VARIoT IoT vulnerabilities database
| VAR-202007-0030 | CVE-2020-10606 | plural OSIsoft Made PI Vulnerability in improper default permissions on system |
CVSS V2: 4.6 CVSS V3: 7.8 Severity: HIGH |
In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI System data from other users, such as from a shared workstation or terminal server deployment. plural OSIsoft Made PI There is a vulnerability in the system regarding improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
| VAR-202005-0993 | CVE-2020-5898 | BIG-IP Edge Client Vulnerability in |
CVSS V2: 4.9 CVSS V3: 5.5 Severity: MEDIUM |
In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Windows kernel to crash. BIG-IP Edge Client There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state. Both F5 BIG-IP APM and F5 BIG-IP APM Clients are products of F5 Corporation in the United States. F5 BIG-IP APM is an access and security solution. The product provides unified access to business-critical applications and networks. F5 BIG-IP APM Clients is a set of APM client software. The following products and versions are affected: F5 BIG-IP APM 15.0.0 to 15.1.0, 14.1.0 to 14.1.2, 13.1.0 to 13.1.3, 12.1.0 to 12.1.5 Version, 11.6.1 to 11.6.5; BIG-IP APM Clients 7.1.5 to 7.1.9
| VAR-202005-0992 | CVE-2020-5897 | BIG-IP Edge Client Vulnerability in using free memory in |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component. BIG-IP Edge Client Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. F5 BIG-IP APM, etc. are all products of F5 Company in the United States. F5 BIG-IP APM is an access and security solution. F5 BIG-IP APM Clients is a set of APM client software. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. An attacker could exploit this vulnerability via a specially crafted malicious web page to cause memory corruption of the browser or code execution from the browser. The following products and versions are affected: F5 BIG-IP APM 15.0.0 to 15.1.0, 14.1.0 to 14.1.2, 13.1.0 to 13.1.3, 12.1.0 to 12.1.5 Version, 11.6.1 to 11.6.5; BIG-IP APM Clients 7.1.5 to 7.1.9
| VAR-202005-0991 | CVE-2020-5896 | BIG-IP Edge Client Vulnerability regarding improper default permissions in |
CVSS V2: 4.6 CVSS V3: 7.8 Severity: HIGH |
On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions. BIG-IP Edge Client There is a vulnerability in improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both F5 BIG-IP APM and F5 BIG-IP APM Clients are products of F5 Corporation in the United States. F5 BIG-IP APM is an access and security solution. The product provides unified access to business-critical applications and networks. F5 BIG-IP APM Clients is a set of APM client software. A security vulnerability exists in the temp folder of the BIG-IP Edge Client Windows Component Installer service in F5 BIG-IP APM and BIG-IP APM Clients. An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: F5 BIG-IP APM 15.0.0 to 15.1.0, 14.1.0 to 14.1.2, 13.1.0 to 13.1.3, 12.1.0 to 12.1.5 Version, 11.6.1 to 11.6.5; BIG-IP APM Clients 7.1.5 to 7.1.9
| VAR-202005-0719 | CVE-2020-3341 | Clam AntiVirus Input verification vulnerabilities in software |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Clam AntiVirus (ClamAV) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. ==========================================================================
Ubuntu Security Notice USN-4370-2
May 21, 2020
clamav vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides
the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing ARJ archives. (CVE-2020-3327)
It was discovered that ClamAV incorrectly handled parsing PDF files. (CVE-2020-3341)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
clamav 0.102.3+dfsg-0ubuntu0.14.04.1+esm1
Ubuntu 12.04 ESM:
clamav 0.102.3+dfsg-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/4370-2
https://usn.ubuntu.com/4370-1
CVE-2020-3327, CVE-2020-3341
| VAR-202005-0717 | CVE-2020-3327 | Clam AntiVirus Input verification vulnerabilities in software |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Clam AntiVirus (ClamAV) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. =========================================================================
Ubuntu Security Notice USN-4435-2
July 27, 2020
clamav vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-4435-1 fixed several vulnerabilities in ClamAV. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing ARJ archives. (CVE-2020-3327)
It was discovered that ClamAV incorrectly handled scanning malicious files.
A local attacker could possibly use this issue to delete arbitrary files.
(CVE-2020-3350)
It was discovered that ClamAV incorrectly handled parsing EGG archives. (CVE-2020-3481)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
clamav 0.102.4+dfsg-0ubuntu0.14.04.1+esm1
Ubuntu 12.04 ESM:
clamav 0.102.4+dfsg-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/4435-2
https://usn.ubuntu.com/4435-1
CVE-2020-3327, CVE-2020-3350, CVE-2020-3481
| VAR-202005-1115 | No CVE | Dalian Technology Computer Control Engineering Co., Ltd. DCCE HMIware has a memory corruption vulnerability (CNVD-2020-27184) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
DCCE HMIware configuration editing software is a special man-machine interface configuration software specially developed for DCCE touch screen. This software provides users with a powerful integrated development environment. The products are widely used in medical, chemical, electric power, printing, textile , Smart home and other fields.
