VARIoT IoT vulnerabilities database
| VAR-202004-2108 | CVE-2020-5890 | BIG-IP Vulnerability regarding information leakage in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1 and BIG-IQ 5.2.0-7.1.0, when creating a QKView, credentials for binding to LDAP servers used for remote authentication of the BIG-IP administrative interface will not fully obfuscate if they contain whitespace. BIG-IP There is an information leakage vulnerability in.Information may be obtained. Both F5 BIG-IP and F5 BIG-IQ are products of the US company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. The solution supports the deployment of application delivery and network services across public and private clouds, traditional data centers and hybrid environments. A security vulnerability exists in F5 BIG-IP and BIG-IQ. The following products and versions are affected: F5 BIG-IP version 15.0.0 to 15.0.1, 14.1.0 to 14.1.2.3, 13.1.0 to 13.1.3.3 and 12.1.0 to 12.1.5.1 ; BIG-IQ version 5.2.0 to version 7.1.0
| VAR-202004-2110 | CVE-2020-5892 | BIG-IP Edge Client Buffer error vulnerability in component |
CVSS V2: 4.6 CVSS V3: 6.7 Severity: MEDIUM |
In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory. BIG-IP Edge Client A buffer error vulnerability exists in the component.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. F5 BIG-IP APM, etc. are all products of F5 Company in the United States. F5 BIG-IP APM is an access and security solution. F5 BIG-IP APM Clients is a set of APM client software. F5 BIG-IP Edge Gateway is a remote access solution. Security vulnerabilities exist in F5 BIG-IP APM, BIG-IP Edge Gateway, and BIG-IP APM Clients
| VAR-202004-2016 | CVE-2020-5872 | BIG-IP Vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel (TMM) may stop responding and cause a failover event. BIG-IP There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state
| VAR-202004-2120 | CVE-2020-5877 | BIG-IP Input verification vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, malformed input to the DATAGRAM::tcp iRules command within a FLOW_INIT event may lead to a denial of service. BIG-IP There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. A remote attacker could exploit this vulnerability to cause a denial of service. The following products and versions are affected: F5 BIG-IP from version 15.0.0 to version 15.1.0.1, version 14.1.0 to version 14.1.2.3, version 13.1.0 to version 13.1.3.3, version 12.1.0 to version 12.1.5.1 and versions 11.6.1 through 11.6.5.1
| VAR-202004-2119 | CVE-2020-5876 | BIG-IP Race condition vulnerabilities in |
CVSS V2: 6.8 CVSS V3: 8.1 Severity: HIGH |
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management Microkernel (TMM) first starts up. BIG-IP Exists in a race condition vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. A remote attacker could exploit this vulnerability to take control of the connection, impersonate a peer-to-peer trusted device, and extract or modify sensitive information on the system. The following products and versions are affected: 15.0.0 to 15.0.1.3, 14.1.0 to 14.1.2.3, 13.1.0 to 13.1.3.3, 12.1.0 to 12.1.5.1 and 11.6.1 Version to version 11.6.5.1. F5 BIG-IP could allow a remote malicious user to bypass security restrictions, caused by a race condition in the mcpd
| VAR-202004-2124 | CVE-2020-5885 | plural BIG-IP Cryptographic strength vulnerabilities in products |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring. plural BIG-IP The product contains a cryptographic strength vulnerability.Information may be obtained and tampered with. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A remote attacker could exploit this vulnerability to read and modify the keys of EXPORT-based cipher suites. The following products and versions are affected: F5 BIG-IP from version 15.0.0 to version 15.1.0.1, version 14.1.0 to version 14.1.2.3, version 13.1.0 to version 13.1.3.3, version 12.1.0 to version 12.1.5.1
| VAR-202004-2118 | CVE-2020-5881 | BIG-IP Virtual Edition Vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition (VE) is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer (NDAL) Interfaces can lock up and in turn disrupting the communication between the mcpd and tmm processes. BIG-IP Virtual Edition (VE) There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. Security vulnerabilities exist in F5 BIG-IP versions 15.0.0 through 15.1.0.1, 14.1.0 through 14.1.2.3, and 13.1.0 through 13.1.3.3. A remote attacker could exploit this vulnerability to cause a denial of service
| VAR-202004-2123 | CVE-2020-5884 | BIG-IP Cryptographic strength vulnerabilities in |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the default deployment mode for BIG-IP high availability (HA) pair mirroring is insecure. This is a control plane issue that is exposed only on the network used for mirroring. BIG-IP There is a cryptographic strength vulnerability in.Information may be obtained and tampered with. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. A remote attacker could exploit this vulnerability to bypass security restrictions. The following products and versions are affected: F5 BIG-IP 15.0.0 to 15.1.0.3, 14.1.0 to 14.1.2.4, 13.1.0 to 13.1.3.3, 12.1.0 to 12.1.5.1 , version 11.6.1 to version 11.6.5.1
| VAR-202004-2114 | CVE-2020-5888 | BIG-IP Virtual Edition Vulnerability in |
CVSS V2: 3.3 CVSS V3: 8.1 Severity: HIGH |
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for adjacent network (layer 2) attackers to access local daemons and bypass port lockdown settings. BIG-IP Virtual Edition (VE) There is an unspecified vulnerability in.Information may be obtained and tampered with. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. Security vulnerabilities exist in F5 BIG-IP versions 15.1.0 through 15.1.0.1, 15.0.0 through 15.0.1.2, and 14.1.0 through 14.1.2.3
| VAR-202004-2122 | CVE-2020-5883 | BIG-IP Vulnerability regarding lack of resource release after valid lifetime in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, when a virtual server is configured with HTTP explicit proxy and has an attached HTTP_PROXY_REQUEST iRule, POST requests sent to the virtual server cause an xdata memory leak. BIG-IP Is vulnerable to a lack of resource release after a valid lifetime.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. The following products and versions are affected: 15.0.0 to 15.0.1, 14.1.0 to 14.1.2.3, 14.0.0 to 14.0.1, and 13.1.0 to 13.1.3.1
