed in the handling of App Store logs. The
App Store process could log Apple ID credentials in the log when
additional logging was enabled. This issue was addressed by
disallowing logging of credentials.
CVE-ID
CVE-2014-4499 : Sten Petersen
CoreGraphics
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: Some third-party applications with non-secure text entry and
mouse events may log those events
Description: Due to the combination of an uninitialized variable and
an application's custom allocator, non-secure text entry and mouse
events may have been logged. This issue was addressed by ensuring
that logging is off by default. This issue did not affect systems
prior to OS X Yosemite.
CVE-ID
CVE-2014-1595 : Steven Michaud of Mozilla working with Kent Howard
CoreGraphics
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
PDF files. The issue was addressed through improved bounds checking.
This issue does not affect OS X Yosemite systems.
CVE-ID
CVE-2014-8816 : Mike Myers, of Digital Operatives LLC
CoreSymbolication
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: Multiple type confusion issues existed in
coresymbolicationd's handling of XPC messages. These issues were
addressed through improved type checking.
CVE-ID
CVE-2014-8817 : Ian Beer of Google Project Zero
FontParser
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Processing a maliciously crafted .dfont file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
.dfont files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2014-4484 : Gaurav Baruah working with HP's Zero Day Initiative
FontParser
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of font
files. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-4483 : Apple
Foundation
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Viewing a maliciously crafted XML file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the XML parser. This issue
was addressed through improved bounds checking.
CVE-ID
CVE-2014-4485 : Apple
Intel Graphics Driver
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Multiple vulnerabilities in Intel graphics driver
Description: Multiple vulnerabilities existed in the Intel graphics
driver, the most serious of which may have led to arbitrary code
execution with system privileges. This update addresses the issues
through additional bounds checks.
CVE-ID
CVE-2014-8819 : Ian Beer of Google Project Zero
CVE-2014-8820 : Ian Beer of Google Project Zero
CVE-2014-8821 : Ian Beer of Google Project Zero
IOAcceleratorFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A null pointer dereference existed in
IOAcceleratorFamily's handling of certain IOService userclient types.
This issue was addressed through improved validation of
IOAcceleratorFamily contexts.
CVE-ID
CVE-2014-4486 : Ian Beer of Google Project Zero
IOHIDFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A buffer overflow existed in IOHIDFamily. This issue
was addressed with improved bounds checking.
CVE-ID
CVE-2014-4487 : TaiG Jailbreak Team
IOHIDFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A validation issue existed in IOHIDFamily's handling of
resource queue metadata. This issue was addressed through improved
validation of metadata.
CVE-ID
CVE-2014-4488 : Apple
IOHIDFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A null pointer dereference existed in IOHIDFamily's
handling of event queues. This issue was addressed through improved
validation of IOHIDFamily event queue initialization.
CVE-ID
CVE-2014-4489 : @beist
IOHIDFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Executing a malicious application may result in arbitrary
code execution within the kernel
Description: A bounds checking issue existed in a user client vended
by the IOHIDFamily driver which allowed a malicious application to
overwrite arbitrary portions of the kernel address space. The issue
is addressed by removing the vulnerable user client method.
CVE-ID
CVE-2014-8822 : Vitaliy Toropov working with HP's Zero Day Initiative
IOKit
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: An integer overflow existed in the handling of IOKit
functions. This issue was addressed through improved validation of
IOKit API arguments.
CVE-ID
CVE-2014-4389 : Ian Beer of Google Project Zero
IOUSBFamily
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: A privileged application may be able to read arbitrary data
from kernel memory
Description: A memory access issue existed in the handling of IOUSB
controller user client functions. This issue was addressed through
improved argument validation.
CVE-ID
CVE-2014-8823 : Ian Beer of Google Project Zero
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: Specifying a custom cache mode allowed writing to
kernel read-only shared memory segments. This issue was addressed by
not granting write permissions as a side-effect of some custom cache
modes.
CVE-ID
CVE-2014-4495 : Ian Beer of Google Project Zero
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A validation issue existed in the handling of certain
metadata fields of IODataQueue objects. This issue was addressed
through improved validation of metadata.
CVE-ID
CVE-2014-8824 : @PanguTeam
Kernel
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: A local attacker can spoof directory service responses to
the kernel, elevate privileges, or gain kernel execution
Description: Issues existed in identitysvc validation of the
directory service resolving process, flag handling, and error
handling. This issue was addressed through improved validation.
CVE-ID
CVE-2014-8825 : Alex Radocea of CrowdStrike
Kernel
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: A local user may be able to determine kernel memory layout
Description: Multiple uninitialized memory issues existed in the
network statistics interface, which led to the disclosure of kernel
memory content. This issue was addressed through additional memory
initialization.
CVE-ID
CVE-2014-4371 : Fermin J. Serna of the Google Security Team
CVE-2014-4419 : Fermin J. Serna of the Google Security Team
CVE-2014-4420 : Fermin J. Serna of the Google Security Team
CVE-2014-4421 : Fermin J. Serna of the Google Security Team
Kernel
Available for: OS X Mavericks v10.9.5
Impact: A person with a privileged network position may cause a
denial of service
Description: A race condition issue existed in the handling of IPv6
packets. This issue was addressed through improved lock state
checking.
CVE-ID
CVE-2011-2391
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Maliciously crafted or compromised applications may be able
to determine addresses in the kernel
Description: An information disclosure issue existed in the handling
of APIs related to kernel extensions. Responses containing an
OSBundleMachOHeaders key may have included kernel addresses, which
may aid in bypassing address space layout randomization protection.
This issue was addressed by unsliding the addresses before returning
them.
CVE-ID
CVE-2014-4491 : @PanguTeam, Stefan Esser
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A validation issue existed in the handling of certain
metadata fields of IOSharedDataQueue objects. This issue was
addressed through relocation of the metadata.
CVE-ID
CVE-2014-4461 : @PanguTeam
LaunchServices
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious JAR file may bypass Gatekeeper checks
Description: An issue existed in the handling of application
launches which allowed certain malicious JAR files to bypass
Gatekeeper checks. This issue was addressed through improved handling
of file type metadata.
CVE-ID
CVE-2014-8826 : Hernan Ochoa of Amplia Security
libnetcore
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious, sandboxed app can compromise the networkd
daemon
Description: Multiple type confusion issues existed in networkd's
handling of interprocess communication. By sending networkd a
maliciously formatted message, it may have been possible to execute
arbitrary code as the networkd process. The issue is addressed
through additional type checking.
CVE-ID
CVE-2014-4492 : Ian Beer of Google Project Zero
LoginWindow
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A Mac may not lock immediately upon wake
Description: An issue existed in the rendering of the lock screen.
This issue was address through improved screen rendering while
locked.
CVE-ID
CVE-2014-8827 : Xavier Bertels of Mono, and multiple OS X seed
testers
lukemftp
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Using the command line ftp tool to fetch files from a
malicious http server may lead to arbitrary code execution
Description: A command injection issue existed in the handling of
HTTP redirects. This issue was addressed through improved validation
of special characters.
CVE-ID
CVE-2014-8517
OpenSSL
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Multiple vulnerabilities in OpenSSL 0.9.8za, including one
that may allow an attacker to downgrade connections to use weaker
cipher-suites in applications using the library
Description: Multiple vulnerabilities existed in OpenSSL 0.9.8za.
These issues were addressed by updating OpenSSL to version 0.9.8zc.
CVE-ID
CVE-2014-3566
CVE-2014-3567
CVE-2014-3568
Sandbox
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A design issue existed in the caching of sandbox
profiles which allowed sandboxed applications to gain write access to
the cache. This issue was addressed by restricting write access to
paths containing a "com.apple.sandbox" segment. This issue does
not affect OS X Yosemite v10.10 or later.
CVE-ID
CVE-2014-8828 : Apple
SceneKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A malicious application could execute arbitrary code leading
to compromise of user information
Description: Multiple out of bounds write issues existed in
SceneKit. These issues were addressed through improved bounds
checking.
CVE-ID
CVE-2014-8829 : Jose Duart of the Google Security Team
SceneKit
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Viewing a maliciously crafted Collada file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in SceneKit's handling
of Collada files. Viewing a maliciously crafted Collada file may have
led to an unexpected application termination or arbitrary code
execution. This issue was addressed through improved validation of
accessor elements.
CVE-ID
CVE-2014-8830 : Jose Duart of Google Security Team
Security
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A downloaded application signed with a revoked Developer ID
certificate may pass Gatekeeper checks
Description: An issue existed with how cached application
certificate information was evaluated. This issue was addressed with
cache logic improvements.
CVE-ID
CVE-2014-8838 : Apple
security_taskgate
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: An app may access keychain items belonging to other apps
Description: An access control issue existed in the Keychain.
Applications signed with self-signed or Developer ID certificates
could access keychain items whose access control lists were based on
keychain groups. This issue was addressed by validating the signing
identity when granting access to keychain groups.
CVE-ID
CVE-2014-8831 : Apple
Spotlight
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: The sender of an email could determine the IP address of the
recipient
Description: Spotlight did not check the status of Mail's "Load
remote content in messages" setting. This issue was addressed by
improving configuration checking.
CVE-ID
CVE-2014-8839 : John Whitehead of The New York Times, Frode Moe of
LastFriday.no
Spotlight
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: Spotlight may save unexpected information to an external
hard drive
Description: An issue existed in Spotlight where memory contents may
have been written to external hard drives when indexing. This issue
was addressed with better memory management.
CVE-ID
CVE-2014-8832 : F-Secure
SpotlightIndex
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: Spotlight may display results for files not belonging to the
user
Description: A deserialization issue existed in Spotlight's handling
of permission caches. A user performing a Spotlight query may have
been shown search results referencing files for which they don't have
sufficient privileges to read. This issue was addressed with improved
bounds checking.
CVE-ID
CVE-2014-8833 : David J Peacock, Independent Technology Consultant
sysmond
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary
code with root privileges
Description: A type confusion vulnerability existed in sysmond that
allowed a local application to escalate privileges. The issue was
addressed with improved type checking.