DCCE HMIware of Dalian Polytechnic Computer Control Engineering Co., Ltd. has a memory corruption vulnerability. The vulnerability is due to a problem in the DCCE HMIware engineering file Wpj in processing the wpj format. An attacker can use this vulnerability to construct a deformed wpj file to cause the program to crash.
| VAR-202005-1104 | No CVE | DView2.6.2 configuration software of Dalian Polytechnic Computer Control Engineering Co., Ltd. has a memory corruption vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
DView2.6.2 is a Windows-based operating system, a data monitoring system software development platform for the field of industrial automation, including DXP data interaction platform software and DHMI man-machine interface configuration software, integrated device management, variable management, communication scheduling, man-machine Interface development, Web services, historical data storage and other functions.
The DView2.6.2 configuration software of Dalian Polytechnic Computer Control Engineering Co., Ltd. has a memory destruction vulnerability, which can be used by an attacker to construct a malformed dsl sample, causing the program to crash.
| VAR-202005-1105 | No CVE | Dalian Technology Computer Control Engineering Co., Ltd. DCCE HMIware has a memory corruption vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
DCCE HMIware configuration editing software is a special man-machine interface configuration software specially developed for DCCE touch screen. This software provides users with a powerful integrated development environment. The products are widely used in medical, chemical, electric power, printing, textile , Smart home and other fields.
The software has a memory corruption vulnerability in the WAV format. An attacker can use this vulnerability to construct a deformed WAV sample that can cause the program to crash.
| VAR-202005-0542 | CVE-2019-5500 | NetApp Service Processor and Baseboard Management Controller Firmware vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Certain versions of the NetApp Service Processor and Baseboard Management Controller firmware allow a remote unauthenticated attacker to cause a Denial of Service (DoS). The product provides remote node management capabilities, including console redirection, recording and power control. NetApp Baseboard Management Controller is a baseboard management controller. The product mainly provides remote management functions such as console redirection, logging, and power control
| VAR-202010-1571 | CVE-2020-7069 | PHP Vulnerability in cryptography |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data. PHP Contains a cryptographic vulnerability.Information may be obtained and information may be tampered with. Pillow is a Python-based image processing library.
There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. A buffer error vulnerability exists in PHP versions 7.2.0, 7.3.0 and 7.4.0 due to the fact that the 'mbfl_filt_conv_big5_wchar' function does not check bounds properly. A remote attacker could exploit this vulnerability with specially crafted parameters to execute arbitrary code on the system or cause an application to crash.
For the stable distribution (buster), these problems have been fixed in
version 7.3.27-1~deb10u1.
We recommend that you upgrade your php7.3 packages.
For the detailed security status of php7.3 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php7.3
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmAtkVwACgkQEMKTtsN8
TjZ41g//e8PiVKbNVmYAbvssLu1ftKMLRmKkzQZZo4EK8GK50i25SKxlEVgGqFef
PCbr7AaD3eGrTOTzIE5wqJclhhx664DAWeM68rEJKfn0w5EYznCi/h/vyBiEW4eH
DAkBHcckCOMwsXgdvfQk/HAtqA1xoPmC8DZnbpgkd7feXT9/b/YYvv2dQxTMCaT3
AWaX4DBFOQVuk2yyLW9uCNC/cZBkeD3sTZFllV2SsXVr9NKMz3zxMsQAv1UlCTdl
8o8UM7d+zU3a5U5Ua1ENa2QR+RK0jhdRGgkJaXHZbdgZ+uV9rmt/PsV6NFzDseRv
/lv44YF+Qs1a5u8SIUORB6BVMhCWECXgXBEQHXsoN+63xc8UcOIpI5tQHq+D4/MY
YDyzC9W+fCred/NjVbaPUce6kxoz7k79/dfYbiE/sXj3pvoXqLRj9biRYUM2+/En
vzstFBnZqwMv04zSzx+JALpFhkBv5ddg5R03B10o/FxndSJak1dGTUKOsa6M31qR
0pEeKmMizGq7Ws1QmqEvWfbR/uXEd43sEoaC0+OVB6XntUISRmUAj5hkFt/Yy3bd
622nZfXyhdepoPCXTEaDearJd2qdL8wcREG4f+42PMwhjTys/Iw0eVR5LGdKnlmX
lbkT1Q1MX3XNbAQTIQpYX0TJJ9oCFU8Wq9HLlV2Eatqb2Hw7AEQ=
=9Q7e
-----END PGP SIGNATURE-----
. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.5 Release Notes linked from the References section. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: rh-php73-php security, bug fix, and enhancement update
Advisory ID: RHSA-2021:2992-01
Product: Red Hat Software Collections
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2992
Issue date: 2021-08-03
CVE Names: CVE-2020-7068 CVE-2020-7069 CVE-2020-7070
CVE-2020-7071 CVE-2021-21702 CVE-2021-21705
====================================================================
1. Summary:
An update for rh-php73-php is now available for Red Hat Software
Collections.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
3. Description:
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.