| VAR-202004-2015 | CVE-2020-5871 | BIG-IP Vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure. BIG-IP There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in F5 BIG-IP versions 14.1.0 through 14.1.2.3. A remote attacker could exploit this vulnerability to cause a denial of service
| VAR-202004-2116 | CVE-2020-5879 | BIG-IP ASM Vulnerability regarding lack of encryption of critical data in |
CVSS V2: 4.3 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane traffic to back-end servers unencrypted, even when a Server SSL profile is applied. BIG-IP ASM There is a vulnerability in the lack of encryption of critical data.Information may be obtained. F5 BIG-IP ASM is a Web Application Firewall (WAF) of F5 Corporation in the United States, which provides secure remote access, protects emails, simplifies Web access control, and enhances network and application performance. A security vulnerability exists in F5 BIG-IP ASM versions 11.6.1 through 11.6.5.1. A remote attacker could exploit this vulnerability to obtain sensitive information
| VAR-202004-2111 | CVE-2020-5893 | BIG-IP Edge Client Vulnerability regarding information leakage in |
CVSS V2: 4.3 CVSS V3: 3.7 Severity: LOW |
In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection. BIG-IP Edge Client There is an information leakage vulnerability in.Information may be obtained. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A remote attacker could exploit this vulnerability to launch a man-in-the-middle attack by deploying a malicious captive portal
| VAR-202004-2107 | CVE-2020-5889 | BIG-IP APM portal access Cross-site scripting vulnerability in |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client. BIG-IP APM portal access Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The product provides unified access to business-critical applications and networks. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code
| VAR-202004-2033 | CVE-2020-6867 | ZENIC ONE R22b Resource exhaustion vulnerability in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
ZTE's SDON controller is impacted by the resource management error vulnerability. When RPC is frequently called by other applications in the case of mass traffic data in the system, it will result in no response for a long time and memory overflow risk. This affects: ZENIC ONE R22b versions V16.19.10P02SP002 and V16.19.10P02SP005. ZENIC ONE R22b Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state. ZTE ZENIC ONE R22b is a set of network SDN (software defined network) intelligent management and control system of China ZTE Corporation (ZTE). The system includes functions such as network management, network control, network information collection and analysis. A local attacker can use RPC to exploit this vulnerability to cause a denial of service
| VAR-202004-2031 | CVE-2020-6865 | OSCP Vulnerability regarding information leakage in |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
ZTE SDN controller platform is impacted by an information leakage vulnerability. Due to the program's failure to optimize the response of failure to the request, the caller can directly view the internal error code location of the component. Attackers could exploit this vulnerability to obtain sensitive information. This affects: OSCP versions V16.19.10 and V16.19.20. This vulnerability stems from configuration errors in network systems or products during operation
| VAR-202004-2018 | CVE-2020-5874 | BIG-IP APM Vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP APM 15.0.0-15.0.1.2, 14.1.0-14.1.2.3, and 14.0.0-14.0.1, in certain circumstances, an attacker sending specifically crafted requests to a BIG-IP APM virtual server may cause a disruption of service provided by the Traffic Management Microkernel(TMM). BIG-IP APM There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The product provides unified access to business-critical applications and networks. Security vulnerabilities exist in F5 BIG-IP APM versions 15.0.0 through 15.0.1.2, 14.1.0 through 14.1.2.3, and 14.0.0 through 14.0.1
| VAR-202004-2191 | CVE-2020-11022 | Red Hat Security Advisory 2023-1047-01 |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. jQuery is an open source, cross-browser JavaScript library developed by American John Resig programmers. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. A cross-site scripting vulnerability exists in jQuery versions 1.2 through 3.5.0. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code. You can also manage
user accounts for web applications, mobile applications, and RESTful web
services. Description:
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications. Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java
applications based on the WildFly application runtime. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001
JBEAP-23865 - [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001
JBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001
JBEAP-23927 - Tracker bug for the EAP 7.4.9 release for RHEL-8
JBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001
JBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001
JBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001
JBEAP-24100 - [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001
JBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value
JBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001
JBEAP-24132 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001
JBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001
JBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002
JBEAP-24191 - [GSS](7.4.z) Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001
JBEAP-24195 - [GSS](7.4.z) Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001
JBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003
JBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2
JBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001
JBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001
7. Summary:
An update for the idm:DL1 and idm:client modules is now available for Red
Hat Enterprise Linux 8. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3.