CVE-ID
CVE-2014-8835 : Ian Beer of Google Project Zero
UserAccountUpdater
Available for: OS X Yosemite v10.10 and v10.10.1
Impact: Printing-related preference files may contain sensitive
information about PDF documents
Description: OS X Yosemite v10.10 addressed an issue in the handling
of password-protected PDF files created from the Print dialog where
passwords may have been included in printing preference files. This
update removes such extraneous information that may have been present
in printing preference files.
CVE-ID
CVE-2014-8834 : Apple
Note: OS X Yosemite 10.10.2 includes the security content of Safari
8.0.3. For further details see https://support.apple.com/kb/HT204243
OS X Yosemite 10.10.2 and Security Update 2015-001 may be obtained
from the Mac App Store or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
iQIcBAEBAgAGBQJUx8ufAAoJEBcWfLTuOo7tWecQAIFvaOlK0Ar2vbUaH0TIpO9F
N9SbkWmdNHDNUvc3LJOaeVfAFlXPbgHYqXGIC0kZiRL5Kyhy/K2hH29iNoIDqfET
D1jPWOaAFhzvohViYl12ne/A7bBs5v+3G6gqmGCDCqGyn5VFdUMmS0/ZJSCUkPQG
LqTvj5D4ulYl8I5uA9Ur9jD2j/TkSCOWiSTO5diMlt1WcKb1fn5pl9b0YNweI8UX
FcZPrIlVNeaSywuitdxZEcWOhsJYbS6Xw13crS/HNJGEO+5N7keCnCJiN9HW4Pt6
8iNAgkSWX6S8nP6mq3tiKJmvh6Qj88tvSLgotc79+C8djvkwkxr3611sSLRUStI/
qmwDeJS+rvNgFiLbcJjDDH1EC3qBqMb5mIsMtnXKDDMS8mNeJHaQFngK2YacFLuW
gzAMZIcEhLpWq46rYHBsPsB1iG1shyxxz1zL+JKNAi1aTtfFrP3aItQBUG5T345V
0oJol8oxzen9KLNYJMvE9CTJlrRr204DoQkmhY2dUP2W1EQoEGw2qzy/zBIq0yFA
0FNVcSXE+T4yCyHRGakK/sccw6lyCP0xS/lgaPlkyHsFT3oalu9yyqNtDCJl/Cns
sAa5dw0tlb8/zWQ3fsJna2yrw5xSboA5KWegtrjtjodrz8O1MjRrTPgx8AnLjKzq
nggZl3Sa+QhfaHSUqSJI
=uAqk
-----END PGP SIGNATURE-----
.
HP has made the following patch kit available to resolve the vulnerabilities.
The HP SSL Version 1.4-495 for OpenVMS is available from the following
locations:
OpenVMS HP SSL website:
http://h71000.www7.hp.com/openvms/products/ssl/ssl.html
The HP SSL Version 1.4-495 for OpenVMS kits for both Integrity and Alpha
platforms have been uploaded to HP Support Center website. Customers can
access the kits from Patch Management page. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2015-0001
Synopsis: VMware vCenter Server, ESXi, Workstation, Player, and Fusion
updates address security issues
Issue date: 2015-01-27
Updated on: 2015-01-27 (Initial Advisory)
CVE number: CVE-2014-8370, CVE-2015-1043, CVE-2015-1044
--- OPENSSL---
CVE-2014-3513, CVE-2014-3567,CVE-2014-3566, CVE-2014-3568
--- libxml2 ---
CVE-2014-3660
- ------------------------------------------------------------------------
1. Summary
VMware vCenter Server, ESXi, Workstation, Player and Fusion address
several security issues.
2. Relevant Releases
VMware Workstation 10.x prior to version 10.0.5
VMware Player 6.x prior to version 6.0.5
VMware Fusion 7.x prior to version 7.0.1
VMware Fusion 6.x prior to version 6.0.5
vCenter Server 5.5 prior to Update 2d
ESXi 5.5 without patch ESXi550-201403102-SG, ESXi550-201501101-SG
ESXi 5.1 without patch ESXi510-201404101-SG
ESXi 5.0 without patch ESXi500-201405101-SG
3. Problem Description
a. VMware ESXi, Workstation, Player, and Fusion host privilege
escalation vulnerability
VMware ESXi, Workstation, Player and Fusion contain an arbitrary
file write issue. Exploitation this issue may allow for privilege
escalation on the host.
The vulnerability does not allow for privilege escalation from
the guest Operating System to the host or vice-versa. This means
that host memory can not be manipulated from the Guest Operating
System.
Mitigation
For ESXi to be affected, permissions must have been added to ESXi
(or a vCenter Server managing it) for a virtual machine
administrator role or greater.
VMware would like to thank Shanon Olsson for reporting this issue to
us through JPCERT.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the identifier CVE-2014-8370 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
Workstation 11.x any not affected
Workstation 10.x any 10.0.5
Player 7.x any not affected
Player 6.x any 6.0.5
Fusion 7.x any not affected
Fusion 6.x any 6.0.5
ESXi 5.5 ESXi ESXi550-201403102-SG
ESXi 5.1 ESXi ESXi510-201404101-SG
ESXi 5.0 ESXi ESXi500-201405101-SG
b. VMware Workstation, Player, and Fusion Denial of Service
vulnerability
VMware Workstation, Player, and Fusion contain an input validation
issue in the Host Guest File System (HGFS). This issue may allow
for a Denial of Service of the Guest Operating system.
VMware would like to thank Peter Kamensky from Digital Security for
reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the identifier CVE-2015-1043 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
Workstation 11.x any not affected
Workstation 10.x any 10.0.5
Player 7.x any not affected
Player 6.x any 6.0.5
Fusion 7.x any 7.0.1
Fusion 6.x any 6.0.5
c. VMware ESXi, Workstation, and Player Denial of Service
vulnerability
VMware ESXi, Workstation, and Player contain an input
validation issue in VMware Authorization process (vmware-authd).
This issue may allow for a Denial of Service of the host. On
VMware ESXi and on Workstation running on Linux the Denial of
Service would be partial.
VMware would like to thank Dmitry Yudin @ret5et for reporting
this issue to us through HP's Zero Day Initiative.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the identifier CVE-2015-1044 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
Workstation 11.x any not affected
Workstation 10.x any 10.0.5
Player 7.x any not affected
Player 6.x any 6.0.5
Fusion 7.x any not affected
Fusion 6.x any not affected
ESXi 5.5 ESXi ESXi550-201501101-SG
ESXi 5.1 ESXi ESXi510-201410101-SG
ESXi 5.0 ESXi not affected
d.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-3513, CVE-2014-3567,
CVE-2014-3566 ("POODLE") and CVE-2014-3568 to these issues.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCenter Server 5.5 any Update 2d*
vCenter Server 5.1 any patch pending
vCenter Server 5.0 any patch pending
ESXi 5.5 ESXi ESXi550-201501101-SG
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending
* The VMware vCenter 5.5 SSO component will be
updated in a later release
e. Update to ESXi libxml2 package
The libxml2 library is updated to version libxml2-2.7.6-17
to resolve a security issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2014-3660 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
ESXi 5.5 ESXi ESXi550-201501101-SG
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending
4. Solution
Please review the patch/release notes for your product and
version and verify the checksum of your downloaded file.
VMware Workstation 10.x
--------------------------------
https://www.vmware.com/go/downloadworkstation
VMware Player 6.x
--------------------------------
https://www.vmware.com/go/downloadplayer
VMware Fusion 7.x and 6.x
--------------------------------
https://www.vmware.com/go/downloadplayer
vCenter Server
----------------------------
Downloads and Documentation:
https://www.vmware.com/go/download-vsphere
ESXi 5.5 Update 2d
----------------------------
File: update-from-esxi5.5-5.5_update01.zip
md5sum: 5773844efc7d8e43135de46801d6ea25
sha1sum: 6518355d260e81b562c66c5016781db9f077161f
http://kb.vmware.com/kb/2065832
update-from-esxi5.5-5.5_update01 contains ESXi550-201403102-SG
ESXi 5.5
----------------------------
File: ESXi550-201501001.zip
md5sum: b0f2edd9ad17d0bae5a11782aaef9304
sha1sum: 9cfcb1e2cf1bb845f0c96c5472d6b3a66f025dd1
http://kb.vmware.com/kb/2099265
ESXi550-201501001.zip contains ESXi550-201501101-SG
ESXi 5.1
----------------------------
File: ESXi510-201404001.zip
md5sum: 9dc3c9538de4451244a2b62d247e52c4
sha1sum: 6b1ea36a2711665a670afc9ae37cdd616bb6da66
http://kb.vmware.com/kb/2070666
ESXi510-201404001 contains ESXi510-201404101-SG
ESXi 5.0
----------------------------
File: ESXi500-201405001.zip
md5sum: 7cd1afc97f5f1e4b4132c90835f92e1d
sha1sum: 4bd77eeb5d7fc65bbb6f25762b0fa74fbb9679d5
http://kb.vmware.com/kb/2075521
ESXi500-201405001 contains ESXi500-201405101-SG
5. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660
- ------------------------------------------------------------------------
6. Change log
2015-01-27 VMSA-2015-0001
Initial security advisory in conjunction with the release of VMware
Workstation 10.0.5, VMware Player 6.0.5, vCenter Server 5.5 Update 2d
and, ESXi 5.5 Patches released on 2015-01-27.
- ------------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories
http://www.vmware.com/security/advisories
Consolidated list of VMware Security Advisories
http://kb.vmware.com/kb/2078735
VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
Twitter
https://twitter.com/VMwareSRC
Copyright 2015 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: Encryption Desktop 10.3.0 (Build 8741)
Charset: utf-8
wj8DBQFUx/+UDEcm8Vbi9kMRAmzrAKDG7u8ZTSlfQzU3eFphjebNgDkW2ACfZ9JE
c75UD0ctlJx5607JuLfnb6Y=
=IxpT
-----END PGP SIGNATURE-----
.