The following packages have been upgraded to a later upstream version:
rh-php73-php (7.3.29). (BZ#1977764)
Security Fix(es):
* php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
(CVE-2020-7069)
* php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo
(CVE-2020-7071)
* php: SSRF bypass in FILTER_VALIDATE_URL (CVE-2021-21705)
* php: Use of freed hash key in the phar_parse_zipfile function
(CVE-2020-7068)
* php: URL decoding of cookie names can lead to different interpretation of
cookies between browser and server (CVE-2020-7070)
* php: NULL pointer dereference in SoapClient (CVE-2021-21702)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon must be restarted
for the update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1868109 - CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function
1885735 - CVE-2020-7069 php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
1885738 - CVE-2020-7070 php: URL decoding of cookie names can lead to different interpretation of cookies between browser and server
1913846 - CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo
1925272 - CVE-2021-21702 php: NULL pointer dereference in SoapClient
1977764 - PDO ODBC truncates BLOB records at every 256th byte [rhscl-3.7.z]
1978755 - CVE-2021-21705 php: SSRF bypass in FILTER_VALIDATE_URL
6. Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source:
rh-php73-php-7.3.29-1.el7.src.rpm
ppc64le:
rh-php73-php-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-bcmath-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-cli-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-common-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-dba-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-dbg-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-debuginfo-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-devel-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-embedded-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-enchant-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-fpm-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-gd-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-gmp-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-intl-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-json-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-ldap-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-mbstring-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-mysqlnd-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-odbc-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-opcache-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-pdo-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-pgsql-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-process-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-pspell-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-recode-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-snmp-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-soap-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-xml-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-xmlrpc-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-zip-7.3.29-1.el7.ppc64le.rpm
s390x:
rh-php73-php-7.3.29-1.el7.s390x.rpm
rh-php73-php-bcmath-7.3.29-1.el7.s390x.rpm
rh-php73-php-cli-7.3.29-1.el7.s390x.rpm
rh-php73-php-common-7.3.29-1.el7.s390x.rpm
rh-php73-php-dba-7.3.29-1.el7.s390x.rpm
rh-php73-php-dbg-7.3.29-1.el7.s390x.rpm
rh-php73-php-debuginfo-7.3.29-1.el7.s390x.rpm
rh-php73-php-devel-7.3.29-1.el7.s390x.rpm
rh-php73-php-embedded-7.3.29-1.el7.s390x.rpm
rh-php73-php-enchant-7.3.29-1.el7.s390x.rpm
rh-php73-php-fpm-7.3.29-1.el7.s390x.rpm
rh-php73-php-gd-7.3.29-1.el7.s390x.rpm
rh-php73-php-gmp-7.3.29-1.el7.s390x.rpm
rh-php73-php-intl-7.3.29-1.el7.s390x.rpm
rh-php73-php-json-7.3.29-1.el7.s390x.rpm
rh-php73-php-ldap-7.3.29-1.el7.s390x.rpm
rh-php73-php-mbstring-7.3.29-1.el7.s390x.rpm
rh-php73-php-mysqlnd-7.3.29-1.el7.s390x.rpm
rh-php73-php-odbc-7.3.29-1.el7.s390x.rpm
rh-php73-php-opcache-7.3.29-1.el7.s390x.rpm
rh-php73-php-pdo-7.3.29-1.el7.s390x.rpm
rh-php73-php-pgsql-7.3.29-1.el7.s390x.rpm
rh-php73-php-process-7.3.29-1.el7.s390x.rpm
rh-php73-php-pspell-7.3.29-1.el7.s390x.rpm
rh-php73-php-recode-7.3.29-1.el7.s390x.rpm
rh-php73-php-snmp-7.3.29-1.el7.s390x.rpm
rh-php73-php-soap-7.3.29-1.el7.s390x.rpm
rh-php73-php-xml-7.3.29-1.el7.s390x.rpm
rh-php73-php-xmlrpc-7.3.29-1.el7.s390x.rpm
rh-php73-php-zip-7.3.29-1.el7.s390x.rpm
x86_64:
rh-php73-php-7.3.29-1.el7.x86_64.rpm
rh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm
rh-php73-php-cli-7.3.29-1.el7.x86_64.rpm
rh-php73-php-common-7.3.29-1.el7.x86_64.rpm
rh-php73-php-dba-7.3.29-1.el7.x86_64.rpm
rh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm
rh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm
rh-php73-php-devel-7.3.29-1.el7.x86_64.rpm
rh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm
rh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm
rh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm
rh-php73-php-gd-7.3.29-1.el7.x86_64.rpm
rh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm
rh-php73-php-intl-7.3.29-1.el7.x86_64.rpm
rh-php73-php-json-7.3.29-1.el7.x86_64.rpm
rh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm
rh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm
rh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm
rh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm
rh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm
rh-php73-php-process-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm
rh-php73-php-recode-7.3.29-1.el7.x86_64.rpm
rh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm
rh-php73-php-soap-7.3.29-1.el7.x86_64.rpm