The following packages have been upgraded to a later upstream version: ipa
(4.8.7), softhsm (2.6.0), opendnssec (2.1.6).
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):
1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests
1430365 - [RFE] Host-group names command rename
1488732 - fake_mname in named.conf is no longer effective
1585020 - Enable compat tree to provide information about AD users and groups on trust agents
1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip
1651577 - [WebUI] IPA Error 3007: RequirmentError" while adding members in "User ID overrides" tab
1668082 - CVE-2018-20676 bootstrap: XSS in the tooltip data-viewport attribute
1668089 - CVE-2018-20677 bootstrap: XSS in the affix configuration target property
1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute
1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute
1701233 - [RFE] support setting supported signature methods on the token
1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
1746830 - Memory leak during search of idview overrides
1750893 - Memory leak when slapi-nis return entries retrieved from nsswitch
1751295 - When sync-repl is enabled, slapi-nis can deadlock during retrochanglog trimming
1757045 - IDM Web GUI / IPA web UI: the ID override operation doesn't work in GUI (it works only from CLI)
1759888 - Rebase OpenDNSSEC to 2.1
1768156 - ERR - schemacompat - map rdlock: old way MAP_MONITOR_DISABLED
1777806 - When Service weight is set as 0 for server in IPA location "IPA Error 903: InternalError" is displayed
1793071 - CVE-2020-1722 ipa: No password length restriction leads to denial of service
1801698 - [RFE] Changing default hostgroup is too easy
1802471 - SELinux policy for ipa-custodia
1809835 - RFE: ipa group-add-member: number of failed should also be emphasized
1810154 - RFE: ipa-backup should compare locally and globally installed server roles
1810179 - ipa-client-install should name authselect backups and restore to that at uninstall time
1813330 - ipa-restore does not restart httpd
1816784 - KRA install fails if all KRA members are Hidden Replicas
1818765 - [Rebase] Rebase ipa to 4.8.6+
1818877 - [Rebase] Rebase to softhsm 2.6.0+
1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
1831732 - AVC avc: denied { dac_override } for comm="ods-enforcerd
1831935 - AD authentication with IdM against SQL Server
1832331 - [abrt] [faf] 389-ds-base: unknown function(): /usr/sbin/ns-slapd killed by 11
1833266 - [dirsrv] set 'nsslapd-enable-upgrade-hash: off' as this raises warnings
1834264 - BIND rebase: rebuild against new so version
1834909 - softhsm use-after-free on process exit
1845211 - Rebase bind-dyndb-ldap to 11.3
1845537 - IPA bind configuration issue
1845596 - ipa trust-add fails with 'Fetching domains from trusted forest failed'
1846352 - cannot issue certs with multiple IP addresses corresponding to different hosts
1846434 - Remove ipa-idoverride-memberof as superceded by ipa-server 4.8.7
1847999 - EPN does not ship its default configuration ( /etc/ipa/epn.conf ) in freeipa-client-epn
1849914 - FreeIPA - Utilize 256-bit AJP connector passwords
1851411 - ipa: typo issue in ipanthomedirectoryrive deffinition
1852244 - ipa-healthcheck inadvertently obsoleted in RHEL 8.2
1853263 - ipa-selinux package missing
1857157 - replica install failing with avc denial for custodia component
1858318 - AttributeError: module 'ssl' has no attribute 'SSLCertVerificationError' when upgrading ca-less ipa master
1859213 - AVC denial during ipa-adtrust-install --add-agents
1863079 - ipa-epn command displays 'exception: ConnectionRefusedError: [Errno 111] Connection refused'
1863616 - CA-less install does not set required permissions on KDC certificate
1866291 - EPN: enhance input validation
1866938 - ipa-epn fails to retrieve user data if some user attributes are not present
1868432 - Unhandled Python exception in '/usr/libexec/ipa/ipa-pki-retrieve-key'
1869311 - ipa trust-add fails with 'Fetching domains from trusted forest failed'
1870202 - File permissions of /etc/ipa/ca.crt differ between CA-ful and CA-less
1874015 - ipa hbacrule-add-service --hbacsvcs=sshd is not applied successfully for subdomain
1875348 - Valgrind reports a memory leak in the Schema Compatibility plugin.
1879604 - pkispawn logs files are empty
6. Description:
* Fixed two jQuery vulnerabilities (CVE-2020-11022, CVE-2020-11023)
* Improved Ansible Tower's web service configuration to allow for
processing more simultaneous HTTP(s) requests by default
* Updated several dependencies of Ansible Tower's User Interface to address
(CVE-2020-7720, CVE-2020-7743, CVE-2020-7676)
* Updated to the latest version of python-psutil to address CVE-2019-18874
* Added several optimizations to improve performance for a variety of
high-load simultaneous job launch use cases
* Fixed workflows to no longer prevent certain users from being able to
edit approval nodes
* Fixed confusing behavior for social auth logins across distinct browser
tabs
* Fixed launching of Job Templates that use prompt-at-launch Ansible Vault
credentials
3. Solution:
For information on upgrading Ansible Tower, reference the Ansible Tower
Upgrade and Migration Guide:
https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/
index.html
4. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202007-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/ <https://security.gentoo.org/>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Cacti: Multiple vulnerabilities
Date: July 26, 2020
Bugs: #728678, #732522
ID: 202007-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Cacti, the worst of which
could result in the arbitrary execution of code.
