VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201410-1151 CVE-2014-3568 OpenSSL Vulnerable to access restrictions CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c. OpenSSL is prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions. OpenSSL Security Advisory [15 Oct 2014] ======================================= SRTP Memory Leak (CVE-2014-3513) ================================ Severity: High A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected. OpenSSL 1.0.1 users should upgrade to 1.0.1j. This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. The fix was developed by the OpenSSL team. Session Ticket Memory Leak (CVE-2014-3567) ========================================== Severity: Medium When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc. This issue was reported to OpenSSL on 8th October 2014. The fix was developed by Stephen Henson of the OpenSSL core team. SSL 3.0 Fallback protection =========================== Severity: Medium OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade. Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566). OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc. https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 https://www.openssl.org/~bodo/ssl-poodle.pdf Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller. OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc. This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014. The fix was developed by Akamai and the OpenSSL team. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv_20141015.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html . Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded. (* Security fix *) patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded. For more information, see: https://www.openssl.org/news/secadv_20141015.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 packages: 44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz 8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz Slackware x86_64 13.0 packages: 671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz 21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz Slackware 13.1 packages: 64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz 5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz Slackware x86_64 13.1 packages: 94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz 2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz Slackware 13.37 packages: 4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz fedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz Slackware x86_64 13.37 packages: 5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz 6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz Slackware 14.0 packages: 2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz f7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz Slackware x86_64 14.0 packages: 41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz 40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz Slackware 14.1 packages: 024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz 0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz Slackware x86_64 14.1 packages: d07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz 1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz Slackware -current packages: 53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz cc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz Slackware x86_64 -current packages: 500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz c483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001 OS X 10.10.2 and Security Update 2015-001 are now available and address the following: AFP Server Available for: OS X Mavericks v10.9.5 Impact: A remote attacker may be able to determine all the network addresses of the system Description: The AFP file server supported a command which returned all the network addresses of the system. This issue was addressed by removing the addresses from the result. CVE-ID CVE-2014-4426 : Craig Young of Tripwire VERT bash Available for: OS X Yosemite v10.10 and v10.10.1 Impact: Multiple vulnerabilities in bash, including one that may allow local attackers to execute arbitrary code Description: Multiple vulnerabilities existed in bash. These issues were addressed by updating bash to patch level 57. CVE-ID CVE-2014-6277 CVE-2014-7186 CVE-2014-7187 Bluetooth Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An integer signedness error existed in IOBluetoothFamily which allowed manipulation of kernel memory. This issue was addressed through improved bounds checking. This issue does not affect OS X Yosemite systems. CVE-ID CVE-2014-4497 Bluetooth Available for: OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An error existed in the Bluetooth driver that allowed a malicious application to control the size of a write to kernel memory. The issue was addressed through additional input validation. CVE-ID CVE-2014-8836 : Ian Beer of Google Project Zero Bluetooth Available for: OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple security issues existed in the Bluetooth driver, allowing a malicious application to execute arbitrary code with system privilege. The issues were addressed through additional input validation. CVE-ID CVE-2014-8837 : Roberto Paleari and Aristide Fattori of Emaze Networks CFNetwork Cache Available for: OS X Yosemite v10.10 and v10.10.1 Impact: Website cache may not be fully cleared after leaving private browsing Description: A privacy issue existed where browsing data could remain in the cache after leaving private browsing. This issue was addressed through a change in caching behavior. CVE-ID CVE-2014-4460 CoreGraphics Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4481 : Felipe Andres Manzano of the Binamuse VRT, via the iSIGHT Partners GVP Program CPU Software Available for: OS X Yosemite v10.10 and v10.10.1, for: MacBook Pro Retina, MacBook Air (Mid 2013 and later), iMac (Late 2013 and later), Mac Pro (Late 2013) Impact: A malicious Thunderbolt device may be able to affect firmware flashing Description: Thunderbolt devices could modify the host firmware if connected during an EFI update. This issue was addressed by not loading option ROMs during updates. CVE-ID CVE-2014-4498 : Trammell Hudson of Two Sigma Investments CommerceKit Framework Available for: OS X Yosemite v10.10 and v10.10.1 Impact: An attacker with access to a system may be able to recover Apple ID credentials Description: An issue existed in the handling of App Store logs. The App Store process could log Apple ID credentials in the log when additional logging was enabled. This issue was addressed by disallowing logging of credentials. CVE-ID CVE-2014-4499 : Sten Petersen CoreGraphics Available for: OS X Yosemite v10.10 and v10.10.1 Impact: Some third-party applications with non-secure text entry and mouse events may log those events Description: Due to the combination of an uninitialized variable and an application's custom allocator, non-secure text entry and mouse events may have been logged. This issue was addressed by ensuring that logging is off by default. This issue did not affect systems prior to OS X Yosemite. CVE-ID CVE-2014-1595 : Steven Michaud of Mozilla working with Kent Howard CoreGraphics Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of PDF files. The issue was addressed through improved bounds checking. This issue does not affect OS X Yosemite systems. CVE-ID CVE-2014-8816 : Mike Myers, of Digital Operatives LLC CoreSymbolication Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple type confusion issues existed in coresymbolicationd's handling of XPC messages. These issues were addressed through improved type checking. CVE-ID CVE-2014-8817 : Ian Beer of Google Project Zero FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Processing a maliciously crafted .dfont file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of .dfont files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4484 : Gaurav Baruah working with HP's Zero Day Initiative FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4483 : Apple Foundation Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Viewing a maliciously crafted XML file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the XML parser. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4485 : Apple Intel Graphics Driver Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Multiple vulnerabilities in Intel graphics driver Description: Multiple vulnerabilities existed in the Intel graphics driver, the most serious of which may have led to arbitrary code execution with system privileges. This update addresses the issues through additional bounds checks. CVE-ID CVE-2014-8819 : Ian Beer of Google Project Zero CVE-2014-8820 : Ian Beer of Google Project Zero CVE-2014-8821 : Ian Beer of Google Project Zero IOAcceleratorFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in IOAcceleratorFamily's handling of certain IOService userclient types. This issue was addressed through improved validation of IOAcceleratorFamily contexts. CVE-ID CVE-2014-4486 : Ian Beer of Google Project Zero IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A buffer overflow existed in IOHIDFamily. This issue was addressed with improved bounds checking. CVE-ID CVE-2014-4487 : TaiG Jailbreak Team IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in IOHIDFamily's handling of resource queue metadata. This issue was addressed through improved validation of metadata. CVE-ID CVE-2014-4488 : Apple IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in IOHIDFamily's handling of event queues. This issue was addressed through improved validation of IOHIDFamily event queue initialization. CVE-ID CVE-2014-4489 : @beist IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Executing a malicious application may result in arbitrary code execution within the kernel Description: A bounds checking issue existed in a user client vended by the IOHIDFamily driver which allowed a malicious application to overwrite arbitrary portions of the kernel address space. The issue is addressed by removing the vulnerable user client method. CVE-ID CVE-2014-8822 : Vitaliy Toropov working with HP's Zero Day Initiative IOKit Available for: OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved validation of IOKit API arguments. CVE-ID CVE-2014-4389 : Ian Beer of Google Project Zero IOUSBFamily Available for: OS X Yosemite v10.10 and v10.10.1 Impact: A privileged application may be able to read arbitrary data from kernel memory Description: A memory access issue existed in the handling of IOUSB controller user client functions. This issue was addressed through improved argument validation. CVE-ID CVE-2014-8823 : Ian Beer of Google Project Zero Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Specifying a custom cache mode allowed writing to kernel read-only shared memory segments. This issue was addressed by not granting write permissions as a side-effect of some custom cache modes. CVE-ID CVE-2014-4495 : Ian Beer of Google Project Zero Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata. CVE-ID CVE-2014-8824 : @PanguTeam Kernel Available for: OS X Yosemite v10.10 and v10.10.1 Impact: A local attacker can spoof directory service responses to the kernel, elevate privileges, or gain kernel execution Description: Issues existed in identitysvc validation of the directory service resolving process, flag handling, and error handling. This issue was addressed through improved validation. CVE-ID CVE-2014-8825 : Alex Radocea of CrowdStrike Kernel Available for: OS X Yosemite v10.10 and v10.10.1 Impact: A local user may be able to determine kernel memory layout Description: Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization. CVE-ID CVE-2014-4371 : Fermin J. Serna of the Google Security Team CVE-2014-4419 : Fermin J. Serna of the Google Security Team CVE-2014-4420 : Fermin J. Serna of the Google Security Team CVE-2014-4421 : Fermin J. Serna of the Google Security Team Kernel Available for: OS X Mavericks v10.9.5 Impact: A person with a privileged network position may cause a denial of service Description: A race condition issue existed in the handling of IPv6 packets. This issue was addressed through improved lock state checking. CVE-ID CVE-2011-2391 Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Maliciously crafted or compromised applications may be able to determine addresses in the kernel Description: An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. This issue was addressed by unsliding the addresses before returning them. CVE-ID CVE-2014-4491 : @PanguTeam, Stefan Esser Kernel Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the handling of certain metadata fields of IOSharedDataQueue objects. This issue was addressed through relocation of the metadata. CVE-ID CVE-2014-4461 : @PanguTeam LaunchServices Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious JAR file may bypass Gatekeeper checks Description: An issue existed in the handling of application launches which allowed certain malicious JAR files to bypass Gatekeeper checks. This issue was addressed through improved handling of file type metadata. CVE-ID CVE-2014-8826 : Hernan Ochoa of Amplia Security libnetcore Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious, sandboxed app can compromise the networkd daemon Description: Multiple type confusion issues existed in networkd's handling of interprocess communication. By sending networkd a maliciously formatted message, it may have been possible to execute arbitrary code as the networkd process. The issue is addressed through additional type checking. CVE-ID CVE-2014-4492 : Ian Beer of Google Project Zero LoginWindow Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A Mac may not lock immediately upon wake Description: An issue existed in the rendering of the lock screen. This issue was address through improved screen rendering while locked. CVE-ID CVE-2014-8827 : Xavier Bertels of Mono, and multiple OS X seed testers lukemftp Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Using the command line ftp tool to fetch files from a malicious http server may lead to arbitrary code execution Description: A command injection issue existed in the handling of HTTP redirects. This issue was addressed through improved validation of special characters. CVE-ID CVE-2014-8517 OpenSSL Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Multiple vulnerabilities in OpenSSL 0.9.8za, including one that may allow an attacker to downgrade connections to use weaker cipher-suites in applications using the library Description: Multiple vulnerabilities existed in OpenSSL 0.9.8za. These issues were addressed by updating OpenSSL to version 0.9.8zc. CVE-ID CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 Sandbox Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A design issue existed in the caching of sandbox profiles which allowed sandboxed applications to gain write access to the cache. This issue was addressed by restricting write access to paths containing a "com.apple.sandbox" segment. This issue does not affect OS X Yosemite v10.10 or later. CVE-ID CVE-2014-8828 : Apple SceneKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A malicious application could execute arbitrary code leading to compromise of user information Description: Multiple out of bounds write issues existed in SceneKit. These issues were addressed through improved bounds checking. CVE-ID CVE-2014-8829 : Jose Duart of the Google Security Team SceneKit Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Viewing a maliciously crafted Collada file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in SceneKit's handling of Collada files. Viewing a maliciously crafted Collada file may have led to an unexpected application termination or arbitrary code execution. This issue was addressed through improved validation of accessor elements. CVE-ID CVE-2014-8830 : Jose Duart of Google Security Team Security Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A downloaded application signed with a revoked Developer ID certificate may pass Gatekeeper checks Description: An issue existed with how cached application certificate information was evaluated. This issue was addressed with cache logic improvements. CVE-ID CVE-2014-8838 : Apple security_taskgate Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: An app may access keychain items belonging to other apps Description: An access control issue existed in the Keychain. Applications signed with self-signed or Developer ID certificates could access keychain items whose access control lists were based on keychain groups. This issue was addressed by validating the signing identity when granting access to keychain groups. CVE-ID CVE-2014-8831 : Apple Spotlight Available for: OS X Yosemite v10.10 and v10.10.1 Impact: The sender of an email could determine the IP address of the recipient Description: Spotlight did not check the status of Mail's "Load remote content in messages" setting. This issue was addressed by improving configuration checking. CVE-ID CVE-2014-8839 : John Whitehead of The New York Times, Frode Moe of LastFriday.no Spotlight Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: Spotlight may save unexpected information to an external hard drive Description: An issue existed in Spotlight where memory contents may have been written to external hard drives when indexing. This issue was addressed with better memory management. CVE-ID CVE-2014-8832 : F-Secure SpotlightIndex Available for: OS X Yosemite v10.10 and v10.10.1 Impact: Spotlight may display results for files not belonging to the user Description: A deserialization issue existed in Spotlight's handling of permission caches. A user performing a Spotlight query may have been shown search results referencing files for which they don't have sufficient privileges to read. This issue was addressed with improved bounds checking. CVE-ID CVE-2014-8833 : David J Peacock, Independent Technology Consultant sysmond Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1 Impact: A malicious application may be able to execute arbitrary code with root privileges Description: A type confusion vulnerability existed in sysmond that allowed a local application to escalate privileges. The issue was addressed with improved type checking. CVE-ID CVE-2014-8835 : Ian Beer of Google Project Zero UserAccountUpdater Available for: OS X Yosemite v10.10 and v10.10.1 Impact: Printing-related preference files may contain sensitive information about PDF documents Description: OS X Yosemite v10.10 addressed an issue in the handling of password-protected PDF files created from the Print dialog where passwords may have been included in printing preference files. This update removes such extraneous information that may have been present in printing preference files. CVE-ID CVE-2014-8834 : Apple Note: OS X Yosemite 10.10.2 includes the security content of Safari 8.0.3. For further details see https://support.apple.com/kb/HT204243 OS X Yosemite 10.10.2 and Security Update 2015-001 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iQIcBAEBAgAGBQJUx8ufAAoJEBcWfLTuOo7tWecQAIFvaOlK0Ar2vbUaH0TIpO9F N9SbkWmdNHDNUvc3LJOaeVfAFlXPbgHYqXGIC0kZiRL5Kyhy/K2hH29iNoIDqfET D1jPWOaAFhzvohViYl12ne/A7bBs5v+3G6gqmGCDCqGyn5VFdUMmS0/ZJSCUkPQG LqTvj5D4ulYl8I5uA9Ur9jD2j/TkSCOWiSTO5diMlt1WcKb1fn5pl9b0YNweI8UX FcZPrIlVNeaSywuitdxZEcWOhsJYbS6Xw13crS/HNJGEO+5N7keCnCJiN9HW4Pt6 8iNAgkSWX6S8nP6mq3tiKJmvh6Qj88tvSLgotc79+C8djvkwkxr3611sSLRUStI/ qmwDeJS+rvNgFiLbcJjDDH1EC3qBqMb5mIsMtnXKDDMS8mNeJHaQFngK2YacFLuW gzAMZIcEhLpWq46rYHBsPsB1iG1shyxxz1zL+JKNAi1aTtfFrP3aItQBUG5T345V 0oJol8oxzen9KLNYJMvE9CTJlrRr204DoQkmhY2dUP2W1EQoEGw2qzy/zBIq0yFA 0FNVcSXE+T4yCyHRGakK/sccw6lyCP0xS/lgaPlkyHsFT3oalu9yyqNtDCJl/Cns sAa5dw0tlb8/zWQ3fsJna2yrw5xSboA5KWegtrjtjodrz8O1MjRrTPgx8AnLjKzq nggZl3Sa+QhfaHSUqSJI =uAqk -----END PGP SIGNATURE----- . HP has made the following patch kit available to resolve the vulnerabilities. The HP SSL Version 1.4-495 for OpenVMS is available from the following locations: OpenVMS HP SSL website: http://h71000.www7.hp.com/openvms/products/ssl/ssl.html The HP SSL Version 1.4-495 for OpenVMS kits for both Integrity and Alpha platforms have been uploaded to HP Support Center website. Customers can access the kits from Patch Management page. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2015-0001 Synopsis: VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues Issue date: 2015-01-27 Updated on: 2015-01-27 (Initial Advisory) CVE number: CVE-2014-8370, CVE-2015-1043, CVE-2015-1044 --- OPENSSL--- CVE-2014-3513, CVE-2014-3567,CVE-2014-3566, CVE-2014-3568 --- libxml2 --- CVE-2014-3660 - ------------------------------------------------------------------------ 1. Summary VMware vCenter Server, ESXi, Workstation, Player and Fusion address several security issues. 2. Relevant Releases VMware Workstation 10.x prior to version 10.0.5 VMware Player 6.x prior to version 6.0.5 VMware Fusion 7.x prior to version 7.0.1 VMware Fusion 6.x prior to version 6.0.5 vCenter Server 5.5 prior to Update 2d ESXi 5.5 without patch ESXi550-201403102-SG, ESXi550-201501101-SG ESXi 5.1 without patch ESXi510-201404101-SG ESXi 5.0 without patch ESXi500-201405101-SG 3. Problem Description a. VMware ESXi, Workstation, Player, and Fusion host privilege escalation vulnerability VMware ESXi, Workstation, Player and Fusion contain an arbitrary file write issue. Exploitation this issue may allow for privilege escalation on the host. The vulnerability does not allow for privilege escalation from the guest Operating System to the host or vice-versa. This means that host memory can not be manipulated from the Guest Operating System. Mitigation For ESXi to be affected, permissions must have been added to ESXi (or a vCenter Server managing it) for a virtual machine administrator role or greater. VMware would like to thank Shanon Olsson for reporting this issue to us through JPCERT. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2014-8370 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= Workstation 11.x any not affected Workstation 10.x any 10.0.5 Player 7.x any not affected Player 6.x any 6.0.5 Fusion 7.x any not affected Fusion 6.x any 6.0.5 ESXi 5.5 ESXi ESXi550-201403102-SG ESXi 5.1 ESXi ESXi510-201404101-SG ESXi 5.0 ESXi ESXi500-201405101-SG b. VMware Workstation, Player, and Fusion Denial of Service vulnerability VMware Workstation, Player, and Fusion contain an input validation issue in the Host Guest File System (HGFS). This issue may allow for a Denial of Service of the Guest Operating system. VMware would like to thank Peter Kamensky from Digital Security for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-1043 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= Workstation 11.x any not affected Workstation 10.x any 10.0.5 Player 7.x any not affected Player 6.x any 6.0.5 Fusion 7.x any 7.0.1 Fusion 6.x any 6.0.5 c. VMware ESXi, Workstation, and Player Denial of Service vulnerability VMware ESXi, Workstation, and Player contain an input validation issue in VMware Authorization process (vmware-authd). This issue may allow for a Denial of Service of the host. On VMware ESXi and on Workstation running on Linux the Denial of Service would be partial. VMware would like to thank Dmitry Yudin @ret5et for reporting this issue to us through HP's Zero Day Initiative. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-1044 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= Workstation 11.x any not affected Workstation 10.x any 10.0.5 Player 7.x any not affected Player 6.x any 6.0.5 Fusion 7.x any not affected Fusion 6.x any not affected ESXi 5.5 ESXi ESXi550-201501101-SG ESXi 5.1 ESXi ESXi510-201410101-SG ESXi 5.0 ESXi not affected d. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-3513, CVE-2014-3567, CVE-2014-3566 ("POODLE") and CVE-2014-3568 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= vCenter Server 5.5 any Update 2d* vCenter Server 5.1 any patch pending vCenter Server 5.0 any patch pending ESXi 5.5 ESXi ESXi550-201501101-SG ESXi 5.1 ESXi patch pending ESXi 5.0 ESXi patch pending * The VMware vCenter 5.5 SSO component will be updated in a later release e. Update to ESXi libxml2 package The libxml2 library is updated to version libxml2-2.7.6-17 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3660 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= ESXi 5.5 ESXi ESXi550-201501101-SG ESXi 5.1 ESXi patch pending ESXi 5.0 ESXi patch pending 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware Workstation 10.x -------------------------------- https://www.vmware.com/go/downloadworkstation VMware Player 6.x -------------------------------- https://www.vmware.com/go/downloadplayer VMware Fusion 7.x and 6.x -------------------------------- https://www.vmware.com/go/downloadplayer vCenter Server ---------------------------- Downloads and Documentation: https://www.vmware.com/go/download-vsphere ESXi 5.5 Update 2d ---------------------------- File: update-from-esxi5.5-5.5_update01.zip md5sum: 5773844efc7d8e43135de46801d6ea25 sha1sum: 6518355d260e81b562c66c5016781db9f077161f http://kb.vmware.com/kb/2065832 update-from-esxi5.5-5.5_update01 contains ESXi550-201403102-SG ESXi 5.5 ---------------------------- File: ESXi550-201501001.zip md5sum: b0f2edd9ad17d0bae5a11782aaef9304 sha1sum: 9cfcb1e2cf1bb845f0c96c5472d6b3a66f025dd1 http://kb.vmware.com/kb/2099265 ESXi550-201501001.zip contains ESXi550-201501101-SG ESXi 5.1 ---------------------------- File: ESXi510-201404001.zip md5sum: 9dc3c9538de4451244a2b62d247e52c4 sha1sum: 6b1ea36a2711665a670afc9ae37cdd616bb6da66 http://kb.vmware.com/kb/2070666 ESXi510-201404001 contains ESXi510-201404101-SG ESXi 5.0 ---------------------------- File: ESXi500-201405001.zip md5sum: 7cd1afc97f5f1e4b4132c90835f92e1d sha1sum: 4bd77eeb5d7fc65bbb6f25762b0fa74fbb9679d5 http://kb.vmware.com/kb/2075521 ESXi500-201405001 contains ESXi500-201405101-SG 5. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1043 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1044 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 - ------------------------------------------------------------------------ 6. Change log 2015-01-27 VMSA-2015-0001 Initial security advisory in conjunction with the release of VMware Workstation 10.0.5, VMware Player 6.0.5, vCenter Server 5.5 Update 2d and, ESXi 5.5 Patches released on 2015-01-27. - ------------------------------------------------------------------------ 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce at lists.vmware.com bugtraq at securityfocus.com fulldisclosure at seclists.org E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories Consolidated list of VMware Security Advisories http://kb.vmware.com/kb/2078735 VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html Twitter https://twitter.com/VMwareSRC Copyright 2015 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.0 (Build 8741) Charset: utf-8 wj8DBQFUx/+UDEcm8Vbi9kMRAmzrAKDG7u8ZTSlfQzU3eFphjebNgDkW2ACfZ9JE c75UD0ctlJx5607JuLfnb6Y= =IxpT -----END PGP SIGNATURE----- . References: CVE-2014-3566 Man-in-th-Middle (MitM) attack CVE-2014-3567 Remote Unauthorized Access CVE-2014-3568 Remote Denial of Service (DoS) SSRT101767 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The updates are available from the following ftp site. ftp://ssl098zc:Secure12@ftp.usa.hp.com User name: ssl098zc Password: (NOTE: Case sensitive) Secure12 HP-UX Release HP-UX OpenSSL version B.11.11 (11i v1) A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot B.11.23 (11i v2) A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot B.11.31 (11i v3) A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot MANUAL ACTIONS: Yes - Update Install OpenSSL A.00.09.08zc or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. CVE-ID CVE-2015-0248 CVE-2015-0251 Xcode 7.0 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "7.0". The HP Matrix Operating Environment v7.2.3 Update kit applicable to HP Matrix Operating Environment v7.2.x installations is available at the following location: https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =HPID NOTE: Please read the readme.txt file before proceeding with the installation. Release Date: 2015-04-01 Last Updated: 2015-04-01 Potential Security Impact: Remote disclosure of information Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) which are components of HP Insight Control server deployment. These vulnerabilities are related to the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE". The components of HP Insight Control server deployment could be exploited remotely to allow disclosure of information. HP Insight Control server deployment includes HP System Management Homepage (SMH), HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following jobs. This bulletin provides the information needed to update the vulnerable components in HP Insight Control server deployment. Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware References: CVE-2014-3508 CVE-2014-3509 CVE-2014-3511 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 SSRT102004 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3509 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3511 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3568 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-5139 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following instructions to resolve this vulnerability. Note: For HP Insight deployment Control server v7.1.2, v7.2.0, v7.2.1 and v7.2.2, you must upgrade to v7.3.1 and follow the steps from 1 to 11 mentioned below to resolve the vulnerability. Delete the files smh*.exe from Component Copy Location listed in the following table, rows 1 and 2. Delete the files vca*.exe/vcaamd64-*.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location 1 http://www.hp.com/swpublishing/MTX-bd2042a1c7574aad90c4839efe smhamd64-cp023964.exe \\express\hpfeatures\hpagents-ws\components\Win2008 2 http://www.hp.com/swpublishing/MTX-062078f1ae354b7e99c86c151c smhx86-cp023963.exe \\express\hpfeatures\hpagents-ws\components\Win2008 3 http://www.hp.com/swpublishing/MTX-7b23e47d5d9b420b94bd1323eb vcax86 cp025295.exe \\express\hpfeatures\hpagents-ws\components\Win2008 4 http://www.hp.com/swpublishing/MTX-2557aa7dc1654cf6b547c1a9e4 vcaamd64-cp025296.exe \\express\hpfeatures\hpagents-ws\components\Win2008 5 http://www.hp.com/swpublishing/MTX-5827037475e44abab586463723 Do not rename the downloaded component for this step. \\express\hpfeatures\hpagents-sles11-x64\components \\express\hpfeatures\hpagents-sles10-x64\components \\express\hpfeatures\hpagents-rhel5-x64\components \\express\hpfeatures\hpagents-rhel6-x64\components 6 http://www.hp.com/swpublishing/MTX-57ab6bb78b6e47a18718f44133 Do not rename the downloaded component for this step. \\express\hpfeatures\hpagents-sles11-x64\components \\express\hpfeatures\hpagents-sles10-x64\components \\express\hpfeatures\hpagents-rhel5-x64\components \\express\hpfeatures\hpagents-rhel6-x64\components 7 http://www.hp.com/swpublishing/MTX-34bcab41ac7e4db299e3f5f2f1 smhx86-cp025274.exe \\express\hpfeatures\hpagents-ws\components\Win2003 8 http://www.hp.com/swpublishing/MTX-00eb9ac82e86449e8c3ba101bd smhamd64-cp025275.exe \\express\hpfeatures\hpagents-ws\components\Win2003 Download and extract the HP SUM component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p991570621/v99346 Copy all content from extracted folder and paste at \\eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on the target running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on the target running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on the target running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on the target running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 job on the target running Windows. HISTORY Version:1 (rev.1) - 1 April 2015 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201410-0371 CVE-2014-3513 OpenSSL DTLS SRTP Extended memory leak vulnerability CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. OpenSSL is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks and to crash the affected application. OpenSSL 1.0.1 versions prior to 1.0.1j are affected. This could be exploited in a Denial Of Service attack. This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team. The fix was developed by the OpenSSL team. This issue was reported to OpenSSL on 8th October 2014. The fix was developed by Stephen Henson of the OpenSSL core team. https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 https://www.openssl.org/~bodo/ssl-poodle.pdf Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller. This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014. The fix was developed by Akamai and the OpenSSL team. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv_20141015.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html . The HP Matrix Operating Environment v7.2.3 Update kit applicable to HP Matrix Operating Environment 7.2.x installations is available at the following location: https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =HPID NOTE: Please read the readme.txt file before proceeding with the installation. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded. (* Security fix *) patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded. For more information, see: https://www.openssl.org/news/secadv_20141015.