References:
CVE-2014-3566 Man-in-th-Middle (MitM) attack
CVE-2014-3567 Remote Unauthorized Access
CVE-2014-3568 Remote Denial of Service (DoS)
SSRT101767
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The
updates are available from the following ftp site.
ftp://ssl098zc:Secure12@ftp.usa.hp.com
User name: ssl098zc Password: (NOTE: Case sensitive) Secure12
HP-UX Release
HP-UX OpenSSL version
B.11.11 (11i v1)
A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2)
A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3)
A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08zc or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
CVE-ID
CVE-2015-0248
CVE-2015-0251
Xcode 7.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "7.0".
The HP Matrix Operating Environment v7.2.3 Update kit applicable to HP Matrix
Operating Environment v7.2.x installations is available at the following
location:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber
=HPID
NOTE: Please read the readme.txt file before proceeding with the
installation.
Release Date: 2015-04-01
Last Updated: 2015-04-01
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP System
Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version
Control Agent (VCA) which are components of HP Insight Control server
deployment. These vulnerabilities are related to the SSLv3 vulnerability
known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE". The
components of HP Insight Control server deployment could be exploited
remotely to allow disclosure of information.
HP Insight Control server deployment includes HP System Management Homepage
(SMH), HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and
deploys them through the following jobs. This bulletin provides the
information needed to update the vulnerable components in HP Insight Control
server deployment.
Install HP Management Agents for Windows x86/x64
Install HP Management Agents for RHEL 5 x64
Install HP Management Agents for RHEL 6 x64
Install HP Management Agents for SLES 10 x64
Install HP Management Agents for SLES 11 x64
Upgrade Proliant Firmware
References:
CVE-2014-3508
CVE-2014-3509
CVE-2014-3511
CVE-2014-3513
CVE-2014-3566
CVE-2014-3567
CVE-2014-3568
CVE-2014-5139
SSRT102004
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2014-3509 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2014-3511 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1
CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1
CVE-2014-3568 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2014-5139 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following instructions to resolve this vulnerability.
Note: For HP Insight deployment Control server v7.1.2, v7.2.0, v7.2.1 and
v7.2.2, you must upgrade to v7.3.1 and follow the steps from 1 to 11
mentioned below to resolve the vulnerability.
Delete the files smh*.exe from Component Copy Location listed in the
following table, rows 1 and 2.
Delete the files vca*.exe/vcaamd64-*.exe from Component Copy Location listed
in the following table, rows 3 and 4.
Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5.
In sequence, perform the steps from left to right in the following table.
First, download components from Download Link; Second, rename the component
as suggested in Rename to. Third, copy the component to the location
specified in Component Copy Location.
Table Row Number
Download Link
Rename to
Component Copy Location
1
http://www.hp.com/swpublishing/MTX-bd2042a1c7574aad90c4839efe
smhamd64-cp023964.exe
\\express\hpfeatures\hpagents-ws\components\Win2008
2
http://www.hp.com/swpublishing/MTX-062078f1ae354b7e99c86c151c
smhx86-cp023963.exe
\\express\hpfeatures\hpagents-ws\components\Win2008
3
http://www.hp.com/swpublishing/MTX-7b23e47d5d9b420b94bd1323eb
vcax86 cp025295.exe
\\express\hpfeatures\hpagents-ws\components\Win2008
4
http://www.hp.com/swpublishing/MTX-2557aa7dc1654cf6b547c1a9e4
vcaamd64-cp025296.exe
\\express\hpfeatures\hpagents-ws\components\Win2008
5
http://www.hp.com/swpublishing/MTX-5827037475e44abab586463723
Do not rename the downloaded component for this step.
\\express\hpfeatures\hpagents-sles11-x64\components
\\express\hpfeatures\hpagents-sles10-x64\components
\\express\hpfeatures\hpagents-rhel5-x64\components
\\express\hpfeatures\hpagents-rhel6-x64\components
6
http://www.hp.com/swpublishing/MTX-57ab6bb78b6e47a18718f44133
Do not rename the downloaded component for this step.
\\express\hpfeatures\hpagents-sles11-x64\components
\\express\hpfeatures\hpagents-sles10-x64\components
\\express\hpfeatures\hpagents-rhel5-x64\components
\\express\hpfeatures\hpagents-rhel6-x64\components
7
http://www.hp.com/swpublishing/MTX-34bcab41ac7e4db299e3f5f2f1
smhx86-cp025274.exe
\\express\hpfeatures\hpagents-ws\components\Win2003
8
http://www.hp.com/swpublishing/MTX-00eb9ac82e86449e8c3ba101bd
smhamd64-cp025275.exe
\\express\hpfeatures\hpagents-ws\components\Win2003
Download and extract the HP SUM component from
ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p991570621/v99346
Copy all content from extracted folder and paste at
\\eXpress\hpfeatures\fw-proLiant\components
Initiate Install HP Management Agents for SLES 11 x64 on the target running
SLES11 x64.
Initiate Install HP Management Agents for SLES 10 x64 on the target running
SLES10 x64.
Initiate Install HP Management Agents for RHEL 6 x64 on the target running
RHEL 6 x64.
Initiate Install HP Management Agents for RHEL 5 x64 on the target running
RHEL 5 x64.
Initiate Install HP Management Agents for Windows x86/x64 job on the target
running Windows.
HISTORY
Version:1 (rev.1) - 1 April 2015 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners
| VAR-201410-0371 | CVE-2014-3513 | OpenSSL DTLS SRTP Extended memory leak vulnerability |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. OpenSSL is prone to an information disclosure vulnerability.
An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks and to crash the affected application.
OpenSSL 1.0.1 versions prior to 1.0.1j are affected. This could be
exploited in a Denial Of Service attack.
This issue was reported to OpenSSL on 26th September 2014, based on an original
issue and patch developed by the LibreSSL project. Further analysis of the issue
was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
This issue was reported to OpenSSL on 8th October 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
https://www.openssl.org/~bodo/ssl-poodle.pdf
Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.
This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.
The fix was developed by Akamai and the OpenSSL team.
References
==========
URL for this Security Advisory:
https://www.openssl.org/news/secadv_20141015.txt
Note: the online version of the advisory may be updated with additional
details over time.
For details of OpenSSL severity classifications please see:
https://www.openssl.org/about/secpolicy.html
. The HP Matrix
Operating Environment v7.2.3 Update kit applicable to HP Matrix Operating
Environment 7.2.x installations is available at the following location:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber
=HPID
NOTE: Please read the readme.txt file before proceeding with the
installation.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded.
(* Security fix *)
patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded.
For more information, see:
https://www.openssl.org/news/secadv_20141015.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated packages for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz
Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 13.0 packages:
44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz
8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages:
671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz
21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz
Slackware 13.1 packages:
64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz
5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages:
94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz
2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz
Slackware 13.37 packages:
4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz
fedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages:
5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz
6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz
Slackware 14.0 packages:
2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz
f7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages:
41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz
40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz
Slackware 14.1 packages:
024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz
0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages:
d07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz
1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz
Slackware -current packages:
53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz
cc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz
Slackware x86_64 -current packages:
500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz
c483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address.
Corrected: 2014-10-15 19:59:43 UTC (stable/10, 10.1-PRERELEASE)
2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC3)
2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC2-p1)
2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC1-p1)
2014-10-21 19:00:32 UTC (releng/10.1, 10.1-BETA3-p1)
2014-10-21 20:21:10 UTC (releng/10.0, 10.0-RELEASE-p10)
2014-10-15 20:28:31 UTC (stable/9, 9.3-STABLE)
2014-10-21 20:21:10 UTC (releng/9.3, 9.3-RELEASE-p3)
2014-10-21 20:21:10 UTC (releng/9.2, 9.2-RELEASE-p13)
2014-10-21 20:21:10 UTC (releng/9.1, 9.1-RELEASE-p20)
2014-10-15 20:28:31 UTC (stable/8, 8.4-STABLE)
2014-10-21 20:21:27 UTC (releng/8.4, 8.4-RELEASE-p17)
CVE Name: CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>. Background
FreeBSD includes software from the OpenSSL Project.
II. [CVE-2014-3513]. [CVE-2014-3567]. This
protocol weakness makes it possible for an attacker to obtain clear text
data through a padding-oracle attack.
Some client applications (such as browsers) will reconnect using a
downgraded protocol to work around interoperability bugs in older
servers. This could be exploited by an active man-in-the-middle to
downgrade connections to SSL 3.0 even if both sides of the connection
support higher protocols. SSL 3.0 contains a number of weaknesses
including POODLE [CVE-2014-3566].
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
to block the ability for a MITM attacker to force a protocol downgrade.
When OpenSSL is configured with "no-ssl3" as a build option, servers
could accept and complete a SSL 3.0 handshake, and clients could be
configured to send them. [CVE-2014-3568].
III.
[CVE-2014-3567].
An active man-in-the-middle attacker can force a protocol downgrade
to SSLv3 and exploit the weakness of SSLv3 to obtain clear text data
from the connection. [CVE-2014-3566] [CVE-2014-3568]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 10.0]
# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-10.0.patch
# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-10.0.patch.asc
# gpg --verify openssl-10.0.patch.asc
[FreeBSD 9.3]
# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-9.3.patch
# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-9.3.patch.asc
# gpg --verify openssl-9.3.patch.asc
[FreeBSD 8.4, 9.1 and 9.2]
# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-8.4.patch
# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-8.4.patch.asc
# gpg --verify openssl-8.4.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:http://www.FreeBSD.org/handbook/makeworld.html>.
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r273151
releng/8.4/ r273416
stable/9/ r273151
releng/9.1/ r273415
releng/9.2/ r273415
releng/9.3/ r273415
stable/10/ r273149
releng/10.0/ r273415
releng/10.1/ r273399
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. This flaw allows a man-in-the-middle (MITM)
attacker to decrypt a selected byte of a cipher text in as few as 256
tries if they are able to force a victim application to repeatedly send
the same data over newly created SSL 3.0 connections.
This update adds support for Fallback SCSV to mitigate this issue.