Background
==========
Cacti is a complete frontend to rrdtool.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-analyzer/cacti < 1.2.13 >= 1.2.13
2 net-analyzer/cacti-spine
< 1.2.13 >= 1.2.13
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple vulnerabilities have been discovered in Cacti. Please review
the CVE identifiers referenced below for details.
Impact
======
Please review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Cacti users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/cacti-1.2.13"
All Cacti Spine users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=net-analyzer/cacti-spine-1.2.13"
References
==========
[ 1 ] CVE-2020-11022
https://nvd.nist.gov/vuln/detail/CVE-2020-11022 <https://nvd.nist.gov/vuln/detail/CVE-2020-11022>
[ 2 ] CVE-2020-11023
https://nvd.nist.gov/vuln/detail/CVE-2020-11023 <https://nvd.nist.gov/vuln/detail/CVE-2020-11023>
[ 3 ] CVE-2020-14295
https://nvd.nist.gov/vuln/detail/CVE-2020-14295 <https://nvd.nist.gov/vuln/detail/CVE-2020-14295>
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-03 <https://security.gentoo.org/glsa/202007-03>
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org <mailto:security@gentoo.org> or alternatively, you may file a bug at
https://bugs.gentoo.org <https://bugs.gentoo.org/>.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 <https://creativecommons.org/licenses/by-sa/2.5>
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: RHV Manager (ovirt-engine) 4.4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:3247-01
Product: Red Hat Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3247
Issue date: 2020-08-04
CVE Names: CVE-2017-18635 CVE-2019-8331 CVE-2019-10086
CVE-2019-13990 CVE-2019-17195 CVE-2019-19336
CVE-2020-7598 CVE-2020-10775 CVE-2020-11022
CVE-2020-11023
=====================================================================
1. Summary:
Updated ovirt-engine packages that fix several bugs and add various
enhancements are now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch, x86_64
3. Description:
The ovirt-engine package provides the Red Hat Virtualization Manager, a
centralized management platform that allows system administrators to view
and manage virtual machines. The Manager provides a comprehensive range of
features including search capabilities, resource management, live
migrations, and virtual infrastructure provisioning.
The Manager is a JBoss Application Server application that provides several
interfaces through which the virtual environment can be accessed and
interacted with, including an Administration Portal, a VM Portal, and a
Representational State Transfer (REST) Application Programming Interface
(API).
A list of bugs fixed in this update is available in the Technical Notes
book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/ht
ml-single/technical_notes
Security Fix(es):
* apache-commons-beanutils: does not suppresses the class property in
PropertyUtilsBean by default (CVE-2019-10086)
* libquartz: XXE attacks via job description (CVE-2019-13990)
* novnc: XSS vulnerability via the messages propagated to the status field
(CVE-2017-18635)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nimbus-jose-jwt: Uncaught exceptions while parsing a JWT (CVE-2019-17195)
* ovirt-engine: response_type parameter allows reflected XSS
(CVE-2019-19336)
* nodejs-minimist: prototype pollution allows adding or modifying
properties of Object.prototype using a constructor or __proto__ payload
(CVE-2020-7598)
* ovirt-engine: Redirect to arbitrary URL allows for phishing
(CVE-2020-10775)
* Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* jQuery: passing HTML containing <option> elements to manipulation methods
could result in untrusted code execution (CVE-2020-11023)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2974891
5. Bugs fixed (https://bugzilla.redhat.com/):
1080097 - [RFE] Allow editing disks details in the Disks tab
1325468 - [RFE] Autostart of VMs that are down (with Engine assistance - Engine has to be up)
1358501 - [RFE] multihost network change - notify when done
1427717 - [RFE] Create and/or select affinity group upon VM creation.
1475774 - RHV-M requesting four GetDeviceListVDSCommand when editing storage domain
1507438 - not able to deploy new rhvh host when "/tmp" is mounted with "noexec" option
1523835 - Hosted-Engine: memory hotplug does not work for engine vm
1527843 - [Tracker] Q35 chipset support (with seabios)
1529042 - [RFE] Changing of Cluster CPU Type does not trigger config update notification
1535796 - Undeployment of HE is not graceful
1546838 - [RFE] Refuse to deploy on localhost.localdomain
1547937 - [RFE] Live Storage Migration progress bar.
1585986 - [HE] When lowering the cluster compatibility, we need to force update the HE storage OVF store to ensure it can start up (migration will not work).
1593800 - [RFE] forbid new mac pools with overlapping ranges
1596178 - inconsistent display between automatic and manual Pool Type
1600059 - [RFE] Add by default a storage lease to HA VMs
1610212 - After updating to RHV 4.1 while trying to edit the disk, getting error "Cannot edit Virtual Disk. Cannot edit Virtual Disk. Disk extension combined with disk compat version update isn't supported. Please perform the updates separately."