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 packages: 44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz 8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz Slackware x86_64 13.0 packages: 671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz 21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz Slackware 13.1 packages: 64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz 5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz Slackware x86_64 13.1 packages: 94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz 2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz Slackware 13.37 packages: 4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz fedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz Slackware x86_64 13.37 packages: 5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz 6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz Slackware 14.0 packages: 2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz f7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz Slackware x86_64 14.0 packages: 41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz 40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz Slackware 14.1 packages: 024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz 0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz Slackware x86_64 14.1 packages: d07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz 1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz Slackware -current packages: 53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz cc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz Slackware x86_64 -current packages: 500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz c483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. Corrected: 2014-10-15 19:59:43 UTC (stable/10, 10.1-PRERELEASE) 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC3) 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC2-p1) 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC1-p1) 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-BETA3-p1) 2014-10-21 20:21:10 UTC (releng/10.0, 10.0-RELEASE-p10) 2014-10-15 20:28:31 UTC (stable/9, 9.3-STABLE) 2014-10-21 20:21:10 UTC (releng/9.3, 9.3-RELEASE-p3) 2014-10-21 20:21:10 UTC (releng/9.2, 9.2-RELEASE-p13) 2014-10-21 20:21:10 UTC (releng/9.1, 9.1-RELEASE-p20) 2014-10-15 20:28:31 UTC (stable/8, 8.4-STABLE) 2014-10-21 20:21:27 UTC (releng/8.4, 8.4-RELEASE-p17) CVE Name: CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. Background FreeBSD includes software from the OpenSSL Project. II. [CVE-2014-3513]. [CVE-2014-3567]. This protocol weakness makes it possible for an attacker to obtain clear text data through a padding-oracle attack. Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE [CVE-2014-3566]. OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade. When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them. [CVE-2014-3568]. III. [CVE-2014-3567]. An active man-in-the-middle attacker can force a protocol downgrade to SSLv3 and exploit the weakness of SSLv3 to obtain clear text data from the connection. [CVE-2014-3566] [CVE-2014-3568] IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 10.0] # fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-10.0.patch # fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-10.0.patch.asc # gpg --verify openssl-10.0.patch.asc [FreeBSD 9.3] # fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-9.3.patch # fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-9.3.patch.asc # gpg --verify openssl-9.3.patch.asc [FreeBSD 8.4, 9.1 and 9.2] # fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-8.4.patch # fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-8.4.patch.asc # gpg --verify openssl-8.4.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in <URL:http://www.FreeBSD.org/handbook/makeworld.html>. Restart all deamons using the library, or reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r273151 releng/8.4/ r273416 stable/9/ r273151 releng/9.1/ r273415 releng/9.2/ r273415 releng/9.3/ r273415 stable/10/ r273149 releng/10.0/ r273415 releng/10.1/ r273399 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This update adds support for Fallback SCSV to mitigate this issue. For the stable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u13. For the unstable distribution (sid), these problems have been fixed in version 1.0.1j-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openssl security update Advisory ID: RHSA-2014:1652-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1652.html Issue date: 2014-10-16 CVE Names: CVE-2014-3513 CVE-2014-3567 ===================================================================== 1. Summary: Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. (CVE-2014-3513) A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. (CVE-2014-3567) All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to mitigate the CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: openssl-1.0.1e-30.el6_6.2.src.rpm i386: openssl-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm x86_64: openssl-1.0.1e-30.el6_6.2.i686.rpm openssl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-devel-1.0.1e-30.el6_6.2.i686.rpm openssl-perl-1.0.1e-30.el6_6.2.i686.rpm openssl-static-1.0.1e-30.el6_6.2.i686.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.2.i686.rpm openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: openssl-1.0.1e-30.el6_6.2.src.rpm x86_64: openssl-1.0.1e-30.el6_6.2.i686.rpm openssl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.2.i686.rpm openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: openssl-1.0.1e-30.el6_6.2.src.rpm i386: openssl-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-devel-1.0.1e-30.el6_6.2.i686.rpm ppc64: openssl-1.0.1e-30.el6_6.2.ppc.rpm openssl-1.0.1e-30.el6_6.2.ppc64.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.ppc.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.ppc64.rpm openssl-devel-1.0.1e-30.el6_6.2.ppc.rpm openssl-devel-1.0.1e-30.el6_6.2.ppc64.rpm s390x: openssl-1.0.1e-30.el6_6.2.s390.rpm openssl-1.0.1e-30.el6_6.2.s390x.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.s390.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.s390x.rpm openssl-devel-1.0.1e-30.el6_6.2.s390.rpm openssl-devel-1.0.1e-30.el6_6.2.s390x.rpm x86_64: openssl-1.0.1e-30.el6_6.2.i686.rpm openssl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.2.i686.rpm openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-perl-1.0.1e-30.el6_6.2.i686.rpm openssl-static-1.0.1e-30.el6_6.2.i686.rpm ppc64: openssl-debuginfo-1.0.1e-30.el6_6.2.ppc64.rpm openssl-perl-1.0.1e-30.el6_6.2.ppc64.rpm openssl-static-1.0.1e-30.el6_6.2.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-30.el6_6.2.s390x.rpm openssl-perl-1.0.1e-30.el6_6.2.s390x.rpm openssl-static-1.0.1e-30.el6_6.2.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: openssl-1.0.1e-30.el6_6.2.src.rpm i386: openssl-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-devel-1.0.1e-30.el6_6.2.i686.rpm x86_64: openssl-1.0.1e-30.el6_6.2.i686.rpm openssl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.2.i686.rpm openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm openssl-perl-1.0.1e-30.el6_6.2.i686.rpm openssl-static-1.0.1e-30.el6_6.2.i686.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: openssl-1.0.1e-34.el7_0.6.src.rpm x86_64: openssl-1.0.1e-34.el7_0.6.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.6.i686.rpm openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.6.i686.rpm openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm openssl-static-1.0.1e-34.el7_0.6.i686.rpm openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssl-1.0.1e-34.el7_0.6.src.rpm x86_64: openssl-1.0.1e-34.el7_0.6.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.6.i686.rpm openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.6.i686.rpm openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm openssl-static-1.0.1e-34.el7_0.6.i686.rpm openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl-1.0.1e-34.el7_0.6.src.rpm ppc64: openssl-1.0.1e-34.el7_0.6.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.6.ppc.rpm openssl-devel-1.0.1e-34.el7_0.6.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.6.ppc.rpm openssl-libs-1.0.1e-34.el7_0.6.ppc64.rpm s390x: openssl-1.0.1e-34.el7_0.6.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.s390x.rpm openssl-devel-1.0.1e-34.el7_0.6.s390.rpm openssl-devel-1.0.1e-34.el7_0.6.s390x.rpm openssl-libs-1.0.1e-34.el7_0.6.s390.rpm openssl-libs-1.0.1e-34.el7_0.6.s390x.rpm x86_64: openssl-1.0.1e-34.el7_0.6.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.6.i686.rpm openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.6.i686.rpm openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: openssl-debuginfo-1.0.1e-34.el7_0.6.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.6.ppc64.rpm openssl-static-1.0.1e-34.el7_0.6.ppc.rpm openssl-static-1.0.1e-34.el7_0.6.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-34.el7_0.6.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.s390x.rpm openssl-perl-1.0.1e-34.el7_0.6.s390x.rpm openssl-static-1.0.1e-34.el7_0.6.s390.rpm openssl-static-1.0.1e-34.el7_0.6.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm openssl-static-1.0.1e-34.el7_0.6.i686.rpm openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssl-1.0.1e-34.el7_0.6.src.rpm x86_64: openssl-1.0.1e-34.el7_0.6.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.6.i686.rpm openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.6.i686.rpm openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm openssl-static-1.0.1e-34.el7_0.6.i686.rpm openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3513.html https://www.redhat.com/security/data/cve/CVE-2014-3567.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/1232123 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUP940XlSAg2UNWIIRAhUYAJ4or1rZ25E0BXjTPyeDsN+keTz3twCdHDEz qY686VXQQ02SLq5vTvKfuHk= =McEc -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04624296 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04624296 Version: 1 HPSBMU03304 rev.1 - HP Insight Control server deployment on Linux and Windows, Remote Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2015-04-01 Last Updated: 2015-04-01 Potential Security Impact: Remote disclosure of information Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) which are components of HP Insight Control server deployment. These vulnerabilities are related to the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE". The components of HP Insight Control server deployment could be exploited remotely to allow disclosure of information. HP Insight Control server deployment includes HP System Management Homepage (SMH), HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following jobs. This bulletin provides the information needed to update the vulnerable components in HP Insight Control server deployment. Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware References: CVE-2014-3508 CVE-2014-3509 CVE-2014-3511 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 SSRT102004 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3509 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3511 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3568 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-5139 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following instructions to resolve this vulnerability. Note: For HP Insight deployment Control server v7.1.2, v7.2.0, v7.2.1 and v7.2.2, you must upgrade to v7.3.1 and follow the steps from 1 to 11 mentioned below to resolve the vulnerability. Delete the files smh*.exe from Component Copy Location listed in the following table, rows 1 and 2. Delete the files vca*.exe/vcaamd64-*.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location 1 http://www.hp.com/swpublishing/MTX-bd2042a1c7574aad90c4839efe smhamd64-cp023964.exe \\express\hpfeatures\hpagents-ws\components\Win2008 2 http://www.hp.com/swpublishing/MTX-062078f1ae354b7e99c86c151c smhx86-cp023963.exe \\express\hpfeatures\hpagents-ws\components\Win2008 3 http://www.hp.com/swpublishing/MTX-7b23e47d5d9b420b94bd1323eb vcax86 cp025295.exe \\express\hpfeatures\hpagents-ws\components\Win2008 4 http://www.hp.com/swpublishing/MTX-2557aa7dc1654cf6b547c1a9e4 vcaamd64-cp025296.exe \\express\hpfeatures\hpagents-ws\components\Win2008 5 http://www.hp.com/swpublishing/MTX-5827037475e44abab586463723 Do not rename the downloaded component for this step. \\express\hpfeatures\hpagents-sles11-x64\components \\express\hpfeatures\hpagents-sles10-x64\components \\express\hpfeatures\hpagents-rhel5-x64\components \\express\hpfeatures\hpagents-rhel6-x64\components 6 http://www.hp.com/swpublishing/MTX-57ab6bb78b6e47a18718f44133 Do not rename the downloaded component for this step. \\express\hpfeatures\hpagents-sles11-x64\components \\express\hpfeatures\hpagents-sles10-x64\components \\express\hpfeatures\hpagents-rhel5-x64\components \\express\hpfeatures\hpagents-rhel6-x64\components 7 http://www.hp.com/swpublishing/MTX-34bcab41ac7e4db299e3f5f2f1 smhx86-cp025274.exe \\express\hpfeatures\hpagents-ws\components\Win2003 8 http://www.hp.com/swpublishing/MTX-00eb9ac82e86449e8c3ba101bd smhamd64-cp025275.exe \\express\hpfeatures\hpagents-ws\components\Win2003 Download and extract the HP SUM component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p991570621/v99346 Copy all content from extracted folder and paste at \\eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on the target running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on the target running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on the target running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on the target running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 job on the target running Windows. HISTORY Version:1 (rev.1) - 1 April 2015 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201410-1418 CVE-2014-3566 HP Security Bulletin HPSBST03265