For the stable distribution (wheezy), these problems have been fixed in
version 1.0.1e-2+deb7u13.
For the unstable distribution (sid), these problems have been fixed in
version 1.0.1j-1. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: openssl security update
Advisory ID: RHSA-2014:1652-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1652.html
Issue date: 2014-10-16
CVE Names: CVE-2014-3513 CVE-2014-3567
=====================================================================
1. Summary:
Updated openssl packages that contain a backported patch to mitigate the
CVE-2014-3566 issue and fix two security issues are now available for Red
Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),
Transport Layer Security (TLS), and Datagram Transport Layer Security
(DTLS) protocols, as well as a full-strength, general purpose cryptography
library.
This update adds support for the TLS Fallback Signaling Cipher Suite Value
(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade
attacks against applications which re-connect using a lower SSL/TLS
protocol version when the initial connection indicating the highest
supported protocol version fails.
This can prevent a forceful downgrade of the communication to SSL 3.0.
The SSL 3.0 protocol was found to be vulnerable to the padding oracle
attack when using block cipher suites in cipher block chaining (CBC) mode.
This issue is identified as CVE-2014-3566, and also known under the alias
POODLE. This SSL 3.0 protocol flaw will not be addressed in a future
update; it is recommended that users configure their applications to
require at least TLS protocol version 1.0 for secure communication.
For additional information about this flaw, see the Knowledgebase article
at https://access.redhat.com/articles/1232123
A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure
Real-time Transport Protocol (SRTP) extension data. (CVE-2014-3513)
A memory leak flaw was found in the way an OpenSSL handled failed session
ticket integrity checks. A remote attacker could exhaust all available
memory of an SSL/TLS or DTLS server by sending a large number of invalid
session tickets to that server. (CVE-2014-3567)
All OpenSSL users are advised to upgrade to these updated packages, which
contain backported patches to mitigate the CVE-2014-3566 issue and correct
the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect,
all services linked to the OpenSSL library (such as httpd and other
SSL-enabled services) must be restarted or the system rebooted.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
openssl-1.0.1e-30.el6_6.2.src.rpm
i386:
openssl-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
x86_64:
openssl-1.0.1e-30.el6_6.2.i686.rpm
openssl-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-devel-1.0.1e-30.el6_6.2.i686.rpm
openssl-perl-1.0.1e-30.el6_6.2.i686.rpm
openssl-static-1.0.1e-30.el6_6.2.i686.rpm
x86_64:
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-devel-1.0.1e-30.el6_6.2.i686.rpm
openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
openssl-1.0.1e-30.el6_6.2.src.rpm
x86_64:
openssl-1.0.1e-30.el6_6.2.i686.rpm
openssl-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-devel-1.0.1e-30.el6_6.2.i686.rpm
openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
openssl-1.0.1e-30.el6_6.2.src.rpm
i386:
openssl-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-devel-1.0.1e-30.el6_6.2.i686.rpm
ppc64:
openssl-1.0.1e-30.el6_6.2.ppc.rpm
openssl-1.0.1e-30.el6_6.2.ppc64.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.ppc.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.ppc64.rpm
openssl-devel-1.0.1e-30.el6_6.2.ppc.rpm
openssl-devel-1.0.1e-30.el6_6.2.ppc64.rpm
s390x:
openssl-1.0.1e-30.el6_6.2.s390.rpm
openssl-1.0.1e-30.el6_6.2.s390x.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.s390.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.s390x.rpm
openssl-devel-1.0.1e-30.el6_6.2.s390.rpm
openssl-devel-1.0.1e-30.el6_6.2.s390x.rpm
x86_64:
openssl-1.0.1e-30.el6_6.2.i686.rpm
openssl-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-devel-1.0.1e-30.el6_6.2.i686.rpm
openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-perl-1.0.1e-30.el6_6.2.i686.rpm
openssl-static-1.0.1e-30.el6_6.2.i686.rpm
ppc64:
openssl-debuginfo-1.0.1e-30.el6_6.2.ppc64.rpm
openssl-perl-1.0.1e-30.el6_6.2.ppc64.rpm
openssl-static-1.0.1e-30.el6_6.2.ppc64.rpm
s390x:
openssl-debuginfo-1.0.1e-30.el6_6.2.s390x.rpm
openssl-perl-1.0.1e-30.el6_6.2.s390x.rpm
openssl-static-1.0.1e-30.el6_6.2.s390x.rpm
x86_64:
openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
openssl-1.0.1e-30.el6_6.2.src.rpm
i386:
openssl-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-devel-1.0.1e-30.el6_6.2.i686.rpm
x86_64:
openssl-1.0.1e-30.el6_6.2.i686.rpm
openssl-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-devel-1.0.1e-30.el6_6.2.i686.rpm
openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm
openssl-perl-1.0.1e-30.el6_6.2.i686.rpm
openssl-static-1.0.1e-30.el6_6.2.i686.rpm
x86_64:
openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm
openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source:
openssl-1.0.1e-34.el7_0.6.src.rpm
x86_64:
openssl-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-libs-1.0.1e-34.el7_0.6.i686.rpm
openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-devel-1.0.1e-34.el7_0.6.i686.rpm
openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-static-1.0.1e-34.el7_0.6.i686.rpm
openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
openssl-1.0.1e-34.el7_0.6.src.rpm
x86_64:
openssl-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-libs-1.0.1e-34.el7_0.6.i686.rpm
openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-devel-1.0.1e-34.el7_0.6.i686.rpm
openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-static-1.0.1e-34.el7_0.6.i686.rpm
openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
openssl-1.0.1e-34.el7_0.6.src.rpm
ppc64:
openssl-1.0.1e-34.el7_0.6.ppc64.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.ppc.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.ppc64.rpm
openssl-devel-1.0.1e-34.el7_0.6.ppc.rpm
openssl-devel-1.0.1e-34.el7_0.6.ppc64.rpm
openssl-libs-1.0.1e-34.el7_0.6.ppc.rpm
openssl-libs-1.0.1e-34.el7_0.6.ppc64.rpm
s390x:
openssl-1.0.1e-34.el7_0.6.s390x.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.s390.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.s390x.rpm
openssl-devel-1.0.1e-34.el7_0.6.s390.rpm
openssl-devel-1.0.1e-34.el7_0.6.s390x.rpm
openssl-libs-1.0.1e-34.el7_0.6.s390.rpm
openssl-libs-1.0.1e-34.el7_0.6.s390x.rpm
x86_64:
openssl-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-devel-1.0.1e-34.el7_0.6.i686.rpm
openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-libs-1.0.1e-34.el7_0.6.i686.rpm
openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
openssl-debuginfo-1.0.1e-34.el7_0.6.ppc.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.ppc64.rpm
openssl-perl-1.0.1e-34.el7_0.6.ppc64.rpm
openssl-static-1.0.1e-34.el7_0.6.ppc.rpm
openssl-static-1.0.1e-34.el7_0.6.ppc64.rpm
s390x:
openssl-debuginfo-1.0.1e-34.el7_0.6.s390.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.s390x.rpm
openssl-perl-1.0.1e-34.el7_0.6.s390x.rpm
openssl-static-1.0.1e-34.el7_0.6.s390.rpm
openssl-static-1.0.1e-34.el7_0.6.s390x.rpm
x86_64:
openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-static-1.0.1e-34.el7_0.6.i686.rpm
openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
openssl-1.0.1e-34.el7_0.6.src.rpm
x86_64:
openssl-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-devel-1.0.1e-34.el7_0.6.i686.rpm
openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-libs-1.0.1e-34.el7_0.6.i686.rpm
openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm
openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm
openssl-static-1.0.1e-34.el7_0.6.i686.rpm
openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2014-3513.html
https://www.redhat.com/security/data/cve/CVE-2014-3567.html
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/articles/1232123
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUP940XlSAg2UNWIIRAhUYAJ4or1rZ25E0BXjTPyeDsN+keTz3twCdHDEz
qY686VXQQ02SLq5vTvKfuHk=
=McEc
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04624296
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04624296
Version: 1
HPSBMU03304 rev.1 - HP Insight Control server deployment on Linux and
Windows, Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2015-04-01
Last Updated: 2015-04-01
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP System
Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version
Control Agent (VCA) which are components of HP Insight Control server
deployment. These vulnerabilities are related to the SSLv3 vulnerability
known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE". The
components of HP Insight Control server deployment could be exploited
remotely to allow disclosure of information.
HP Insight Control server deployment includes HP System Management Homepage
(SMH), HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and
deploys them through the following jobs. This bulletin provides the
information needed to update the vulnerable components in HP Insight Control
server deployment.
Install HP Management Agents for Windows x86/x64
Install HP Management Agents for RHEL 5 x64
Install HP Management Agents for RHEL 6 x64
Install HP Management Agents for SLES 10 x64
Install HP Management Agents for SLES 11 x64
Upgrade Proliant Firmware
References:
CVE-2014-3508
CVE-2014-3509
CVE-2014-3511
CVE-2014-3513
CVE-2014-3566
CVE-2014-3567
CVE-2014-3568
CVE-2014-5139
SSRT102004
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2014-3509 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2014-3511 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1
CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1
CVE-2014-3568 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2014-5139 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following instructions to resolve this vulnerability.
Note: For HP Insight deployment Control server v7.1.2, v7.2.0, v7.2.1 and
v7.2.2, you must upgrade to v7.3.1 and follow the steps from 1 to 11
mentioned below to resolve the vulnerability.
Delete the files smh*.exe from Component Copy Location listed in the
following table, rows 1 and 2.
Delete the files vca*.exe/vcaamd64-*.exe from Component Copy Location listed
in the following table, rows 3 and 4.
Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5.
In sequence, perform the steps from left to right in the following table.
First, download components from Download Link; Second, rename the component
as suggested in Rename to. Third, copy the component to the location
specified in Component Copy Location.