1611395 - Unable to list Compute Templates in RHV 4.2 from Satellite 6.3.2
1616451 - [UI] add a tooltip to explain the supported matrix for the combination of disk allocation policies, formats and the combination result
1637172 - Live Merge hung in the volume deletion phase, leaving snapshot in a LOCKED state
1640908 - Javascript Error popup when Managing StorageDomain with LUNs and 400+ paths
1642273 - [UI] - left nav border highlight missing in RHV
1647440 - [RFE][UI] Provide information about the VM next run
1648345 - Jobs are not properly cleaned after a failed task.
1650417 - HA is broken for VMs having disks in NFS storage domain because of Qemu OFD locking
1650505 - Increase of ClusterCompatibilityVersion to Cluster with virtual machines with outstanding configuration changes, those changes will be reverted
1651406 - [RFE] Allow Maintenance of Host with Enforcing VM Affinity Rules (hard affinity)
1651939 - a new size of the direct LUN not updated in Admin Portal
1654069 - [Downstream Clone] [UI] - grids bottom scrollbar hides bottom row
1654889 - [RFE] Support console VNC for mediated devices
1656621 - Importing VM OVA always enables 'Cloud-Init/Sysprep'
1658101 - [RESTAPI] Adding ISO disables serial console
1659161 - Unable to edit pool that is delete protected
1660071 - Regression in Migration of VM that starts in pause mode: took 11 hours
1660644 - Concurrent LSMs of the same disk can be issued via the REST-API
1663366 - USB selection option disabled even though USB support is enabled in RHV-4.2
1664479 - Third VM fails to get migrated when host is placed into maintenance mode
1666913 - [UI] warn users about different "Vdsm Name" when creating network with a fancy char or long name
1670102 - [CinderLib] - openstack-cinder and cinderlib packages are not installed on ovirt-engine machine
1671876 - "Bond Active Slave" parameter on RHV-M GUI shows an incorrect until Refresh Caps
1679039 - Unable to upload image through Storage->Domain->Disk because of wrong DC
1679110 - [RFE] change Admin Portal toast notifications location
1679471 - [ja, de, es, fr, pt_BR] The console client resources page shows truncated title for some locales
1679730 - Warn about host IP addresses outside range
1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute
1686650 - Memory snapshots' deletion logging unnecessary WARNINGS in engine.log
1687345 - Snapshot with memory volumes can fail if the memory dump takes more than 180 seconds
1690026 - [RFE] - Creating an NFS storage domain the engine should let the user specify exact NFS version v4.0 and not just v4
1690155 - Disk migration progress bar not clearly visible and unusable.
1690475 - When a live storage migration fails, the auto generated snapshot does not get removed
1691562 - Cluster level changes are not increasing VMs generation numbers and so a new OVF_STORE content is not copied to the shared storage
1692592 - "Enable menu to select boot device shows 10 device listed with cdrom at 10th slot but when selecting 10 option the VM took 1 as option and boot with disk
1693628 - Engine generates too many updates to vm_dynamic table due to the session change
1693813 - Do not change DC level if there are VMs running/paused with older CL.
1695026 - Failure in creating snapshots during "Live Storage Migration" can result in a nonexistent snapshot
1695635 - [RFE] Improve Host Drop-down menu in different Dialogs (i.e. Alphabetical sort of Hosts in Remove|New StorageDomains)
1696245 - [RFE] Allow full customization while cloning a VM
1696669 - Build bouncycastle for RHV 4.4 RHEL 8
1696676 - Build ebay-cors-filter for RHV 4.4 RHEL 8
1698009 - Build openstack-java-sdk for RHV 4.4 RHEL 8
1698102 - Print a warning message to engine-setup, which highlights that other clusters than the Default one are not modified to use ovirt-provider-ovn as the default network provider
1700021 - [RFE] engine-setup should warn and prompt if ca.pem is missing but other generated pki files exist
1700036 - [RFE] Add RedFish API for host power management for RHEV
1700319 - VM is going to pause state with "storage I/O error".
1700338 - [RFE] Alternate method to configure the email Event Notifier for a user in RHV through API (instead of RHV GUI)
1700725 - [scale] RHV-M runs out of memory due to to much data reported by the guest agent
1700867 - Build makeself for RHV 4.4 RHEL 8
1701476 - Build unboundid-ldapsdk for RHV 4.4 RHEL 8
1701491 - Build RHV-M 4.4 - RHEL 8
1701522 - Build ovirt-imageio-proxy for RHV 4.4 / RHEL 8
1701528 - Build / Tag python-ovsdbapp for RHV 4.4 RHEL 8
1701530 - Build / Tag ovirt-cockpit-sso for RHV 4.4 RHEL 8
1701531 - Build / Tag ovirt-engine-api-explorer for RHV 4.4 RHEL 8
1701533 - Build / Tag ovirt-engine-dwh for RHV 4.4 / RHEL 8
1701538 - Build / Tag vdsm-jsonrpc-java for RHV 4.4 RHEL 8
1701544 - Build rhvm-dependencies for RHV 4.4 RHEL 8
1702310 - Build / Tag ovirt-engine-ui-extensions for RHV 4.4 RHEL 8
1702312 - Build ovirt-log-collector for RHV 4.4 RHEL 8
1703112 - PCI address of NICs are not stored in the database after a hotplug of passthrough NIC resulting in change of network device name in VM after a reboot
1703428 - VMs migrated from KVM to RHV show warning 'The latest guest agent needs to be installed and running on the guest'
1707225 - [cinderlib] Cinderlib DB is missing a backup and restore option
1708624 - Build rhvm-setup-plugins for RHV 4.4 - RHEL 8
1710491 - No EVENT_ID is generated in /var/log/ovirt-engine/engine.log when VM is rebooted from OS level itself.