Related entries in the VARIoT exploits database: VAR-E-201410-0385
CVSS V2: 4.3
CVSS V3: 3.4
Severity: LOW
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. There is a security vulnerability in the SSL protocol 3.0 version used in OpenSSL 1.0.1i and earlier versions. The vulnerability is caused by the program's use of non-deterministic CBC padding. Attackers can use padding-oracle attacks to exploit this vulnerability to implement man-in-the-middle attacks and obtain plaintext data. HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-ibm security update Advisory ID: RHSA-2014:1876-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html Issue date: 2014-11-19 CVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6515 CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 ===================================================================== 1. Summary: Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 3. Description: IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-3065, CVE-2014-3566, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558) The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM article linked to in the References section for additional details about this change and instructions on how to re-enable SSL 3.0 support if needed. All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR8 release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509) 1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564) 1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274) 1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797) 1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066) 1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846) 1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540) 1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment) 1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment) 1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment) 1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack 1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm x86_64: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm ppc: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm s390x: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm x86_64: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3065 https://access.redhat.com/security/cve/CVE-2014-3566 https://access.redhat.com/security/cve/CVE-2014-4288 https://access.redhat.com/security/cve/CVE-2014-6456 https://access.redhat.com/security/cve/CVE-2014-6457 https://access.redhat.com/security/cve/CVE-2014-6458 https://access.redhat.com/security/cve/CVE-2014-6476 https://access.redhat.com/security/cve/CVE-2014-6492 https://access.redhat.com/security/cve/CVE-2014-6493 https://access.redhat.com/security/cve/CVE-2014-6502 https://access.redhat.com/security/cve/CVE-2014-6503 https://access.redhat.com/security/cve/CVE-2014-6506 https://access.redhat.com/security/cve/CVE-2014-6511 https://access.redhat.com/security/cve/CVE-2014-6512 https://access.redhat.com/security/cve/CVE-2014-6515 https://access.redhat.com/security/cve/CVE-2014-6527 https://access.redhat.com/security/cve/CVE-2014-6531 https://access.redhat.com/security/cve/CVE-2014-6532 https://access.redhat.com/security/cve/CVE-2014-6558 https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/ https://www-01.ibm.com/support/docview.wss?uid=swg21688165 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY ehbScogUJnSordhBH11LgWQ= =ko7F -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-10-16-2 Security Update 2014-005 Security Update 2014-005 is now available and addresses the following: Secure Transport Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support a better TLS version, by blocking TLS 1.0 and higher connection attempts. This issue was addressed by disabling CBC cipher suites when TLS connection attempts fail. CVE-ID CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of Google Security Team Note: Security Update 2014-005 includes the security content of OS X bash Update 1.0. For further details see https://support.apple.com/kb/HT6495 Security Update 2014-005 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJUQCI2AAoJEBcWfLTuOo7t5ygP/0l9VIBlR7Q6ocMRSB61+2uN adB6UoEcmJCkUwmEAWOlVT0GlrtV+h2FbQGSKAkiDK5b7+E9UfX8UXneyaV4MWbj BFDVFt/R0RRYpuojfmhNvMP+p7TFA1QsaHAUrWBtBomJ1+326YIhXBtWMIbVRGHC S4OZgVbwSnyeJ3o74ftr+CcMu9PFXOMDj0Sdv6rb5af9vkNjfocp8J4El2psr3fO Ari7bJNSQL2D2ZeGxR7aYu8JMdKQ7N0vnF/c24/z7zd3AgoLQLXsg6F0wI45vRNi PxvmIAJ217qOva/4XRwve/YdxlpmYRwpkTXTDn7nMyTXsrtUm4PVumxKJJEScYmc bU9Ckw1CUEQdcd883aB0NgLkf5LTPzsih+ak6xRzElp3QbmnPQ2y0GrnwryXQgLI KEFrhFCkru7RPaPhXGpeqNB25iT99Rp6rc1w/LvhhZiEArBKyVwdWPAwt4ZAMBQY UKZYYi6rQKEf+Tf5REoUv9OZCQFYFiuK6/5J/mAcKsZUN6+hxFRrNeq3Kg4GNMnS v8T8Z0Z5IXbDBdptF6aSYI3sQYkvHob4ujAKxSLFJk9WJOl6y3/TIwGN5eTRxA0K I+ZXxp9H0tDyHwIgGw/d9FWeW56mTqlcln5M5+V2jphi1h/0EqK70YpBnq4D/tI2 vDl+zNHL/d2D8rWh8csq =c286 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04501908 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04501908 Version: 1 HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2014-11-14 Last Updated: 2014-11-14 Potential Security Impact: Remote disclosure of information Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. SSLv3 is enabled by default in the current HP iCAS client software. References: CVE-2014-3566 (SSRT101824) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. All HP iCAS versions prior to version 14.11-38437 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has made the following update available for the HP iCAS client kit to resolve the vulnerability in HP Remote Device Access: Instant Customer Access Server (iCAS). - iCAS version 14.11-38437 The HP iCAS client should be used to connect to HP at https://midway.corp.hp.com/icas/current/iCasStart.html which will force the upgrade to iCAS version 14.11-38437. Note: The new version of HP iCAS has updated OpenSSL libraries from OpenSSL version 1.0.0g to 1.0.1j. HISTORY Version:1 (rev.1) - 14 November 2014 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201410-0978 CVE-2014-8755 Panasonic Network Camera View WebVideoCam ActiveX Remote code execution vulnerability CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Panasonic Network Camera View 3 and 4 allows remote attackers to execute arbitrary code via a crafted page, which triggers an invalid pointer dereference, related to "the ability to nullify an arbitrary address in memory.". User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the GetImageDataPrint method of the WebVideoCam ActiveX control. The issue lies in the ability to nullify an arbitrary address in memory. An attacker can leverage this vulnerability to execute code under the context of the current process. Panasonic Network Camera View is a webcam viewing app. Failed exploit attempts will likely result in denial-of-service conditions
VAR-201410-1415 CVE-2014-8756 Panasonic Network Camera Recorder Remote code execution vulnerability CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call, which writes null bytes to an arbitrary address. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within then NcrCtl4.NcrNet.1 control. An attacker can leverage this to execute arbitrary code in the context of the browser. Panasonic Network Camera is a Panasonic network camera. Failed exploit attempts will likely result in denial-of-service conditions
VAR-201410-0066 CVE-2014-3406 Cisco Intrusion Prevention System Software IP Service operation interruption in logging function (DoS) Vulnerabilities CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1(7)E4 and earlier allows remote attackers to cause a denial of service (device reload) via crafted IP traffic that matches a problematic rule, aka Bug ID CSCud82085. ( Device reload ) There are vulnerabilities that are put into a state. Cisco Intrusion Prevention System is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCud82085. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors
VAR-201410-1419 No CVE SAP BusinessObjects Explorer XML External Entity Injection Vulnerability (CNVD-2014-06710) CVSS V2: 9.0
CVSS V3: -
Severity: HIGH
Business Objects is the world's leading business intelligence (BI) software company. SAP BusinessObjects Explorer is a browser that it launched. An external XML material injection vulnerability exists in SAP BusinessObjects Explorer. An information disclosure vulnerability exists because the program failed to properly authenticate the user's input
VAR-201410-1417 CVE-2014-0564 Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558. This vulnerability CVE-2014-0558 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.418" References ========== [ 1 ] CVE-2014-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0558 [ 2 ] CVE-2014-0564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0564 [ 3 ] CVE-2014-0569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0569 [ 4 ] CVE-2014-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0573 [ 5 ] CVE-2014-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0574 [ 6 ] CVE-2014-0576 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0576 [ 7 ] CVE-2014-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0577 [ 8 ] CVE-2014-0581 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0581 [ 9 ] CVE-2014-0582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0582 [ 10 ] CVE-2014-0583 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0583 [ 11 ] CVE-2014-0584 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0584 [ 12 ] CVE-2014-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0585 [ 13 ] CVE-2014-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0586 [ 14 ] CVE-2014-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0588 [ 15 ] CVE-2014-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0589 [ 16 ] CVE-2014-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0590 [ 17 ] CVE-2014-8437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8437 [ 18 ] CVE-2014-8438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8438 [ 19 ] CVE-2014-8440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8440 [ 20 ] CVE-2014-8441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8441 [ 21 ] CVE-2014-8442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8442 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1648-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1648.html Issue date: 2014-10-15 CVE Names: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-22, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1152775 - CVE-2014-0564 CVE-2014-0558 CVE-2014-0569 flash-plugin: multiple code execution flaws (APSB14-22) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.411-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.411-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.411-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.411-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0558.html https://www.redhat.com/security/data/cve/CVE-2014-0564.html https://www.redhat.com/security/data/cve/CVE-2014-0569.html https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-22.