Table Row Number
Download Link
Rename to
Component Copy Location
1
http://www.hp.com/swpublishing/MTX-bd2042a1c7574aad90c4839efe
smhamd64-cp023964.exe
\\express\hpfeatures\hpagents-ws\components\Win2008
2
http://www.hp.com/swpublishing/MTX-062078f1ae354b7e99c86c151c
smhx86-cp023963.exe
\\express\hpfeatures\hpagents-ws\components\Win2008
3
http://www.hp.com/swpublishing/MTX-7b23e47d5d9b420b94bd1323eb
vcax86 cp025295.exe
\\express\hpfeatures\hpagents-ws\components\Win2008
4
http://www.hp.com/swpublishing/MTX-2557aa7dc1654cf6b547c1a9e4
vcaamd64-cp025296.exe
\\express\hpfeatures\hpagents-ws\components\Win2008
5
http://www.hp.com/swpublishing/MTX-5827037475e44abab586463723
Do not rename the downloaded component for this step.
\\express\hpfeatures\hpagents-sles11-x64\components
\\express\hpfeatures\hpagents-sles10-x64\components
\\express\hpfeatures\hpagents-rhel5-x64\components
\\express\hpfeatures\hpagents-rhel6-x64\components
6
http://www.hp.com/swpublishing/MTX-57ab6bb78b6e47a18718f44133
Do not rename the downloaded component for this step.
\\express\hpfeatures\hpagents-sles11-x64\components
\\express\hpfeatures\hpagents-sles10-x64\components
\\express\hpfeatures\hpagents-rhel5-x64\components
\\express\hpfeatures\hpagents-rhel6-x64\components
7
http://www.hp.com/swpublishing/MTX-34bcab41ac7e4db299e3f5f2f1
smhx86-cp025274.exe
\\express\hpfeatures\hpagents-ws\components\Win2003
8
http://www.hp.com/swpublishing/MTX-00eb9ac82e86449e8c3ba101bd
smhamd64-cp025275.exe
\\express\hpfeatures\hpagents-ws\components\Win2003
Download and extract the HP SUM component from
ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p991570621/v99346
Copy all content from extracted folder and paste at
\\eXpress\hpfeatures\fw-proLiant\components
Initiate Install HP Management Agents for SLES 11 x64 on the target running
SLES11 x64.
Initiate Install HP Management Agents for SLES 10 x64 on the target running
SLES10 x64.
Initiate Install HP Management Agents for RHEL 6 x64 on the target running
RHEL 6 x64.
Initiate Install HP Management Agents for RHEL 5 x64 on the target running
RHEL 5 x64.
Initiate Install HP Management Agents for Windows x86/x64 job on the target
running Windows.
HISTORY
Version:1 (rev.1) - 1 April 2015 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners
| VAR-201410-1418 | CVE-2014-3566 |
HP Security Bulletin HPSBST03265
Related entries in the VARIoT exploits database: VAR-E-201410-0385 |
CVSS V2: 4.3 CVSS V3: 3.4 Severity: LOW |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. There is a security vulnerability in the SSL protocol 3.0 version used in OpenSSL 1.0.1i and earlier versions. The vulnerability is caused by the program's use of non-deterministic CBC padding. Attackers can use padding-oracle attacks to exploit this vulnerability to implement man-in-the-middle attacks and obtain plaintext data.
HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-ibm security update
Advisory ID: RHSA-2014:1876-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html
Issue date: 2014-11-19
CVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288
CVE-2014-6456 CVE-2014-6457 CVE-2014-6458
CVE-2014-6476 CVE-2014-6492 CVE-2014-6493
CVE-2014-6502 CVE-2014-6503 CVE-2014-6506
CVE-2014-6511 CVE-2014-6512 CVE-2014-6515
CVE-2014-6527 CVE-2014-6531 CVE-2014-6532
CVE-2014-6558
=====================================================================
1. Summary:
Updated java-1.7.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
3. Description:
IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM
Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM Security alerts
page, listed in the References section. (CVE-2014-3065, CVE-2014-3566,
CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,
CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,
CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,
CVE-2014-6532, CVE-2014-6558)
The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat
Product Security.
Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to
address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM
article linked to in the References section for additional details about
this change and instructions on how to re-enable SSL 3.0 support if needed.
All users of java-1.7.0-ibm are advised to upgrade to these updated
packages, containing the IBM Java SE 7 SR8 release. All running instances
of IBM Java must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)
1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)
1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)
1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
x86_64:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
ppc:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
s390x:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm
x86_64:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-3065
https://access.redhat.com/security/cve/CVE-2014-3566
https://access.redhat.com/security/cve/CVE-2014-4288
https://access.redhat.com/security/cve/CVE-2014-6456
https://access.redhat.com/security/cve/CVE-2014-6457
https://access.redhat.com/security/cve/CVE-2014-6458
https://access.redhat.com/security/cve/CVE-2014-6476
https://access.redhat.com/security/cve/CVE-2014-6492
https://access.redhat.com/security/cve/CVE-2014-6493
https://access.redhat.com/security/cve/CVE-2014-6502
https://access.redhat.com/security/cve/CVE-2014-6503
https://access.redhat.com/security/cve/CVE-2014-6506
https://access.redhat.com/security/cve/CVE-2014-6511
https://access.redhat.com/security/cve/CVE-2014-6512
https://access.redhat.com/security/cve/CVE-2014-6515
https://access.redhat.com/security/cve/CVE-2014-6527
https://access.redhat.com/security/cve/CVE-2014-6531
https://access.redhat.com/security/cve/CVE-2014-6532
https://access.redhat.com/security/cve/CVE-2014-6558
https://access.redhat.com/security/updates/classification/#critical
https://www.ibm.com/developerworks/java/jdk/alerts/
https://www-01.ibm.com/support/docview.wss?uid=swg21688165
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY
ehbScogUJnSordhBH11LgWQ=
=ko7F
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2014-10-16-2 Security Update 2014-005
Security Update 2014-005 is now available and addresses the
following:
Secure Transport
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of SSL
3.0 when a cipher suite uses a block cipher in CBC mode. An attacker
could force the use of SSL 3.0, even when the server would support a
better TLS version, by blocking TLS 1.0 and higher connection
attempts. This issue was addressed by disabling CBC cipher suites
when TLS connection attempts fail.
CVE-ID
CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of
Google Security Team
Note: Security Update 2014-005 includes the security content of
OS X bash Update 1.0. For further details see
https://support.apple.com/kb/HT6495
Security Update 2014-005 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUQCI2AAoJEBcWfLTuOo7t5ygP/0l9VIBlR7Q6ocMRSB61+2uN
adB6UoEcmJCkUwmEAWOlVT0GlrtV+h2FbQGSKAkiDK5b7+E9UfX8UXneyaV4MWbj
BFDVFt/R0RRYpuojfmhNvMP+p7TFA1QsaHAUrWBtBomJ1+326YIhXBtWMIbVRGHC
S4OZgVbwSnyeJ3o74ftr+CcMu9PFXOMDj0Sdv6rb5af9vkNjfocp8J4El2psr3fO
Ari7bJNSQL2D2ZeGxR7aYu8JMdKQ7N0vnF/c24/z7zd3AgoLQLXsg6F0wI45vRNi
PxvmIAJ217qOva/4XRwve/YdxlpmYRwpkTXTDn7nMyTXsrtUm4PVumxKJJEScYmc
bU9Ckw1CUEQdcd883aB0NgLkf5LTPzsih+ak6xRzElp3QbmnPQ2y0GrnwryXQgLI
KEFrhFCkru7RPaPhXGpeqNB25iT99Rp6rc1w/LvhhZiEArBKyVwdWPAwt4ZAMBQY
UKZYYi6rQKEf+Tf5REoUv9OZCQFYFiuK6/5J/mAcKsZUN6+hxFRrNeq3Kg4GNMnS
v8T8Z0Z5IXbDBdptF6aSYI3sQYkvHob4ujAKxSLFJk9WJOl6y3/TIwGN5eTRxA0K
I+ZXxp9H0tDyHwIgGw/d9FWeW56mTqlcln5M5+V2jphi1h/0EqK70YpBnq4D/tI2
vDl+zNHL/d2D8rWh8csq
=c286
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04501908
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04501908
Version: 1
HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server
(iCAS) running OpenSSL, Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2014-11-14
Last Updated: 2014-11-14
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Remote Device
Access: Instant Customer Access Server (iCAS) running OpenSSL.
This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy
Encryption" also known as "Poodle", which could be exploited remotely to
allow disclosure of information.
SSLv3 is enabled by default in the current HP iCAS client software.
References:
CVE-2014-3566 (SSRT101824)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
All HP iCAS versions prior to version 14.11-38437
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following update available for the HP iCAS client kit to
resolve the vulnerability in HP Remote Device Access: Instant Customer Access
Server (iCAS).
- iCAS version 14.11-38437
The HP iCAS client should be used to connect to HP at
https://midway.corp.hp.com/icas/current/iCasStart.html which will force the
upgrade to iCAS version 14.11-38437.
Note: The new version of HP iCAS has updated OpenSSL libraries from OpenSSL
version 1.0.0g to 1.0.1j.
HISTORY
Version:1 (rev.1) - 14 November 2014 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners
| VAR-201410-0978 | CVE-2014-8755 | Panasonic Network Camera View WebVideoCam ActiveX Remote code execution vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Panasonic Network Camera View 3 and 4 allows remote attackers to execute arbitrary code via a crafted page, which triggers an invalid pointer dereference, related to "the ability to nullify an arbitrary address in memory.". User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the GetImageDataPrint method of the WebVideoCam ActiveX control. The issue lies in the ability to nullify an arbitrary address in memory. An attacker can leverage this vulnerability to execute code under the context of the current process. Panasonic Network Camera View is a webcam viewing app. Failed exploit attempts will likely result in denial-of-service conditions
| VAR-201410-1415 | CVE-2014-8756 | Panasonic Network Camera Recorder Remote code execution vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call, which writes null bytes to an arbitrary address. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within then NcrCtl4.NcrNet.1 control. An attacker can leverage this to execute arbitrary code in the context of the browser. Panasonic Network Camera is a Panasonic network camera. Failed exploit attempts will likely result in denial-of-service conditions
| VAR-201410-0066 | CVE-2014-3406 | Cisco Intrusion Prevention System Software IP Service operation interruption in logging function (DoS) Vulnerabilities |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1(7)E4 and earlier allows remote attackers to cause a denial of service (device reload) via crafted IP traffic that matches a problematic rule, aka Bug ID CSCud82085. ( Device reload ) There are vulnerabilities that are put into a state. Cisco Intrusion Prevention System is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to cause denial-of-service conditions.