rh-php73-php-xml-7.3.29-1.el7.x86_64.rpm
rh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm
rh-php73-php-zip-7.3.29-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):
Source:
rh-php73-php-7.3.29-1.el7.src.rpm
ppc64le:
rh-php73-php-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-bcmath-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-cli-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-common-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-dba-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-dbg-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-debuginfo-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-devel-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-embedded-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-enchant-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-fpm-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-gd-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-gmp-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-intl-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-json-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-ldap-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-mbstring-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-mysqlnd-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-odbc-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-opcache-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-pdo-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-pgsql-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-process-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-pspell-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-recode-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-snmp-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-soap-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-xml-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-xmlrpc-7.3.29-1.el7.ppc64le.rpm
rh-php73-php-zip-7.3.29-1.el7.ppc64le.rpm
s390x:
rh-php73-php-7.3.29-1.el7.s390x.rpm
rh-php73-php-bcmath-7.3.29-1.el7.s390x.rpm
rh-php73-php-cli-7.3.29-1.el7.s390x.rpm
rh-php73-php-common-7.3.29-1.el7.s390x.rpm
rh-php73-php-dba-7.3.29-1.el7.s390x.rpm
rh-php73-php-dbg-7.3.29-1.el7.s390x.rpm
rh-php73-php-debuginfo-7.3.29-1.el7.s390x.rpm
rh-php73-php-devel-7.3.29-1.el7.s390x.rpm
rh-php73-php-embedded-7.3.29-1.el7.s390x.rpm
rh-php73-php-enchant-7.3.29-1.el7.s390x.rpm
rh-php73-php-fpm-7.3.29-1.el7.s390x.rpm
rh-php73-php-gd-7.3.29-1.el7.s390x.rpm
rh-php73-php-gmp-7.3.29-1.el7.s390x.rpm
rh-php73-php-intl-7.3.29-1.el7.s390x.rpm
rh-php73-php-json-7.3.29-1.el7.s390x.rpm
rh-php73-php-ldap-7.3.29-1.el7.s390x.rpm
rh-php73-php-mbstring-7.3.29-1.el7.s390x.rpm
rh-php73-php-mysqlnd-7.3.29-1.el7.s390x.rpm
rh-php73-php-odbc-7.3.29-1.el7.s390x.rpm
rh-php73-php-opcache-7.3.29-1.el7.s390x.rpm
rh-php73-php-pdo-7.3.29-1.el7.s390x.rpm
rh-php73-php-pgsql-7.3.29-1.el7.s390x.rpm
rh-php73-php-process-7.3.29-1.el7.s390x.rpm
rh-php73-php-pspell-7.3.29-1.el7.s390x.rpm
rh-php73-php-recode-7.3.29-1.el7.s390x.rpm
rh-php73-php-snmp-7.3.29-1.el7.s390x.rpm
rh-php73-php-soap-7.3.29-1.el7.s390x.rpm
rh-php73-php-xml-7.3.29-1.el7.s390x.rpm
rh-php73-php-xmlrpc-7.3.29-1.el7.s390x.rpm
rh-php73-php-zip-7.3.29-1.el7.s390x.rpm
x86_64:
rh-php73-php-7.3.29-1.el7.x86_64.rpm
rh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm
rh-php73-php-cli-7.3.29-1.el7.x86_64.rpm
rh-php73-php-common-7.3.29-1.el7.x86_64.rpm
rh-php73-php-dba-7.3.29-1.el7.x86_64.rpm
rh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm
rh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm
rh-php73-php-devel-7.3.29-1.el7.x86_64.rpm
rh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm
rh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm
rh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm
rh-php73-php-gd-7.3.29-1.el7.x86_64.rpm
rh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm
rh-php73-php-intl-7.3.29-1.el7.x86_64.rpm
rh-php73-php-json-7.3.29-1.el7.x86_64.rpm
rh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm
rh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm
rh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm
rh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm
rh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm
rh-php73-php-process-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm
rh-php73-php-recode-7.3.29-1.el7.x86_64.rpm
rh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm
rh-php73-php-soap-7.3.29-1.el7.x86_64.rpm
rh-php73-php-xml-7.3.29-1.el7.x86_64.rpm
rh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm
rh-php73-php-zip-7.3.29-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source:
rh-php73-php-7.3.29-1.el7.src.rpm
x86_64:
rh-php73-php-7.3.29-1.el7.x86_64.rpm
rh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm
rh-php73-php-cli-7.3.29-1.el7.x86_64.rpm
rh-php73-php-common-7.3.29-1.el7.x86_64.rpm
rh-php73-php-dba-7.3.29-1.el7.x86_64.rpm
rh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm
rh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm
rh-php73-php-devel-7.3.29-1.el7.x86_64.rpm
rh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm
rh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm
rh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm
rh-php73-php-gd-7.3.29-1.el7.x86_64.rpm
rh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm
rh-php73-php-intl-7.3.29-1.el7.x86_64.rpm
rh-php73-php-json-7.3.29-1.el7.x86_64.rpm
rh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm
rh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm
rh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm
rh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm
rh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm
rh-php73-php-process-7.3.29-1.el7.x86_64.rpm
rh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm
rh-php73-php-recode-7.3.29-1.el7.x86_64.rpm
rh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm
rh-php73-php-soap-7.3.29-1.el7.x86_64.rpm
rh-php73-php-xml-7.3.29-1.el7.x86_64.rpm
rh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm
rh-php73-php-zip-7.3.29-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-7068
https://access.redhat.com/security/cve/CVE-2020-7069
https://access.redhat.com/security/cve/CVE-2020-7070
https://access.redhat.com/security/cve/CVE-2020-7071
https://access.redhat.com/security/cve/CVE-2021-21702
https://access.redhat.com/security/cve/CVE-2021-21705
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYQkJj9zjgjWX9erEAQgi0w/9HBV5SuB3M7vK1ssSWffk2HuyWHLVm+wV
Wy96rIvzD1KrNeLTn3HAByHCIgHew6KD1mnoEawc5DItVY6oRlfW8ldX2P8fsk0C
2xzmNy8jAzA0BjYZeYXfMQROpqiqCQVkPhAfeeWaVxn6jRH28oSwmF2U60HOoqLW
tWsNmX+kyzWdUhvDSJ2Z/pmftpvWgR8m2hbQDiNF6j7VTUcBB5Ft1CZ5AH5TFkO2
T/35iXqS3imgf6MVfS4fIZHmK7j59B93xv4XCLbsoFJ+YLrzESu1xouZOsU0REdw
AGHnGQX/37DcBm3qdMH3DE0aBltk2AgzKdhwxG+gAREVVA2seeJSS9u6N368FSIW
4Q1mLY0bQtdXc9XjmbTnA5sorQoeMdoM8P5DRxvGPG7armFisdhqqNuymcVTmwvz
obgIIpuhM1ZOWrMZ5MyWTMKM1/5YdZk1F5wUgto1/DdTfeBOy/grNR1FKSiFcWYH
x85ziJdRZK4nQmTeMIXLQvv9ZsDS4k1eRfil9Sq7WQdPjlm1mwYyhdAay/dNSdtd
WCruH54kv/dZlv52jZqC1Fr7IzQY48Y2pvknRmCJgitHum6WaKkjaQC+iKR/N0wq
ZzINH2j1osQ381u+uJc4wYPHIFw/oWOosDWiuUYX+4oO7+0lAuEYQltmN5qF3z25
OwqKXJAGJYo=waMi
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202012-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Low
Title: PHP: Multiple vulnerabilities
Date: December 23, 2020
Bugs: #711140, #745993, #756775
ID: 202012-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in PHP, the worst of which
could result in a Denial of Service condition.
Background
==========
PHP is an open source general-purpose scripting language that is
especially suited for web development.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-lang/php < 8.0.0 >= 7.2.34-r1:7.2
>= 7.3.25:7.3
>= 7.4.13:7.4
Description
===========
Multiple vulnerabilities have been discovered in PHP. Please review the
CVE identifiers and change log referenced below for details.
Impact
======
An attacker could cause a Denial of Service condition or obtain
sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All PHP 7.2.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-7.2.34-r1:7.2"
All PHP 7.3.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-7.3.25:7.3"
All PHP 7.4.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-7.4.13:7.4"
References
==========
[ 1 ] CVE-2020-7069
https://nvd.nist.gov/vuln/detail/CVE-2020-7069
[ 2 ] CVE-2020-7070
https://nvd.nist.gov/vuln/detail/CVE-2020-7070
[ 3 ] PHP 7.4.13 Change Log
https://www.php.net/ChangeLog-7.php#7.4.13
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202012-16
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. =========================================================================
Ubuntu Security Notice USN-4583-2
October 27, 2020
php7.4 vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
Summary:
Several security issues were fixed in PHP. This update provides
the corresponding update for Ubuntu 20.10.
Original advisory details:
It was discovered that PHP incorrectly handled certain encrypt ciphers. (CVE-2020-7069)
It was discorevered that PHP incorrectly handled certain HTTP cookies.
An attacker could possibly use this issue to forge cookie which is supposed to
be secure. (CVE-2020-7070)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.10:
libapache2-mod-php7.4 7.4.9-1ubuntu1.1
php7.4-cgi 7.4.9-1ubuntu1.1
php7.4-cli 7.4.9-1ubuntu1.1
php7.4-curl 7.4.9-1ubuntu1.1
php7.4-fpm 7.4.9-1ubuntu1.1
In general, a standard system update will make all the necessary changes
| VAR-202005-0919 | CVE-2020-9840 | SwiftNIO Extras Vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
In SwiftNIO Extras before 1.4.1, a logic issue was addressed with improved restrictions. SwiftNIO Extras There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state. Apple SwiftNIO Extras is an extension of the SwiftNIO network application framework of Apple (Apple). A security vulnerability exists in Apple SwiftNIO Extras prior to 1.4.1. A remote attacker could exploit this vulnerability to cause a denial of service in the client or server
| VAR-202005-1062 | No CVE | Apparent video surveillance system has arbitrary file reading vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Apstar focuses on ultra-high-definition, ultra-telephoto, multi-spectral, thermal imaging product technical services and overall customized solutions.
The Apex video surveillance system has an arbitrary file reading vulnerability. The vulnerability is due to the fact that its video surveillance background does not perform any filtering and verification of resource requests, resulting in direct reading of system files across directories. Attackers can use this vulnerability to perform arbitrary Reading of files.
| VAR-202005-1083 | No CVE | Xiaomi Mi Box memory corruption vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Xiaomi Mi Box is a Xiaomi set-top box application.
There is a memory corruption vulnerability in Xiaomi Mi Box. An attacker can use this vulnerability to execute arbitrary code in the context of the currently logged in user, which may result in a denial of service condition.
| VAR-202005-1093 | No CVE | Ruijie IoT platform has weak password vulnerability |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a company mainly engaged in information system integration services, Internet virtual private network services, Internet management services and other projects.