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUPuDGXlSAg2UNWIIRAsobAJ9vnW0PysUhlqb4KDFHcw8Q7+rzqgCePtuZ Wum8dH3c44zrI0LJNv9/khY= =kNs5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201410-1416 CVE-2014-0569 Adobe Flash Player and Adobe AIR Integer overflow vulnerability CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the implementation of casi32. The issue lies in the failure to properly sanitize a user-supplied length value with a specific array implementation. An attacker can leverage this vulnerability to execute code within the context of the current process. Failed exploit attempts will likely cause a denial-of-service condition. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.418" References ========== [ 1 ] CVE-2014-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0558 [ 2 ] CVE-2014-0564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0564 [ 3 ] CVE-2014-0569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0569 [ 4 ] CVE-2014-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0573 [ 5 ] CVE-2014-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0574 [ 6 ] CVE-2014-0576 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0576 [ 7 ] CVE-2014-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0577 [ 8 ] CVE-2014-0581 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0581 [ 9 ] CVE-2014-0582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0582 [ 10 ] CVE-2014-0583 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0583 [ 11 ] CVE-2014-0584 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0584 [ 12 ] CVE-2014-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0585 [ 13 ] CVE-2014-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0586 [ 14 ] CVE-2014-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0588 [ 15 ] CVE-2014-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0589 [ 16 ] CVE-2014-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0590 [ 17 ] CVE-2014-8437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8437 [ 18 ] CVE-2014-8438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8438 [ 19 ] CVE-2014-8440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8440 [ 20 ] CVE-2014-8441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8441 [ 21 ] CVE-2014-8442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8442 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1648-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1648.html Issue date: 2014-10-15 CVE Names: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-22, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1152775 - CVE-2014-0564 CVE-2014-0558 CVE-2014-0569 flash-plugin: multiple code execution flaws (APSB14-22) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.411-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.411-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.411-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.411-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0558.html https://www.redhat.com/security/data/cve/CVE-2014-0564.html https://www.redhat.com/security/data/cve/CVE-2014-0569.html https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-22.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUPuDGXlSAg2UNWIIRAsobAJ9vnW0PysUhlqb4KDFHcw8Q7+rzqgCePtuZ Wum8dH3c44zrI0LJNv9/khY= =kNs5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201410-1044 CVE-2014-0558 Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564. This vulnerability CVE-2014-0564 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.418" References ========== [ 1 ] CVE-2014-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0558 [ 2 ] CVE-2014-0564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0564 [ 3 ] CVE-2014-0569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0569 [ 4 ] CVE-2014-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0573 [ 5 ] CVE-2014-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0574 [ 6 ] CVE-2014-0576 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0576 [ 7 ] CVE-2014-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0577 [ 8 ] CVE-2014-0581 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0581 [ 9 ] CVE-2014-0582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0582 [ 10 ] CVE-2014-0583 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0583 [ 11 ] CVE-2014-0584 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0584 [ 12 ] CVE-2014-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0585 [ 13 ] CVE-2014-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0586 [ 14 ] CVE-2014-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0588 [ 15 ] CVE-2014-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0589 [ 16 ] CVE-2014-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0590 [ 17 ] CVE-2014-8437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8437 [ 18 ] CVE-2014-8438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8438 [ 19 ] CVE-2014-8440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8440 [ 20 ] CVE-2014-8441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8441 [ 21 ] CVE-2014-8442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8442 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1648-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1648.html Issue date: 2014-10-15 CVE Names: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-22, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1152775 - CVE-2014-0564 CVE-2014-0558 CVE-2014-0569 flash-plugin: multiple code execution flaws (APSB14-22) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.411-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.411-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.411-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.411-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.411-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.411-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0558.html https://www.redhat.com/security/data/cve/CVE-2014-0564.html https://www.redhat.com/security/data/cve/CVE-2014-0569.html https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-22.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUPuDGXlSAg2UNWIIRAsobAJ9vnW0PysUhlqb4KDFHcw8Q7+rzqgCePtuZ Wum8dH3c44zrI0LJNv9/khY= =kNs5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201410-0965 CVE-2014-6478 Oracle MySQL of MySQL Server In SERVER:SSL:yaSSL Vulnerabilities CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL. The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'SERVER:SSL:yaSSL' sub component is affected. This vulnerability affects the following supported versions: 5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. A remote attacker could exploit this vulnerability to update, insert, and delete data, affecting data integrity. ============================================================================ Ubuntu Security Notice USN-2384-1 October 15, 2014 mysql-5.5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.5: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.12.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2384-1 CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559 Package Information: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3054-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso October 20, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2012-5615 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6478 CVE-2014-6484 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 Debian Bug : 765663 Several issues have been discovered in the MySQL database server. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.40-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your mysql-5.5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJURSC7AAoJEAVMuPMTQ89EasQP/RxXHja/33Mofs2nZY2T0c++ BblmAs1D8t1csPTPjPGC2UFrBNWvvKSintqHid1W34ulFQahR+Uw0t6vuNOKoVnh oBnayvOkAl2R6EcMS3DrdEPCgmj6NGC6QNG2Qt43a5tYdR3YCBTCMhPcHoIM6m3J eQH/3UetTKrxvqM0nXNjTcVppdHUzKP3b2W/DRP90X0qtD5DdkqEqh12rCZVBvnO b3AegaZ/PoEnmzqXkLIpRs2Dtx9P/dWeL9vCDZN0X6h+NSJzXYd0YfjfEIYldSXI vKHIXFyno69pelQ7YoUA/+XKyVbvZzPL1STgV9dJtHWUi4TMR9VgIFuJMVaBoNDR YTcfN61CfOkhUI45PhEp+mprlKVwwrLXrR/R5g4dHr28EmdQmvIJOOtxbUJAUd0m y7q5PUuXWuVC54Kjm51m249dNY8IMgBAiIdrvlQyQiOL28Wgc0z2+IWFZnSL8eSH 5l8jKi20x6BYNIKQHWBqt2s4yej39dNaiNnCGqnUUOCzrbpfY1xzP25GPtQo+jVc +1IygdKN8SG3S5FTQcHsND4C2cb3A9Tgf2gwffVrQq0TyQvXQbGjWN+xh4FAhU/D ysAYdd2zPQGd+9OAE/Ja1uMZ2NY/CTzn9y5Or6eTCLpDmNFN28MsvQ9SAkAWVKe8 SgOwAiXo3xRUsGy6UiHm =j4S6 -----END PGP SIGNATURE-----
VAR-201410-0834 CVE-2014-6500 Oracle MySQL of MySQL Server In SERVER:SSL:yaSSL Vulnerabilities CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491. This vulnerability CVE-2014-6491 Is a different vulnerability.Information is obtained by a third party, information is altered, and service operation is interrupted. (DoS) An attack may be carried out. The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'SERVER:SSL:yaSSL' sub component is affected. This vulnerability affects the following supported versions: 5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================ Ubuntu Security Notice USN-2384-1 October 15, 2014 mysql-5.5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.5: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.12.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2384-1 CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559 Package Information: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mariadb (SSA:2014-307-01) New mariadb packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz Slackware x86_64 14.1 package: dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz Slackware -current package: f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz Slackware x86_64 -current package: 6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz Then, restart the database server: # sh /etc/rc.d/rc.mysqld restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw 3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu =11Km -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MySQL, MariaDB: Multiple vulnerabilities Date: November 05, 2014 Bugs: #525504 ID: 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the MySQL and MariaDB, possibly allowing attackers to cause unspecified impact. Background ========== MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 5.5.40 >= 5.5.40 2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple unspecified vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code, Denial of Service, or disclosure of sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40" All MariaDB users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1" References ========== [ 1 ] CVE-2014-6464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464 [ 2 ] CVE-2014-6469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469 [ 3 ] CVE-2014-6491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491 [ 4 ] CVE-2014-6494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494 [ 5 ] CVE-2014-6496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496 [ 6 ] CVE-2014-6500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500 [ 7 ] CVE-2014-6507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507 [ 8 ] CVE-2014-6555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555 [ 9 ] CVE-2014-6559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.40-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your mysql-5.5 packages