This issue is being tracked by Cisco Bug ID CSCud82085. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors
| VAR-201410-1419 | No CVE | SAP BusinessObjects Explorer XML External Entity Injection Vulnerability (CNVD-2014-06710) |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
Business Objects is the world's leading business intelligence (BI) software company. SAP BusinessObjects Explorer is a browser that it launched. An external XML material injection vulnerability exists in SAP BusinessObjects Explorer. An information disclosure vulnerability exists because the program failed to properly authenticate the user's input
| VAR-201410-1417 | CVE-2014-0564 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558. This vulnerability CVE-2014-0558 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.418"
References
==========
[ 1 ] CVE-2014-0558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0558
[ 2 ] CVE-2014-0564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0564
[ 3 ] CVE-2014-0569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0569
[ 4 ] CVE-2014-0573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0573
[ 5 ] CVE-2014-0574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0574
[ 6 ] CVE-2014-0576
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0576
[ 7 ] CVE-2014-0577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0577
[ 8 ] CVE-2014-0581
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0581
[ 9 ] CVE-2014-0582
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0582
[ 10 ] CVE-2014-0583
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0583
[ 11 ] CVE-2014-0584
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0584
[ 12 ] CVE-2014-0585
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0585
[ 13 ] CVE-2014-0586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0586
[ 14 ] CVE-2014-0588
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0588
[ 15 ] CVE-2014-0589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0589
[ 16 ] CVE-2014-0590
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0590
[ 17 ] CVE-2014-8437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8437
[ 18 ] CVE-2014-8438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8438
[ 19 ] CVE-2014-8440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8440
[ 20 ] CVE-2014-8441
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8441
[ 21 ] CVE-2014-8442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8442
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1648-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1648.html
Issue date: 2014-10-15
CVE Names: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-22,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1152775 - CVE-2014-0564 CVE-2014-0558 CVE-2014-0569 flash-plugin: multiple code execution flaws (APSB14-22)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.411-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.411-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.411-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.411-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2014-0558.html
https://www.redhat.com/security/data/cve/CVE-2014-0564.html
https://www.redhat.com/security/data/cve/CVE-2014-0569.html
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-22.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUPuDGXlSAg2UNWIIRAsobAJ9vnW0PysUhlqb4KDFHcw8Q7+rzqgCePtuZ
Wum8dH3c44zrI0LJNv9/khY=
=kNs5
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201410-1416 | CVE-2014-0569 | Adobe Flash Player and Adobe AIR Integer overflow vulnerability |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the implementation of casi32. The issue lies in the failure to properly sanitize a user-supplied length value with a specific array implementation. An attacker can leverage this vulnerability to execute code within the context of the current process. Failed exploit attempts will likely cause a denial-of-service condition.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.418"
References
==========
[ 1 ] CVE-2014-0558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0558
[ 2 ] CVE-2014-0564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0564
[ 3 ] CVE-2014-0569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0569
[ 4 ] CVE-2014-0573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0573
[ 5 ] CVE-2014-0574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0574
[ 6 ] CVE-2014-0576
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0576
[ 7 ] CVE-2014-0577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0577
[ 8 ] CVE-2014-0581
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0581
[ 9 ] CVE-2014-0582
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0582
[ 10 ] CVE-2014-0583
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0583
[ 11 ] CVE-2014-0584
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0584
[ 12 ] CVE-2014-0585
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0585
[ 13 ] CVE-2014-0586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0586
[ 14 ] CVE-2014-0588
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0588
[ 15 ] CVE-2014-0589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0589
[ 16 ] CVE-2014-0590
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0590
[ 17 ] CVE-2014-8437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8437
[ 18 ] CVE-2014-8438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8438
[ 19 ] CVE-2014-8440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8440
[ 20 ] CVE-2014-8441
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8441
[ 21 ] CVE-2014-8442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8442
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1648-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1648.html
Issue date: 2014-10-15
CVE Names: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-22,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1152775 - CVE-2014-0564 CVE-2014-0558 CVE-2014-0569 flash-plugin: multiple code execution flaws (APSB14-22)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.411-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.411-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.411-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.411-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2014-0558.html
https://www.redhat.com/security/data/cve/CVE-2014-0564.html
https://www.redhat.com/security/data/cve/CVE-2014-0569.html
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-22.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUPuDGXlSAg2UNWIIRAsobAJ9vnW0PysUhlqb4KDFHcw8Q7+rzqgCePtuZ
Wum8dH3c44zrI0LJNv9/khY=
=kNs5
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201410-1044 | CVE-2014-0558 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564. This vulnerability CVE-2014-0564 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.418"
References
==========
[ 1 ] CVE-2014-0558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0558
[ 2 ] CVE-2014-0564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0564
[ 3 ] CVE-2014-0569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0569
[ 4 ] CVE-2014-0573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0573
[ 5 ] CVE-2014-0574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0574
[ 6 ] CVE-2014-0576
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0576
[ 7 ] CVE-2014-0577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0577
[ 8 ] CVE-2014-0581
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0581
[ 9 ] CVE-2014-0582
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0582
[ 10 ] CVE-2014-0583
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0583
[ 11 ] CVE-2014-0584
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0584
[ 12 ] CVE-2014-0585
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0585
[ 13 ] CVE-2014-0586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0586
[ 14 ] CVE-2014-0588
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0588
[ 15 ] CVE-2014-0589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0589
[ 16 ] CVE-2014-0590
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0590
[ 17 ] CVE-2014-8437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8437
[ 18 ] CVE-2014-8438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8438
[ 19 ] CVE-2014-8440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8440
[ 20 ] CVE-2014-8441
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8441
[ 21 ] CVE-2014-8442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8442
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1648-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1648.html
Issue date: 2014-10-15
CVE Names: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-22,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1152775 - CVE-2014-0564 CVE-2014-0558 CVE-2014-0569 flash-plugin: multiple code execution flaws (APSB14-22)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.411-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.411-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.411-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.411-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.411-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.411-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2014-0558.html
https://www.redhat.com/security/data/cve/CVE-2014-0564.html
https://www.redhat.com/security/data/cve/CVE-2014-0569.html
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-22.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUPuDGXlSAg2UNWIIRAsobAJ9vnW0PysUhlqb4KDFHcw8Q7+rzqgCePtuZ
Wum8dH3c44zrI0LJNv9/khY=
=kNs5
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201410-0965 | CVE-2014-6478 | Oracle MySQL of MySQL Server In SERVER:SSL:yaSSL Vulnerabilities |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.
The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'SERVER:SSL:yaSSL' sub component is affected.
This vulnerability affects the following supported versions:
5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. A remote attacker could exploit this vulnerability to update, insert, and delete data, affecting data integrity. ============================================================================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues. MySQL has been updated to
5.5.40.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2384-1
CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3054-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
October 20, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : mysql-5.5
CVE ID : CVE-2012-5615 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463
CVE-2014-6464 CVE-2014-6469 CVE-2014-6478 CVE-2014-6484
CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496
CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520
CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559
Debian Bug : 765663
Several issues have been discovered in the MySQL database server. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
For the stable distribution (wheezy), these problems have been fixed in
version 5.5.40-0+wheezy1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your mysql-5.5 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJURSC7AAoJEAVMuPMTQ89EasQP/RxXHja/33Mofs2nZY2T0c++
BblmAs1D8t1csPTPjPGC2UFrBNWvvKSintqHid1W34ulFQahR+Uw0t6vuNOKoVnh
oBnayvOkAl2R6EcMS3DrdEPCgmj6NGC6QNG2Qt43a5tYdR3YCBTCMhPcHoIM6m3J
eQH/3UetTKrxvqM0nXNjTcVppdHUzKP3b2W/DRP90X0qtD5DdkqEqh12rCZVBvnO
b3AegaZ/PoEnmzqXkLIpRs2Dtx9P/dWeL9vCDZN0X6h+NSJzXYd0YfjfEIYldSXI
vKHIXFyno69pelQ7YoUA/+XKyVbvZzPL1STgV9dJtHWUi4TMR9VgIFuJMVaBoNDR
YTcfN61CfOkhUI45PhEp+mprlKVwwrLXrR/R5g4dHr28EmdQmvIJOOtxbUJAUd0m
y7q5PUuXWuVC54Kjm51m249dNY8IMgBAiIdrvlQyQiOL28Wgc0z2+IWFZnSL8eSH
5l8jKi20x6BYNIKQHWBqt2s4yej39dNaiNnCGqnUUOCzrbpfY1xzP25GPtQo+jVc
+1IygdKN8SG3S5FTQcHsND4C2cb3A9Tgf2gwffVrQq0TyQvXQbGjWN+xh4FAhU/D
ysAYdd2zPQGd+9OAE/Ja1uMZ2NY/CTzn9y5Or6eTCLpDmNFN28MsvQ9SAkAWVKe8
SgOwAiXo3xRUsGy6UiHm
=j4S6
-----END PGP SIGNATURE-----
| VAR-201410-0834 | CVE-2014-6500 | Oracle MySQL of MySQL Server In SERVER:SSL:yaSSL Vulnerabilities |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491. This vulnerability CVE-2014-6491 Is a different vulnerability.Information is obtained by a third party, information is altered, and service operation is interrupted. (DoS) An attack may be carried out.
The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'SERVER:SSL:yaSSL' sub component is affected.