There is a weak password vulnerability in the Ruijie Internet of Things platform. Attackers can use this vulnerability to log in to the system to obtain sensitive information or perform unauthorized operations.
| VAR-202005-1094 | No CVE | Unauthorized access vulnerability exists in Jiu'an video surveillance equipment |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Guangzhou Jiu'an Intelligent Technology Co., Ltd. (Jiu'an JUAN) is the world's leading provider of mobile image transmission infrastructure and Internet of Things platforms.
Unauthorized access vulnerability exists in Jiu'an video surveillance equipment, which can be exploited by attackers to obtain sensitive website information.
| VAR-202005-0588 | CVE-2019-20795 | iproute2 Vulnerability in using free memory in |
CVSS V2: 2.1 CVSS V3: 4.4 Severity: MEDIUM |
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability. iproute2 Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. in the Linux kernel by American Stephen Hemminger software developer. A resource management error vulnerability exists in the 'get_netnsid_from_name' function of the ip/ipnetns.c file in iproute2 versions prior to 5.1.0. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202008-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: iproute2: Denial of service
Date: August 08, 2020
Bugs: #722144
ID: 202008-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
A use-after-free was found in iproute2, possibly allowing a Denial of
Service condition.
Background
=========
iproute2 is a set of tools for managing Linux network routing and
advanced features.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-apps/iproute2 < 5.1.0 >= 5.1.0
Description
==========
iproute2 was found to contain a use-after-free in get_netnsid_from_name
in ip/ipnetns.c.
Impact
=====
A remote attacker, able to feed iproute2 crafted data, may be able to
cause a Denial of Service condition.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All iproute2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/iproute2-5.1.0"
References
=========
[ 1 ] CVE-2019-20795
https://nvd.nist.gov/vuln/detail/CVE-2019-20795
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202008-06
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. =========================================================================
Ubuntu Security Notice USN-4357-1
May 13, 2020
iproute2 vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
IPRoute could be made to execute arbitrary code if it received a specially
crafted input.
Software Description:
- iproute2: networking and traffic control tools
Details:
It was discovered that IPRoute incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
iproute2 4.15.0-2ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4357-1
CVE-2019-20795
Package Information:
https://launchpad.net/ubuntu/+source/iproute2/4.15.0-2ubuntu1.1
| VAR-202005-0397 | CVE-2020-12762 | Red Hat Security Advisory 2021-4382-02 |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux CRB (v. 8) - noarch
3. Description:
JSON-C implements a reference counting object model that allows users to
easily construct JavaScript Object Notation (JSON) objects in C, output
them as JSON formatted strings, and parse JSON formatted strings back into
the C representation of JSON objects.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.5 Release Notes linked from the References section. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
json-c-0.13.1-2.el8.src.rpm
aarch64:
json-c-0.13.1-2.el8.aarch64.rpm
json-c-debuginfo-0.13.1-2.el8.aarch64.rpm
json-c-debugsource-0.13.1-2.el8.aarch64.rpm
ppc64le:
json-c-0.13.1-2.el8.ppc64le.rpm
json-c-debuginfo-0.13.1-2.el8.ppc64le.rpm
json-c-debugsource-0.13.1-2.el8.ppc64le.rpm
s390x:
json-c-0.13.1-2.el8.s390x.rpm
json-c-debuginfo-0.13.1-2.el8.s390x.rpm
json-c-debugsource-0.13.1-2.el8.s390x.rpm
x86_64:
json-c-0.13.1-2.el8.i686.rpm
json-c-0.13.1-2.el8.x86_64.rpm
json-c-debuginfo-0.13.1-2.el8.i686.rpm
json-c-debuginfo-0.13.1-2.el8.x86_64.rpm
json-c-debugsource-0.13.1-2.el8.i686.rpm
json-c-debugsource-0.13.1-2.el8.x86_64.rpm
Red Hat Enterprise Linux CRB (v. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. Bugs fixed (https://bugzilla.redhat.com/):
1944888 - CVE-2021-21409 netty: Request smuggling via content-length header
2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data
2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
5. JIRA issues fixed (https://issues.jboss.org/):
LOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable
6.
The following data is constructed from data provided by Red Hat's json file at:
https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6431.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Gatekeeper Operator v0.2 security updates and bug fixes
Advisory ID: RHSA-2022:1081-01
Product: Red Hat ACM
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1081
Issue date: 2022-03-28
CVE Names: CVE-2019-5827 CVE-2019-13750 CVE-2019-13751
CVE-2019-17594 CVE-2019-17595 CVE-2019-18218
CVE-2019-19603 CVE-2019-20838 CVE-2020-12762
CVE-2020-13435 CVE-2020-14155 CVE-2020-16135
CVE-2020-24370 CVE-2021-3200 CVE-2021-3445
CVE-2021-3521 CVE-2021-3580 CVE-2021-3712
CVE-2021-3800 CVE-2021-3999 CVE-2021-20231
CVE-2021-20232 CVE-2021-22876 CVE-2021-22898
CVE-2021-22925 CVE-2021-23177 CVE-2021-28153
CVE-2021-31566 CVE-2021-33560 CVE-2021-36084
CVE-2021-36085 CVE-2021-36086 CVE-2021-36087
CVE-2021-42574 CVE-2021-43565 CVE-2022-23218
CVE-2022-23219 CVE-2022-23308 CVE-2022-23806
CVE-2022-24407
====================================================================
1. Summary:
Gatekeeper Operator v0.2
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Description:
Gatekeeper Operator v0.2
Gatekeeper is an open source project that applies the OPA Constraint
Framework to enforce policies on your Kubernetes clusters.