VAR-201410-0829 CVE-2014-6495 Oracle MySQL of MySQL Server In SERVER:SSL:yaSSL Vulnerabilities CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL. The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'SERVER:SSL:yaSSL' sub component is affected. This vulnerability affects the following supported versions: 5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================ Ubuntu Security Notice USN-2384-1 October 15, 2014 mysql-5.5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.5: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.12.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2384-1 CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559 Package Information: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3054-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso October 20, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2012-5615 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6478 CVE-2014-6484 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 Debian Bug : 765663 Several issues have been discovered in the MySQL database server. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.40-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your mysql-5.5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJURSC7AAoJEAVMuPMTQ89EasQP/RxXHja/33Mofs2nZY2T0c++ BblmAs1D8t1csPTPjPGC2UFrBNWvvKSintqHid1W34ulFQahR+Uw0t6vuNOKoVnh oBnayvOkAl2R6EcMS3DrdEPCgmj6NGC6QNG2Qt43a5tYdR3YCBTCMhPcHoIM6m3J eQH/3UetTKrxvqM0nXNjTcVppdHUzKP3b2W/DRP90X0qtD5DdkqEqh12rCZVBvnO b3AegaZ/PoEnmzqXkLIpRs2Dtx9P/dWeL9vCDZN0X6h+NSJzXYd0YfjfEIYldSXI vKHIXFyno69pelQ7YoUA/+XKyVbvZzPL1STgV9dJtHWUi4TMR9VgIFuJMVaBoNDR YTcfN61CfOkhUI45PhEp+mprlKVwwrLXrR/R5g4dHr28EmdQmvIJOOtxbUJAUd0m y7q5PUuXWuVC54Kjm51m249dNY8IMgBAiIdrvlQyQiOL28Wgc0z2+IWFZnSL8eSH 5l8jKi20x6BYNIKQHWBqt2s4yej39dNaiNnCGqnUUOCzrbpfY1xzP25GPtQo+jVc +1IygdKN8SG3S5FTQcHsND4C2cb3A9Tgf2gwffVrQq0TyQvXQbGjWN+xh4FAhU/D ysAYdd2zPQGd+9OAE/Ja1uMZ2NY/CTzn9y5Or6eTCLpDmNFN28MsvQ9SAkAWVKe8 SgOwAiXo3xRUsGy6UiHm =j4S6 -----END PGP SIGNATURE-----
VAR-201410-0830 CVE-2014-6496 Oracle MySQL of MySQL Server In CLIENT:SSL:yaSSL Vulnerabilities CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494. This vulnerability CVE-2014-6494 Is a different vulnerability.Service disruption by a third party (DoS) An attack may be carried out. The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'CLIENT:SSL:yaSSL' sub component is affected. This vulnerability affects the following supported versions: 5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================ Ubuntu Security Notice USN-2384-1 October 15, 2014 mysql-5.5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.5: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.12.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2384-1 CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559 Package Information: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mariadb (SSA:2014-307-01) New mariadb packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz Slackware x86_64 14.1 package: dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz Slackware -current package: f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz Slackware x86_64 -current package: 6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz Then, restart the database server: # sh /etc/rc.d/rc.mysqld restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw 3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu =11Km -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MySQL, MariaDB: Multiple vulnerabilities Date: November 05, 2014 Bugs: #525504 ID: 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the MySQL and MariaDB, possibly allowing attackers to cause unspecified impact. Background ========== MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 5.5.40 >= 5.5.40 2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple unspecified vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code, Denial of Service, or disclosure of sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40" All MariaDB users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1" References ========== [ 1 ] CVE-2014-6464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464 [ 2 ] CVE-2014-6469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469 [ 3 ] CVE-2014-6491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491 [ 4 ] CVE-2014-6494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494 [ 5 ] CVE-2014-6496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496 [ 6 ] CVE-2014-6500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500 [ 7 ] CVE-2014-6507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507 [ 8 ] CVE-2014-6555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555 [ 9 ] CVE-2014-6559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.40-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your mysql-5.5 packages
VAR-201410-0828 CVE-2014-6494 Oracle MySQL of MySQL Server In CLIENT:SSL:yaSSL Vulnerabilities CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496. This vulnerability CVE-2014-6496 Is a different vulnerability.Service disruption by a third party (DoS) An attack may be carried out. The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'CLIENT:SSL:yaSSL' sub component is affected. This vulnerability affects the following supported versions: 5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================ Ubuntu Security Notice USN-2384-1 October 15, 2014 mysql-5.5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.5: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.12.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2384-1 CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559 Package Information: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mariadb (SSA:2014-307-01) New mariadb packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz Slackware x86_64 14.1 package: dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz Slackware -current package: f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz Slackware x86_64 -current package: 6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz Then, restart the database server: # sh /etc/rc.d/rc.mysqld restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw 3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu =11Km -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MySQL, MariaDB: Multiple vulnerabilities Date: November 05, 2014 Bugs: #525504 ID: 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the MySQL and MariaDB, possibly allowing attackers to cause unspecified impact. Background ========== MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 5.5.40 >= 5.5.40 2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple unspecified vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code, Denial of Service, or disclosure of sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40" All MariaDB users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1" References ========== [ 1 ] CVE-2014-6464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464 [ 2 ] CVE-2014-6469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469 [ 3 ] CVE-2014-6491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491 [ 4 ] CVE-2014-6494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494 [ 5 ] CVE-2014-6496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496 [ 6 ] CVE-2014-6500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500 [ 7 ] CVE-2014-6507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507 [ 8 ] CVE-2014-6555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555 [ 9 ] CVE-2014-6559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.40-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your mysql-5.5 packages
VAR-201410-0825 CVE-2014-6491 Oracle MySQL of MySQL Server In SERVER:SSL:yaSSL Vulnerabilities CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500. This vulnerability CVE-2014-6500 Is a different vulnerability.Information is obtained by a third party, information is altered, and service operation is interrupted. (DoS) An attack may be carried out. The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'SERVER:SSL:yaSSL' sub component is affected. This vulnerability affects the following supported versions: 5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================ Ubuntu Security Notice USN-2384-1 October 15, 2014 mysql-5.5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.5: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.12.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2384-1 CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559 Package Information: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mariadb (SSA:2014-307-01) New mariadb packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz Slackware x86_64 14.1 package: dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz Slackware -current package: f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz Slackware x86_64 -current package: 6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz Then, restart the database server: # sh /etc/rc.d/rc.mysqld restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw 3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu =11Km -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MySQL, MariaDB: Multiple vulnerabilities Date: November 05, 2014 Bugs: #525504 ID: 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the MySQL and MariaDB, possibly allowing attackers to cause unspecified impact. Background ========== MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 5.5.40 >= 5.5.40 2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple unspecified vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code, Denial of Service, or disclosure of sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40" All MariaDB users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1" References ========== [ 1 ] CVE-2014-6464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464 [ 2 ] CVE-2014-6469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469 [ 3 ] CVE-2014-6491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491 [ 4 ] CVE-2014-6494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494 [ 5 ] CVE-2014-6496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496 [ 6 ] CVE-2014-6500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500 [ 7 ] CVE-2014-6507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507 [ 8 ] CVE-2014-6555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555 [ 9 ] CVE-2014-6559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.40-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your mysql-5.5 packages