This vulnerability affects the following supported versions:
5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues. MySQL has been updated to
5.5.40.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2384-1
CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] mariadb (SSA:2014-307-01)
New mariadb packages are available for Slackware 14.1 and -current to
fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.1 package:
da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz
Slackware -current package:
f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz
Slackware x86_64 -current package:
6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz
Then, restart the database server:
# sh /etc/rc.d/rc.mysqld restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw
3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu
=11Km
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: MySQL, MariaDB: Multiple vulnerabilities
Date: November 05, 2014
Bugs: #525504
ID: 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the MySQL and MariaDB,
possibly allowing attackers to cause unspecified impact.
Background
==========
MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an
enhanced, drop-in replacement for MySQL.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/mysql < 5.5.40 >= 5.5.40
2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple unspecified vulnerabilities have been discovered in MySQL.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code, Denial of Service, or disclosure of sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All MySQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40"
All MariaDB users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1"
References
==========
[ 1 ] CVE-2014-6464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464
[ 2 ] CVE-2014-6469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469
[ 3 ] CVE-2014-6491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491
[ 4 ] CVE-2014-6494
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494
[ 5 ] CVE-2014-6496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496
[ 6 ] CVE-2014-6500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500
[ 7 ] CVE-2014-6507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507
[ 8 ] CVE-2014-6555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555
[ 9 ] CVE-2014-6559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
For the stable distribution (wheezy), these problems have been fixed in
version 5.5.40-0+wheezy1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your mysql-5.5 packages
| VAR-201410-0829 | CVE-2014-6495 | Oracle MySQL of MySQL Server In SERVER:SSL:yaSSL Vulnerabilities |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.
The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'SERVER:SSL:yaSSL' sub component is affected.
This vulnerability affects the following supported versions:
5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues. MySQL has been updated to
5.5.40.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2384-1
CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3054-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
October 20, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : mysql-5.5
CVE ID : CVE-2012-5615 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463
CVE-2014-6464 CVE-2014-6469 CVE-2014-6478 CVE-2014-6484
CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496
CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520
CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559
Debian Bug : 765663
Several issues have been discovered in the MySQL database server. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
For the stable distribution (wheezy), these problems have been fixed in
version 5.5.40-0+wheezy1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your mysql-5.5 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJURSC7AAoJEAVMuPMTQ89EasQP/RxXHja/33Mofs2nZY2T0c++
BblmAs1D8t1csPTPjPGC2UFrBNWvvKSintqHid1W34ulFQahR+Uw0t6vuNOKoVnh
oBnayvOkAl2R6EcMS3DrdEPCgmj6NGC6QNG2Qt43a5tYdR3YCBTCMhPcHoIM6m3J
eQH/3UetTKrxvqM0nXNjTcVppdHUzKP3b2W/DRP90X0qtD5DdkqEqh12rCZVBvnO
b3AegaZ/PoEnmzqXkLIpRs2Dtx9P/dWeL9vCDZN0X6h+NSJzXYd0YfjfEIYldSXI
vKHIXFyno69pelQ7YoUA/+XKyVbvZzPL1STgV9dJtHWUi4TMR9VgIFuJMVaBoNDR
YTcfN61CfOkhUI45PhEp+mprlKVwwrLXrR/R5g4dHr28EmdQmvIJOOtxbUJAUd0m
y7q5PUuXWuVC54Kjm51m249dNY8IMgBAiIdrvlQyQiOL28Wgc0z2+IWFZnSL8eSH
5l8jKi20x6BYNIKQHWBqt2s4yej39dNaiNnCGqnUUOCzrbpfY1xzP25GPtQo+jVc
+1IygdKN8SG3S5FTQcHsND4C2cb3A9Tgf2gwffVrQq0TyQvXQbGjWN+xh4FAhU/D
ysAYdd2zPQGd+9OAE/Ja1uMZ2NY/CTzn9y5Or6eTCLpDmNFN28MsvQ9SAkAWVKe8
SgOwAiXo3xRUsGy6UiHm
=j4S6
-----END PGP SIGNATURE-----
| VAR-201410-0830 | CVE-2014-6496 | Oracle MySQL of MySQL Server In CLIENT:SSL:yaSSL Vulnerabilities |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494. This vulnerability CVE-2014-6494 Is a different vulnerability.Service disruption by a third party (DoS) An attack may be carried out.
The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'CLIENT:SSL:yaSSL' sub component is affected.
This vulnerability affects the following supported versions:
5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues. MySQL has been updated to
5.5.40.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2384-1
CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] mariadb (SSA:2014-307-01)
New mariadb packages are available for Slackware 14.1 and -current to
fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.1 package:
da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz
Slackware -current package:
f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz
Slackware x86_64 -current package:
6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz
Then, restart the database server:
# sh /etc/rc.d/rc.mysqld restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw
3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu
=11Km
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: MySQL, MariaDB: Multiple vulnerabilities
Date: November 05, 2014
Bugs: #525504
ID: 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the MySQL and MariaDB,
possibly allowing attackers to cause unspecified impact.
Background
==========
MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an
enhanced, drop-in replacement for MySQL.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/mysql < 5.5.40 >= 5.5.40
2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple unspecified vulnerabilities have been discovered in MySQL.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code, Denial of Service, or disclosure of sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All MySQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40"
All MariaDB users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1"
References
==========
[ 1 ] CVE-2014-6464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464
[ 2 ] CVE-2014-6469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469
[ 3 ] CVE-2014-6491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491
[ 4 ] CVE-2014-6494
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494
[ 5 ] CVE-2014-6496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496
[ 6 ] CVE-2014-6500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500
[ 7 ] CVE-2014-6507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507
[ 8 ] CVE-2014-6555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555
[ 9 ] CVE-2014-6559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
For the stable distribution (wheezy), these problems have been fixed in
version 5.5.40-0+wheezy1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your mysql-5.5 packages
| VAR-201410-0828 | CVE-2014-6494 | Oracle MySQL of MySQL Server In CLIENT:SSL:yaSSL Vulnerabilities |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496. This vulnerability CVE-2014-6496 Is a different vulnerability.Service disruption by a third party (DoS) An attack may be carried out.
The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'CLIENT:SSL:yaSSL' sub component is affected.
This vulnerability affects the following supported versions:
5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues. MySQL has been updated to
5.5.40.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2384-1
CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] mariadb (SSA:2014-307-01)
New mariadb packages are available for Slackware 14.1 and -current to
fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.1 package:
da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz
Slackware -current package:
f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz
Slackware x86_64 -current package:
6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz
Then, restart the database server:
# sh /etc/rc.d/rc.mysqld restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw
3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu
=11Km
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: MySQL, MariaDB: Multiple vulnerabilities
Date: November 05, 2014
Bugs: #525504
ID: 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the MySQL and MariaDB,
possibly allowing attackers to cause unspecified impact.
Background
==========
MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an
enhanced, drop-in replacement for MySQL.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/mysql < 5.5.40 >= 5.5.40
2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple unspecified vulnerabilities have been discovered in MySQL.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code, Denial of Service, or disclosure of sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All MySQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40"
All MariaDB users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1"
References
==========
[ 1 ] CVE-2014-6464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464
[ 2 ] CVE-2014-6469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469
[ 3 ] CVE-2014-6491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491
[ 4 ] CVE-2014-6494
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494
[ 5 ] CVE-2014-6496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496
[ 6 ] CVE-2014-6500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500
[ 7 ] CVE-2014-6507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507
[ 8 ] CVE-2014-6555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555
[ 9 ] CVE-2014-6559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
For the stable distribution (wheezy), these problems have been fixed in
version 5.5.40-0+wheezy1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your mysql-5.5 packages
| VAR-201410-0825 | CVE-2014-6491 | Oracle MySQL of MySQL Server In SERVER:SSL:yaSSL Vulnerabilities |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500. This vulnerability CVE-2014-6500 Is a different vulnerability.Information is obtained by a third party, information is altered, and service operation is interrupted. (DoS) An attack may be carried out.
The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'SERVER:SSL:yaSSL' sub component is affected.
This vulnerability affects the following supported versions:
5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues. MySQL has been updated to
5.5.40.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2384-1
CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] mariadb (SSA:2014-307-01)
New mariadb packages are available for Slackware 14.1 and -current to
fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.1 package:
da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz
Slackware -current package:
f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz
Slackware x86_64 -current package:
6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz
Then, restart the database server:
# sh /etc/rc.d/rc.mysqld restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw
3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu
=11Km
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: MySQL, MariaDB: Multiple vulnerabilities
Date: November 05, 2014
Bugs: #525504
ID: 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the MySQL and MariaDB,
possibly allowing attackers to cause unspecified impact.
Background
==========
MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an
enhanced, drop-in replacement for MySQL.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/mysql < 5.5.40 >= 5.5.40
2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple unspecified vulnerabilities have been discovered in MySQL.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code, Denial of Service, or disclosure of sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All MySQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40"
All MariaDB users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1"
References
==========
[ 1 ] CVE-2014-6464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464
[ 2 ] CVE-2014-6469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469
[ 3 ] CVE-2014-6491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491
[ 4 ] CVE-2014-6494
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494
[ 5 ] CVE-2014-6496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496
[ 6 ] CVE-2014-6500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500
[ 7 ] CVE-2014-6507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507
[ 8 ] CVE-2014-6555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555
[ 9 ] CVE-2014-6559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Please see the MySQL 5.5 Release Notes and Oracle's
Critical Patch Update advisory for further details:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
For the stable distribution (wheezy), these problems have been fixed in
version 5.5.40-0+wheezy1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your mysql-5.5 packages
| VAR-201410-0859 | CVE-2014-6559 | Oracle MySQL Server Security hole |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING. Oracle MySQL Server is prone to a remote security vulnerability.
The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'C API SSL CERTIFICATE HANDLING' sub component is affected.
This vulnerability affects the following supported versions:
5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability.