1711006 - Metrics installation fails during the execution of playbook ovirt-metrics-store-installation if the environment is not having DHCP
1712255 - Drop 4.1 datacenter/cluster level
1712746 - [RFE] Ignition support for ovirt vms
1712890 - engine-setup should check for snapshots in unsupported CL
1714528 - Missing IDs on cluster upgrade buttons
1714633 - Using more than one asterisk in the search string is not working when searching for users.
1714834 - Cannot disable SCSI passthrough using API
1715725 - Sending credentials in query string logs them in ovirt-request-logs
1716590 - [RFE][UX] Make Cluster-wide "Custom serial number policy" value visible at VM level
1718818 - [RFE] Enhance local disk passthrough
1720686 - Tag ovirt-scheduler-proxy for RHV 4.4 RHEL 8
1720694 - Build ovirt-engine-extension-aaa-jdbc for RHV 4.4 RHEL 8
1720795 - New guest tools are available mark in case of guest tool located on Data Domain
1724959 - RHV recommends reporting issues to GitHub rather than access.redhat.com (ovirt->RHV rebrand glitch?)
1727025 - NPE in DestroyImage endAction during live merge leaving a task in DB for hours causing operations depending on host clean tasks to fail as Deactivate host/StopSPM/deactivate SD
1728472 - Engine reports network out of sync due to ipv6 default gateway via ND RA on a non default route network.
1729511 - engine-setup fails to upgrade to 4.3 with Unicode characters in CA subject
1729811 - [scale] updatevmdynamic broken if too many users logged in - psql ERROR: value too long for type character varying(255)
1730264 - VMs will fail to start if the vnic profile attached is having port mirroring enabled and have name greater than 15 characters
1730436 - Snapshot creation was successful, but snapshot remains locked
1731212 - RHV 4.4 landing page does not show login or allow scrolling.
1731590 - Cannot preview snapshot, it fails and VM remains locked.
1733031 - [RFE] Add warning when importing data domains to newer DC that may trigger SD format upgrade
1733529 - Consume python-ovsdbapp dependencies from OSP in RHEL 8 RHV 4.4
1733843 - Export to OVA fails if VM is running on the Host doing the export
1734839 - Unable to start guests in our Power9 cluster without running in headless mode.
1737234 - Attach a non-existent ISO to vm by the API return 201 and marks the Attach CD checkbox as ON
1737684 - Engine deletes the leaf volume when SnapshotVDSCommand timed out without checking if the volume is still used by the VM
1740978 - [RFE] Warn or Block importing VMs/Templates from unsupported compatibility levels.
1741102 - host activation causes RHHI nodes to lose the quorum
1741271 - Move/Copy disk are blocked if there is less space in source SD than the size of the disk
1741625 - VM fails to be re-started with error: Failed to acquire lock: No space left on device
1743690 - Commit and Undo buttons active when no snapshot selected
1744557 - RHV 4.3 throws an exception when trying to access VMs which have snapshots from unsupported compatibility levels
1745384 - [IPv6 Static] Engine should allow updating network's static ipv6gateway
1745504 - Tag rhv-log-collector-analyzer for RHV 4.4 RHEL 8
1746272 - [BREW BUILD ENABLER] Build the oVirt Ansible roles for RHV 4.4.0
1746430 - [Rebase] Rebase v2v-conversion-host for RHV 4.4 Engine
1746877 - [Metrics] Rebase bug - for the 4.4 release on EL8
1747772 - Extra white space at the top of webadmin dialogs
1749284 - Change the Snapshot operation to be asynchronous
1749944 - teardownImage attempts to deactivate in-use LV's rendering the VM disk image/volumes in locked state.
1750212 - MERGE_STATUS fails with 'Invalid UUID string: mapper' when Direct LUN that already exists is hot-plugged
1750348 - [Tracking] rhvm-branding-rhv for RHV 4.4
1750357 - [Tracking] ovirt-web-ui for RHV 4.4
1750371 - [Tracking] ovirt-engine-ui-extensions for RHV 4.4
1750482 - From VM Portal, users cannot create Operating System Windows VM.
1751215 - Unable to change Graphical Console of HE VM.