VAR-201410-0859 CVE-2014-6559 Oracle MySQL Server Security hole CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING. Oracle MySQL Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'C API SSL CERTIFICATE HANDLING' sub component is affected. This vulnerability affects the following supported versions: 5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. Additionally MariaDB 5.5.40 removed the bundled copy of jemalloc from the source tarball and only builds with jemalloc if a system copy of the jemalloc library is detecting during the build. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFUT0QSmqjQ0CJFipgRAmnhAKCOd9QLoxRrlcA8U4XLA46+ZhjfFwCfQzhY tRKQjAv7QAJqbwipIkIIC8Q= =uyHd -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mariadb security update Advisory ID: RHSA-2014:1861-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1861.html Issue date: 2014-11-17 CVE Names: CVE-2014-2494 CVE-2014-4207 CVE-2014-4243 CVE-2014-4258 CVE-2014-4260 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6484 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 ===================================================================== 1. Summary: Updated mariadb packages that fix several security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559) These updated packages upgrade MariaDB to version 5.5.40. Refer to the MariaDB Release Notes listed in the References section for a complete list of changes. All MariaDB users should upgrade to these updated packages, which correct these issues. After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1120382 - CVE-2014-2494 mysql: unspecified vulnerability related to ENARC (CPU July 2014) 1120383 - CVE-2014-4207 mysql: unspecified vulnerability related to SROPTZR (CPU July 2014) 1120385 - CVE-2014-4243 mysql: unspecified vulnerability related to ENFED (CPU July 2014) 1120387 - CVE-2014-4258 mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014) 1120388 - CVE-2014-4260 mysql: unspecified vulnerability related to SRCHAR (CPU July 2014) 1126271 - CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20 1153461 - CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014) 1153462 - CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014) 1153463 - CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014) 1153464 - CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014) 1153467 - CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014) 1153489 - CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014) 1153490 - CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014) 1153491 - CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014) 1153493 - CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014) 1153494 - CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014) 1153495 - CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014) 1153496 - CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: mariadb-5.5.40-1.el7_0.src.rpm x86_64: mariadb-5.5.40-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm mariadb-libs-5.5.40-1.el7_0.i686.rpm mariadb-libs-5.5.40-1.el7_0.x86_64.rpm mariadb-server-5.5.40-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: mariadb-bench-5.5.40-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm mariadb-devel-5.5.40-1.el7_0.i686.rpm mariadb-devel-5.5.40-1.el7_0.x86_64.rpm mariadb-embedded-5.5.40-1.el7_0.i686.rpm mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm mariadb-test-5.5.40-1.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: mariadb-5.5.40-1.el7_0.src.rpm x86_64: mariadb-5.5.40-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm mariadb-libs-5.5.40-1.el7_0.i686.rpm mariadb-libs-5.5.40-1.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: mariadb-bench-5.5.40-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm mariadb-devel-5.5.40-1.el7_0.i686.rpm mariadb-devel-5.5.40-1.el7_0.x86_64.rpm mariadb-embedded-5.5.40-1.el7_0.i686.rpm mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm mariadb-server-5.5.40-1.el7_0.x86_64.rpm mariadb-test-5.5.40-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: mariadb-5.5.40-1.el7_0.src.rpm ppc64: mariadb-5.5.40-1.el7_0.ppc64.rpm mariadb-bench-5.5.40-1.el7_0.ppc64.rpm mariadb-debuginfo-5.5.40-1.el7_0.ppc.rpm mariadb-debuginfo-5.5.40-1.el7_0.ppc64.rpm mariadb-devel-5.5.40-1.el7_0.ppc.rpm mariadb-devel-5.5.40-1.el7_0.ppc64.rpm mariadb-libs-5.5.40-1.el7_0.ppc.rpm mariadb-libs-5.5.40-1.el7_0.ppc64.rpm mariadb-server-5.5.40-1.el7_0.ppc64.rpm mariadb-test-5.5.40-1.el7_0.ppc64.rpm s390x: mariadb-5.5.40-1.el7_0.s390x.rpm mariadb-bench-5.5.40-1.el7_0.s390x.rpm mariadb-debuginfo-5.5.40-1.el7_0.s390.rpm mariadb-debuginfo-5.5.40-1.el7_0.s390x.rpm mariadb-devel-5.5.40-1.el7_0.s390.rpm mariadb-devel-5.5.40-1.el7_0.s390x.rpm mariadb-libs-5.5.40-1.el7_0.s390.rpm mariadb-libs-5.5.40-1.el7_0.s390x.rpm mariadb-server-5.5.40-1.el7_0.s390x.rpm mariadb-test-5.5.40-1.el7_0.s390x.rpm x86_64: mariadb-5.5.40-1.el7_0.x86_64.rpm mariadb-bench-5.5.40-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm mariadb-devel-5.5.40-1.el7_0.i686.rpm mariadb-devel-5.5.40-1.el7_0.x86_64.rpm mariadb-libs-5.5.40-1.el7_0.i686.rpm mariadb-libs-5.5.40-1.el7_0.x86_64.rpm mariadb-server-5.5.40-1.el7_0.x86_64.rpm mariadb-test-5.5.40-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: mariadb-debuginfo-5.5.40-1.el7_0.ppc.rpm mariadb-debuginfo-5.5.40-1.el7_0.ppc64.rpm mariadb-embedded-5.5.40-1.el7_0.ppc.rpm mariadb-embedded-5.5.40-1.el7_0.ppc64.rpm mariadb-embedded-devel-5.5.40-1.el7_0.ppc.rpm mariadb-embedded-devel-5.5.40-1.el7_0.ppc64.rpm s390x: mariadb-debuginfo-5.5.40-1.el7_0.s390.rpm mariadb-debuginfo-5.5.40-1.el7_0.s390x.rpm mariadb-embedded-5.5.40-1.el7_0.s390.rpm mariadb-embedded-5.5.40-1.el7_0.s390x.rpm mariadb-embedded-devel-5.5.40-1.el7_0.s390.rpm mariadb-embedded-devel-5.5.40-1.el7_0.s390x.rpm x86_64: mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm mariadb-embedded-5.5.40-1.el7_0.i686.rpm mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: mariadb-5.5.40-1.el7_0.src.rpm x86_64: mariadb-5.5.40-1.el7_0.x86_64.rpm mariadb-bench-5.5.40-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm mariadb-devel-5.5.40-1.el7_0.i686.rpm mariadb-devel-5.5.40-1.el7_0.x86_64.rpm mariadb-libs-5.5.40-1.el7_0.i686.rpm mariadb-libs-5.5.40-1.el7_0.x86_64.rpm mariadb-server-5.5.40-1.el7_0.x86_64.rpm mariadb-test-5.5.40-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: mariadb-debuginfo-5.5.40-1.el7_0.i686.rpm mariadb-debuginfo-5.5.40-1.el7_0.x86_64.rpm mariadb-embedded-5.5.40-1.el7_0.i686.rpm mariadb-embedded-5.5.40-1.el7_0.x86_64.rpm mariadb-embedded-devel-5.5.40-1.el7_0.i686.rpm mariadb-embedded-devel-5.5.40-1.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-2494 https://access.redhat.com/security/cve/CVE-2014-4207 https://access.redhat.com/security/cve/CVE-2014-4243 https://access.redhat.com/security/cve/CVE-2014-4258 https://access.redhat.com/security/cve/CVE-2014-4260 https://access.redhat.com/security/cve/CVE-2014-4274 https://access.redhat.com/security/cve/CVE-2014-4287 https://access.redhat.com/security/cve/CVE-2014-6463 https://access.redhat.com/security/cve/CVE-2014-6464 https://access.redhat.com/security/cve/CVE-2014-6469 https://access.redhat.com/security/cve/CVE-2014-6484 https://access.redhat.com/security/cve/CVE-2014-6505 https://access.redhat.com/security/cve/CVE-2014-6507 https://access.redhat.com/security/cve/CVE-2014-6520 https://access.redhat.com/security/cve/CVE-2014-6530 https://access.redhat.com/security/cve/CVE-2014-6551 https://access.redhat.com/security/cve/CVE-2014-6555 https://access.redhat.com/security/cve/CVE-2014-6559 https://access.redhat.com/security/updates/classification/#important http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5540-release-notes/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUadeuXlSAg2UNWIIRAq0FAKC2DOhAOg/q+zlOLLV3ztECJ+Gh0gCdEGtr rmT+kQlZKObKWBl1L2CyGEU= =yhRc -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-2384-1 October 15, 2014 mysql-5.5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in MySQL. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.12.04.1 In general, a standard system update will make all the necessary changes. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz Slackware x86_64 14.1 package: dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz Slackware -current package: f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz Slackware x86_64 -current package: 6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz Then, restart the database server: # sh /etc/rc.d/rc.mysqld restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MySQL, MariaDB: Multiple vulnerabilities Date: November 05, 2014 Bugs: #525504 ID: 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the MySQL and MariaDB, possibly allowing attackers to cause unspecified impact. MariaDB is an enhanced, drop-in replacement for MySQL. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 5.5.40 >= 5.5.40 2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple unspecified vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code, Denial of Service, or disclosure of sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40" All MariaDB users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1" References ========== [ 1 ] CVE-2014-6464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464 [ 2 ] CVE-2014-6469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469 [ 3 ] CVE-2014-6491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491 [ 4 ] CVE-2014-6494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494 [ 5 ] CVE-2014-6496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496 [ 6 ] CVE-2014-6500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500 [ 7 ] CVE-2014-6507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507 [ 8 ] CVE-2014-6555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555 [ 9 ] CVE-2014-6559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . For the unstable distribution (sid), these problems will be fixed soon. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 3
VAR-201410-1000 CVE-2014-3381 Cisco Email Security Appliance Run on Cisco AsyncOS of ZIP Vulnerabilities that can bypass malware filtering in the inspection engine CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934. Vendors have confirmed this vulnerability Bug ID CSCup07934 It is released as.A third party may be able to bypass malware filtering through a crafted archive. Cisco AsyncOS is the operating system used by multiple Cisco products. A remote security bypass vulnerability exists in Cisco AsyncOS Software that allows an attacker to bypass certain security restrictions and perform unauthorized operations. Cisco AsyncOS Software is prone to a remote security-bypass vulnerability. This issue is being tracked by Cisco Bug ID CSCup07934. The vulnerability is caused by the program not correctly parsing ZIP compressed files
VAR-201410-1486 No CVE Multiple Huawei Products VRP SSH Denial of Service Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
Multiple Huawei products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to restart the device, denying service to legitimate users.
VAR-201410-0064 CVE-2014-3404 Cisco IOS XE of Autonomic Networking Infrastructure Vulnerability that triggers receipt of invalid messages in components CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677. Vendors have confirmed this vulnerability Bug ID CSCuq22677 It is released as.A third party can trigger the receipt of invalid messages via crafted messages. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS XE has a security bypass vulnerability that allows an attacker to exploit a vulnerability to bypass certain security restrictions and perform unauthorized operations. Cisco IOS XE Software is prone to a security-bypass vulnerability. This issue is being tracked by Cisco Bug ID CSCuq22677. The vulnerability is caused by the program not validating certificates properly. A remote attacker could exploit this vulnerability to send a specially crafted message to the ANI device