Additionally MariaDB 5.5.40 removed the bundled copy of jemalloc from
the source tarball and only builds with jemalloc if a system copy
of the jemalloc library is detecting during the build. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFUT0QSmqjQ0CJFipgRAmnhAKCOd9QLoxRrlcA8U4XLA46+ZhjfFwCfQzhY
tRKQjAv7QAJqbwipIkIIC8Q=
=uyHd
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: mariadb security update
Advisory ID: RHSA-2014:1861-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1861.html
Issue date: 2014-11-17
CVE Names: CVE-2014-2494 CVE-2014-4207 CVE-2014-4243
CVE-2014-4258 CVE-2014-4260 CVE-2014-4274
CVE-2014-4287 CVE-2014-6463 CVE-2014-6464
CVE-2014-6469 CVE-2014-6484 CVE-2014-6505
CVE-2014-6507 CVE-2014-6520 CVE-2014-6530
CVE-2014-6551 CVE-2014-6555 CVE-2014-6559
=====================================================================
1. Summary:
Updated mariadb packages that fix several security issues are now available
for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL.
This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-2494,
CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287,
CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,
CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,
CVE-2014-6555, CVE-2014-6559)
These updated packages upgrade MariaDB to version 5.5.40. Refer to the
MariaDB Release Notes listed in the References section for a complete list
of changes.
All MariaDB users should upgrade to these updated packages, which correct
these issues. After installing this update, the MariaDB server daemon
(mysqld) will be restarted automatically.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1120382 - CVE-2014-2494 mysql: unspecified vulnerability related to ENARC (CPU July 2014)
1120383 - CVE-2014-4207 mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)
1120385 - CVE-2014-4243 mysql: unspecified vulnerability related to ENFED (CPU July 2014)
1120387 - CVE-2014-4258 mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)
1120388 - CVE-2014-4260 mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)
1126271 - CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20
1153461 - CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)
1153462 - CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)
1153463 - CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)
1153464 - CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)
1153467 - CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
1153489 - CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)
1153490 - CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
1153491 - CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)
1153493 - CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
1153494 - CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)
1153495 - CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
1153496 - CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
mariadb-5.5.40-1.el7_0.src.rpm
x86_64:
mariadb-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-libs-5.5.40-1.el7_0.i686.rpm
mariadb-libs-5.5.40-1.el7_0.x86_64.rpm
mariadb-server-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
mariadb-bench-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-devel-5.5.40-1.el7_0.i686.rpm
mariadb-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-test-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
mariadb-5.5.40-1.el7_0.src.rpm
x86_64:
mariadb-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-libs-5.5.40-1.el7_0.i686.rpm
mariadb-libs-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
mariadb-bench-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-devel-5.5.40-1.el7_0.i686.rpm
mariadb-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-server-5.5.40-1.el7_0.x86_64.rpm
mariadb-test-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
mariadb-5.5.40-1.el7_0.src.rpm
ppc64:
mariadb-5.5.40-1.el7_0.ppc64.rpm
mariadb-bench-5.5.40-1.el7_0.ppc64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.ppc.rpm
mariadb-debuginfo-5.5.40-1.el7_0.ppc64.rpm
mariadb-devel-5.5.40-1.el7_0.ppc.rpm
mariadb-devel-5.5.40-1.el7_0.ppc64.rpm
mariadb-libs-5.5.40-1.el7_0.ppc.rpm
mariadb-libs-5.5.40-1.el7_0.ppc64.rpm
mariadb-server-5.5.40-1.el7_0.ppc64.rpm
mariadb-test-5.5.40-1.el7_0.ppc64.rpm
s390x:
mariadb-5.5.40-1.el7_0.s390x.rpm
mariadb-bench-5.5.40-1.el7_0.s390x.rpm
mariadb-debuginfo-5.5.40-1.el7_0.s390.rpm
mariadb-debuginfo-5.5.40-1.el7_0.s390x.rpm
mariadb-devel-5.5.40-1.el7_0.s390.rpm
mariadb-devel-5.5.40-1.el7_0.s390x.rpm
mariadb-libs-5.5.40-1.el7_0.s390.rpm
mariadb-libs-5.5.40-1.el7_0.s390x.rpm
mariadb-server-5.5.40-1.el7_0.s390x.rpm
mariadb-test-5.5.40-1.el7_0.s390x.rpm
x86_64:
mariadb-5.5.40-1.el7_0.x86_64.rpm
mariadb-bench-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-devel-5.5.40-1.el7_0.i686.rpm
mariadb-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-libs-5.5.40-1.el7_0.i686.rpm
mariadb-libs-5.5.40-1.el7_0.x86_64.rpm
mariadb-server-5.5.40-1.el7_0.x86_64.rpm
mariadb-test-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
mariadb-debuginfo-5.5.40-1.el7_0.ppc.rpm
mariadb-debuginfo-5.5.40-1.el7_0.ppc64.rpm
mariadb-embedded-5.5.40-1.el7_0.ppc.rpm
mariadb-embedded-5.5.40-1.el7_0.ppc64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.ppc.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.ppc64.rpm
s390x:
mariadb-debuginfo-5.5.40-1.el7_0.s390.rpm
mariadb-debuginfo-5.5.40-1.el7_0.s390x.rpm
mariadb-embedded-5.5.40-1.el7_0.s390.rpm
mariadb-embedded-5.5.40-1.el7_0.s390x.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.s390.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.s390x.rpm
x86_64:
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
mariadb-5.5.40-1.el7_0.src.rpm
x86_64:
mariadb-5.5.40-1.el7_0.x86_64.rpm
mariadb-bench-5.5.40-1.el7_0.x86_64.rpm
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-devel-5.5.40-1.el7_0.i686.rpm
mariadb-devel-5.5.40-1.el7_0.x86_64.rpm
mariadb-libs-5.5.40-1.el7_0.i686.rpm
mariadb-libs-5.5.40-1.el7_0.x86_64.rpm
mariadb-server-5.5.40-1.el7_0.x86_64.rpm
mariadb-test-5.5.40-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm
mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm
mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-2494
https://access.redhat.com/security/cve/CVE-2014-4207
https://access.redhat.com/security/cve/CVE-2014-4243
https://access.redhat.com/security/cve/CVE-2014-4258
https://access.redhat.com/security/cve/CVE-2014-4260
https://access.redhat.com/security/cve/CVE-2014-4274
https://access.redhat.com/security/cve/CVE-2014-4287
https://access.redhat.com/security/cve/CVE-2014-6463
https://access.redhat.com/security/cve/CVE-2014-6464
https://access.redhat.com/security/cve/CVE-2014-6469
https://access.redhat.com/security/cve/CVE-2014-6484
https://access.redhat.com/security/cve/CVE-2014-6505
https://access.redhat.com/security/cve/CVE-2014-6507
https://access.redhat.com/security/cve/CVE-2014-6520
https://access.redhat.com/security/cve/CVE-2014-6530
https://access.redhat.com/security/cve/CVE-2014-6551
https://access.redhat.com/security/cve/CVE-2014-6555
https://access.redhat.com/security/cve/CVE-2014-6559
https://access.redhat.com/security/updates/classification/#important
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL
https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5540-release-notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUadeuXlSAg2UNWIIRAq0FAKC2DOhAOg/q+zlOLLV3ztECJ+Gh0gCdEGtr
rmT+kQlZKObKWBl1L2CyGEU=
=yhRc
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ============================================================================
Ubuntu Security Notice USN-2384-1
October 15, 2014
mysql-5.5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5 5.5.40-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.1 package:
da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz
Slackware -current package:
f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz
Slackware x86_64 -current package:
6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz
Then, restart the database server:
# sh /etc/rc.d/rc.mysqld restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: MySQL, MariaDB: Multiple vulnerabilities
Date: November 05, 2014
Bugs: #525504
ID: 201411-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the MySQL and MariaDB,
possibly allowing attackers to cause unspecified impact. MariaDB is an
enhanced, drop-in replacement for MySQL.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/mysql < 5.5.40 >= 5.5.40
2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple unspecified vulnerabilities have been discovered in MySQL.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code, Denial of Service, or disclosure of sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All MySQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40"
All MariaDB users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1"
References
==========
[ 1 ] CVE-2014-6464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464
[ 2 ] CVE-2014-6469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469
[ 3 ] CVE-2014-6491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491
[ 4 ] CVE-2014-6494
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494
[ 5 ] CVE-2014-6496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496
[ 6 ] CVE-2014-6500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500
[ 7 ] CVE-2014-6507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507
[ 8 ] CVE-2014-6555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555
[ 9 ] CVE-2014-6559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201411-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
For the unstable distribution (sid), these problems will be fixed soon. Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
3
| VAR-201410-1000 | CVE-2014-3381 | Cisco Email Security Appliance Run on Cisco AsyncOS of ZIP Vulnerabilities that can bypass malware filtering in the inspection engine |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934. Vendors have confirmed this vulnerability Bug ID CSCup07934 It is released as.A third party may be able to bypass malware filtering through a crafted archive. Cisco AsyncOS is the operating system used by multiple Cisco products. A remote security bypass vulnerability exists in Cisco AsyncOS Software that allows an attacker to bypass certain security restrictions and perform unauthorized operations. Cisco AsyncOS Software is prone to a remote security-bypass vulnerability.
This issue is being tracked by Cisco Bug ID CSCup07934. The vulnerability is caused by the program not correctly parsing ZIP compressed files
| VAR-201410-1486 | No CVE | Multiple Huawei Products VRP SSH Denial of Service Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
Multiple Huawei products are prone to a denial-of-service vulnerability.
An attacker can exploit this issue to restart the device, denying service to legitimate users.
| VAR-201410-0064 | CVE-2014-3404 | Cisco IOS XE of Autonomic Networking Infrastructure Vulnerability that triggers receipt of invalid messages in components |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677. Vendors have confirmed this vulnerability Bug ID CSCuq22677 It is released as.A third party can trigger the receipt of invalid messages via crafted messages. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS XE has a security bypass vulnerability that allows an attacker to exploit a vulnerability to bypass certain security restrictions and perform unauthorized operations. Cisco IOS XE Software is prone to a security-bypass vulnerability.
This issue is being tracked by Cisco Bug ID CSCuq22677. The vulnerability is caused by the program not validating certificates properly. A remote attacker could exploit this vulnerability to send a specially crafted message to the ANI device