1751268 - add links to Insights to landing page
1751423 - Improve description of shared memory statistics and remove unimplemented memory metrics from API
1752890 - Build / Tag ovirt-engine-extension-aaa-ldap for RHV 4.4 RHEL 8
1752995 - [RFE] Need to be able to set default console option
1753629 - Build / Tag ovirt-engine-extension-aaa-misc for RHV 4.4 RHEL 8
1753661 - Build / Tag ovirt-engine-extension-logger-log4j got RHV 4.4 / RHEl 8
1753664 - Build ovirt-fast-forward-upgrade for RHV 4.4 /RHEL 8 support
1754363 - [Scale] Engine generates excessive amount of dns configuration related sql queries
1754490 - RHV Manager cannot start on EAP 7.2.4
1755412 - Setting "oreg_url: registry.redhat.io" fails with error
1758048 - clone(as thin) VM from template or create snapshot fails with 'Requested capacity 1073741824 < parent capacity 3221225472 (volume:1211)'
1758289 - [Warn] Duplicate chassis entries in southbound database if the host is down while removing the host from Manager
1762281 - Import of OVA created from template fails with java.lang.NullPointerException
1763992 - [RFE] Show "Open Console" as the main option in the VM actions menu
1764289 - Document details how each fence agent can be configured in RESTAPI
1764791 - CVE-2019-17195 nimbus-jose-jwt: Uncaught exceptions while parsing a JWT
1764932 - [BREW BUILD ENABLER] Build the ansible-runner-service for RHV 4.4
1764943 - Create Snapshot does not proceed beyond CreateVolume
1764959 - Apache is configured to offer TRACE method (security)
1765660 - CVE-2017-18635 novnc: XSS vulnerability via the messages propagated to the status field
1767319 - [RFE] forbid updating mac pool that contains ranges overlapping with any mac range in the system
1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default
1768707 - Cannot set or update iscsi portal group tag when editing storage connection via API
1768844 - RHEL Advanced virtualization module streams support
1769463 - [Scale] Slow performance for api/clusters when many networks devices are present
1770237 - Cannot assign a vNIC profile for VM instance profile.
1771793 - VM Portal crashes in what appears to be a permission related problem.
1773313 - RHV Metric store installation fails with error: "You need to install \"jmespath\" prior to running json_query filter"
1777954 - VM Templates greater then 101 quantity are not listed/reported in RHV-M Webadmin UI.
1779580 - drop rhvm-doc package
1781001 - CVE-2019-19336 ovirt-engine: response_type parameter allows reflected XSS
1782236 - Windows Update (the drivers) enablement
1782279 - Warning message for low space is not received on Imported Storage domain
1782882 - qemu-kvm: kvm_init_vcpu failed: Function not implemented
1784049 - Rhel6 guest with cluster default q35 chipset causes kernel panic
1784385 - Still requiring rhvm-doc in rhvm-setup-plugins
1785750 - [RFE] Ability to change default VM action (Suspend) in the VM Portal.
1788424 - Importing a VM having direct LUN attached using virtio driver is failing with error "VirtIO-SCSI is disabled for the VM"
1796809 - Build apache-sshd for RHV 4.4 RHEL 8
1796811 - Remove bundled apache-sshd library
1796815 - Build snmp4j for RHV 4.4 RHEL 8
1796817 - Remove bundled snmp4j library
1797316 - Snapshot creation from VM fails on second snapshot and afterwords
1797500 - Add disk operation failed to complete.
1798114 - Build apache-commons-digester for RHV 4.4 RHEL 8
1798117 - Build apache-commons-configuration for RHV 4.4 RHEL 8
1798120 - Build apache-commons-jexl for RHV 4.4 RHEL 8
1798127 - Build apache-commons-collections4 for RHV 4.4 RHEL 8
1798137 - Build apache-commons-vfs for RHV 4.4 RHEL 8
1799171 - Build ws-commons-util for RHV 4.4 RHEL 8
1799204 - Build xmlrpc for RHV 4.4 RHEL 8
1801149 - CVE-2019-13990 libquartz: XXE attacks via job description
1801709 - Disable activation of the host while Enroll certificate flow is still in progress
1803597 - rhv-image-discrepancies should skip storage domains in maintenance mode and ISO/Export
1805669 - change requirement on rhvm package from spice-client-msi to spice-client-win
1806276 - [HE] ovirt-provider-ovn is non-functional on 4.3.9 Hosted-Engine
1807047 - Build m2crypto for RHV 4.4 RHEL 8
1807860 - [RFE] Allow resource allocation options to be customized
1808096 - Uploading ISOs causes "Uncaught exception occurred. Please try reloading the page. Details: (TypeError) : a.n is null"
1808126 - host_service.install() does not work with deploy_hosted_engine as True.
1809040 - [CNV&RHV] let the user know that token is not valid anymore
1809052 - [CNV&RHV] ovirt-engine log file spammed by failed timers ( approx 3-5 messages/sec )
1809875 - rhv-image-discrepancies only compares images on the last DC
1809877 - rhv-image-discrepancies sends dump-volume-chains with parameter that is ignored
1810893 - mountOptions is ignored for "import storage domain" from GUI
1811865 - [Scale] Host Monitoring generates excessive amount of qos related sql queries
1811869 - [Scale] Webadmin\REST for host interface list response time is too long because of excessive amount of qos related sql queries
1812875 - Unable to create VMs when french Language is selected for the rhvm gui.