This advisory contains the container images for Gatekeeper that include
security updates, and container upgrades.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Note: Gatekeeper support from the Red Hat support team is limited cases
where it is integrated and used with Red Hat Advanced Cluster Management
for Kubernetes. For support options for any other use, see the Gatekeeper
open source project website at:
https://open-policy-agent.github.io/gatekeeper/website/docs/howto/.
Security updates:
* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
* golang: crypto/elliptic IsOnCurve returns true for invalid field elements
(CVE-2022-23806)
3. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
The requirements to apply the upgraded images are different whether or not
you
used the operator. Complete the following steps, depending on your
installation:
- - Upgrade gatekeeper operator:
The gatekeeper operator that is installed by the gatekeeper operator policy
has
`installPlanApproval` set to `Automatic`. This setting means the operator
will
be upgraded automatically when there is a new version of the operator. No
further action is required for upgrade. If you changed the setting for
`installPlanApproval` to `manual`, then you must view each cluster to
manually
approve the upgrade to the operator.
- - Upgrade gatekeeper without the operator:
The gatekeeper version is specified as part of the Gatekeeper CR in the
gatekeeper operator policy. To upgrade the gatekeeper version:
a) Determine the latest version of gatekeeper by visiting:
https://catalog.redhat.com/software/containers/rhacm2/gatekeeper-rhel8/5fadb4a18d9a79d2f438a5d9.
b) Click the tag dropdown, and find the latest static tag. An example tag
is
'v3.3.0-1'.
c) Edit the gatekeeper operator policy and update the image tag to use the
latest static tag. For example, you might change this line to image:
'registry.redhat.io/rhacm2/gatekeeper-rhel8:v3.3.0-1'.
Refer to https://open-policy-agent.github.io/gatekeeper/website/docs/howto/
for additional information.
4. Bugs fixed (https://bugzilla.redhat.com/):
2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic
2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements
5. References:
https://access.redhat.com/security/cve/CVE-2019-5827
https://access.redhat.com/security/cve/CVE-2019-13750
https://access.redhat.com/security/cve/CVE-2019-13751
https://access.redhat.com/security/cve/CVE-2019-17594
https://access.redhat.com/security/cve/CVE-2019-17595
https://access.redhat.com/security/cve/CVE-2019-18218
https://access.redhat.com/security/cve/CVE-2019-19603
https://access.redhat.com/security/cve/CVE-2019-20838
https://access.redhat.com/security/cve/CVE-2020-12762
https://access.redhat.com/security/cve/CVE-2020-13435
https://access.redhat.com/security/cve/CVE-2020-14155
https://access.redhat.com/security/cve/CVE-2020-16135
https://access.redhat.com/security/cve/CVE-2020-24370
https://access.redhat.com/security/cve/CVE-2021-3200
https://access.redhat.com/security/cve/CVE-2021-3445
https://access.redhat.com/security/cve/CVE-2021-3521
https://access.redhat.com/security/cve/CVE-2021-3580
https://access.redhat.com/security/cve/CVE-2021-3712
https://access.redhat.com/security/cve/CVE-2021-3800
https://access.redhat.com/security/cve/CVE-2021-3999
https://access.redhat.com/security/cve/CVE-2021-20231
https://access.redhat.com/security/cve/CVE-2021-20232
https://access.redhat.com/security/cve/CVE-2021-22876
https://access.redhat.com/security/cve/CVE-2021-22898
https://access.redhat.com/security/cve/CVE-2021-22925
https://access.redhat.com/security/cve/CVE-2021-23177
https://access.redhat.com/security/cve/CVE-2021-28153
https://access.redhat.com/security/cve/CVE-2021-31566
https://access.redhat.com/security/cve/CVE-2021-33560
https://access.redhat.com/security/cve/CVE-2021-36084
https://access.redhat.com/security/cve/CVE-2021-36085
https://access.redhat.com/security/cve/CVE-2021-36086
https://access.redhat.com/security/cve/CVE-2021-36087
https://access.redhat.com/security/cve/CVE-2021-42574
https://access.redhat.com/security/cve/CVE-2021-43565
https://access.redhat.com/security/cve/CVE-2022-23218
https://access.redhat.com/security/cve/CVE-2022-23219
https://access.redhat.com/security/cve/CVE-2022-23308
https://access.redhat.com/security/cve/CVE-2022-23806
https://access.redhat.com/security/cve/CVE-2022-24407
https://access.redhat.com/security/updates/classification/#moderate
https://open-policy-agent.github.io/gatekeeper/website/docs/howto/
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYkHUf9zjgjWX9erEAQiizw//XXMOXR1Xe/Fp6uV2DCknXEAWJbYuGV43
9a87QSq5ob3vbqGGXQXLU6ENjFtAx37/+5+UqAVbzcj+LQ0lV6Ny9rVzolDT4ltG
k7J/BUd/kyr9G5gbiih3D/tm8dLh/rLft8FKgB+hEw+NcXnFlEvW5iEymqAsyH/D
mrcgCrASFoWG4S4/JC+g8r1TRHAJj4ERAy4ZpDqn/eoOWY3jD+rPv1VD5Z+XaE07
+jw+mvZukP2l0374Yn3W+g7uVOZ5RSqSpEzBZoSy3ffYAqpK+oQ7eN19DOW7l3tr
Ko/4h4OmLcOtIRedyt86xJe+zY7Ovo1cRP1TUgRapZGpTCPjaQ/okOhAIh03uxrx
ceCawNnagBB1iglJl29GNRUUUU0JWhbEPDLepSjfsyOwkJxvtUulC/W+RJVfpE7Q
LimNdHDJbFWN1x4IujdJNOCjPnBj6sG84PxLIjx5hM07ARRCBfrHutmlBm6Aq8Ej
mcNPudtyufYuAqcNx8Pe04kwRmzeukNm/qVvr+ywG1+Rp4yo3mkxplZY+5z7S2sH
vsciDeEGg6CAh7Sm/zfN3fpvNei1WhzcSxKsHMLB40ASJU2sMe1tt9b2pPhaHfXK
lYnIN38GSqlQUjvb1jy8ymzOT3+73uCjYQrVbsGXoevb1639pasWv5i9dyx27kPb
1PnhEG7/jO4=XPu4
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202006-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: json-c: Multiple vulnerabilities
Date: June 15, 2020
Bugs: #722150
ID: 202006-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in json-c, the worst of which
could result in a Denial of Service condition.
Background
=========
json-c is a JSON implementation in C.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/json-c < 0.14-r3 >= 0.14-r3
Description
==========
Multiple vulnerabilities have been discovered in json-c. Please review
the CVE identifiers referenced below for details.
Impact
=====
A remote/local attacker could send a specially crafted file possibly
resulting in a Denial of Service condition.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All json-c users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">\xdev-libs/json-c-0.14-r3"
References
=========
[ 1 ] CVE-2020-12762
https://nvd.nist.gov/vuln/detail/CVE-2020-12762
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202006-13
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
.
Clusters and applications are all visible and managed from a single console
— with security policy built in. See the following Release Notes documentation, which
will be updated shortly for this release, for additional details about this
release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/
Security fixes:
* CVE-2021-3795 semver-regex: inefficient regular expression complexity
* CVE-2021-23440 nodejs-set-value: type confusion allows bypass of
CVE-2019-10747
Related bugs:
* RHACM 2.2.10 images (Bugzilla #2013652)
3. Bugs fixed (https://bugzilla.redhat.com/):
2004944 - CVE-2021-23440 nodejs-set-value: type confusion allows bypass of CVE-2019-10747
2006009 - CVE-2021-3795 semver-regex: inefficient regular expression complexity
2013652 - RHACM 2.2.10 images
5. =========================================================================
Ubuntu Security Notice USN-4360-4
May 28, 2020
json-c vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 19.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
json-c could be made to execute arbitrary code if it received
a specially crafted JSON file. The security fix introduced a
memory leak that was reverted in USN-4360-2 and USN-4360-3. This update provides
the correct fix update for CVE-2020-12762.
Original advisory details:
It was discovered that json-c incorrectly handled certain JSON files.
An attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
libjson-c4 0.13.1+dfsg-7ubuntu0.3
Ubuntu 19.10:
libjson-c4 0.13.1+dfsg-4ubuntu0.3
Ubuntu 18.04 LTS:
libjson-c3 0.12.1-1.3ubuntu0.3
Ubuntu 16.04 LTS:
libjson-c2 0.11-4ubuntu2.6
libjson0 0.11-4ubuntu2.6
Ubuntu 14.04 ESM:
libjson-c2 0.11-3ubuntu1.2+esm3
libjson0 0.11-3ubuntu1.2+esm3
Ubuntu 12.04 ESM:
libjson0 0.9-1ubuntu1.4
In general, a standard system update will make all the necessary changes. Bugs fixed (https://bugzilla.redhat.com/):
1948761 - CVE-2021-23369 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option
1956688 - CVE-2021-23383 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option
5. JIRA issues fixed (https://issues.jboss.org/):
LOG-1857 - OpenShift Alerting Rules Style-Guide Compliance
LOG-1904 - [release-5.2] Fix the Display of ClusterLogging type in OLM
LOG-1916 - [release-5.2] Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server
6. Solution:
See the Red Hat OpenShift Container Platform 4.6 documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index
See the Red Hat OpenShift Container Platform 4.7 documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index
See the Red Hat OpenShift Container Platform 4.8 documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index
See the Red Hat OpenShift Container Platform 4.9 documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index
4. Bugs fixed (https://bugzilla.redhat.com/):
1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
2006044 - CVE-2021-39293 golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)
2012887 - CVE-2021-38297 golang: Command-line arguments may overwrite global data
2024838 - Release of OpenShift Serverless Eventing 1.20.0
2024839 - Release of OpenShift Serverless Serving 1.20.0
5
| VAR-202005-1250 | No CVE | Advantech WebAccess/SCADA DATACORE IOCTL 0x520B Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x520B in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
| VAR-202005-1246 | No CVE | Advantech WebAccess/SCADA DATACORE IOCTL 0x520B Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x520B in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.