1813305 - Engine updating SLA policies of VMs continuously in an environment which is not having any QOS configured
1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload
1814197 - [CNV&RHV] when provider is remover DC is left behind and active
1814215 - [CNV&RHV] Adding new provider to engine fails after succesfull test
1816017 - Build log4j12 for RHV 4.4 EL8
1816643 - [CNV&RHV] VM created in CNV not visible in RHV
1816654 - [CNV&RHV] adding provider with already created vm failed
1816693 - [CNV&RHV] CNV VM failed to restart even if 1st dialog looks fine
1816739 - [CNV&RHV] CNV VM updated form CNV side doesn't update vm properties over on RHV side
1817467 - [Tracking] Migration path between RHV 4.3 and 4.4
1818745 - rhv-log-collector-analyzer 0.2.17 still requires pyhton2
1819201 - [CodeChange][i18n] oVirt 4.4 rhv branding - translation update
1819248 - Cannot upgrade host after engine setup
1819514 - Failed to register 4.4 host to the latest engine (4.4.0-0.29.master.el8ev)
1819960 - NPE on ImportVmTemplateFromConfigurationCommand when creating VM from ovf_data
1820621 - Build apache-commons-compress for RHV 4.4 EL8
1820638 - Build apache-commons-jxpath for RHV 4.4 EL8
1821164 - Failed snapshot creation can cause data corruption of other VMs
1821930 - Enable only TLSv1.2+ protocol for SPICE on EL7 hosts
1824095 - VM portal shows only error
1825793 - RHV branding is missing after upgrade from 4.3
1826248 - [4.4][ovirt-cockpit-sso] Compatibility issues with python3
1826437 - The console client resources page return HTTP code 500
1826801 - [CNV&RHV] update of memory on cnv side does not propagate to rhv
1826855 - [cnv&rhv] update of cpu on cnv side causing expetion in engine.log
1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
1828669 - After SPM select the engine lost communication to all hosts until restarted [improved logging]
1828736 - [CNV&RHV] cnv template is not propagated to rhv
1829189 - engine-setup httpd ssl configuration conflicts with Red Hat Insights
1829656 - Failed to register 4.3 host to 4.4 engine with 4.3 cluster (4.4.0-0.33.master.el8ev)
1829830 - vhost custom properties does not accept '-'
1832161 - rhv-log-collector-analyzer fails with UnicodeDecodeError on RHEL8
1834523 - Edit VM -> Enable Smartcard sharing does not stick when VM is running
1838493 - Live snapshot made with freeze in the engine will cause the FS to be frozen
1841495 - Upgrade openstack-java-sdk to 3.2.9
1842495 - high cpu usage after entering wrong search pattern in RHVM
1844270 - [vGPU] nodisplay option for mdev broken since mdev scheduling unit
1844855 - Missing images (favicon.ico, banner logo) and missing brand.css file on VM portal d/s installation
1845473 - Exporting an OVA file from a VM results in its ovf file having a format of RAW when the disk is COW
1847420 - CVE-2020-10775 ovirt-engine: Redirect to arbitrary URL allows for phishing
1850004 - CVE-2020-11023 jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution
1853444 - [CodeChange][i18n] oVirt 4.4 rhv branding - translation update (July-2020)
1854563 - [4.4 downstream only][RFE] Include a link to grafana on front page
6. Package List:
RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4:
Source:
ansible-runner-1.4.5-1.el8ar.src.rpm
ansible-runner-service-1.0.2-1.el8ev.src.rpm
apache-commons-collections4-4.4-1.el8ev.src.rpm
apache-commons-compress-1.18-1.el8ev.src.rpm
apache-commons-configuration-1.10-1.el8ev.src.rpm
apache-commons-jexl-2.1.1-1.el8ev.src.rpm
apache-commons-jxpath-1.3-29.el8ev.src.rpm
apache-commons-vfs-2.4.1-1.el8ev.src.rpm
apache-sshd-2.5.1-1.el8ev.src.rpm
ebay-cors-filter-1.0.1-4.el8ev.src.rpm
ed25519-java-0.3.0-1.el8ev.src.rpm
engine-db-query-1.6.1-1.el8ev.src.rpm
java-client-kubevirt-0.5.0-1.el8ev.src.rpm
log4j12-1.2.17-22.el8ev.src.rpm
m2crypto-0.35.2-5.el8ev.src.rpm
makeself-2.4.0-4.el8ev.src.rpm
novnc-1.1.0-1.el8ost.src.rpm
openstack-java-sdk-3.2.9-1.el8ev.src.rpm
ovirt-cockpit-sso-0.1.4-1.el8ev.src.rpm
ovirt-engine-4.4.1.8-0.7.el8ev.src.rpm
ovirt-engine-api-explorer-0.0.6-1.el8ev.src.rpm
ovirt-engine-dwh-4.4.1.2-1.el8ev.src.rpm
ovirt-engine-extension-aaa-jdbc-1.2.0-1.el8ev.src.rpm
ovirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.src.rpm
ovirt-engine-extension-aaa-misc-1.1.0-1.el8ev.src.rpm
ovirt-engine-extension-logger-log4j-1.1.0-1.el8ev.src.rpm
ovirt-engine-extensions-api-1.0.1-1.el8ev.src.rpm
ovirt-engine-metrics-1.4.1.1-1.el8ev.src.rpm
ovirt-engine-ui-extensions-1.2.2-1.el8ev.src.rpm
ovirt-fast-forward-upgrade-1.1.6-0.el8ev.src.rpm
ovirt-log-collector-4.4.2-1.el8ev.src.rpm
ovirt-scheduler-proxy-0.1.9-1.el8ev.src.rpm
ovirt-web-ui-1.6.3-1.el8ev.src.rpm
python-aniso8601-0.82-4.el8ost.src.rpm
python-flask-1.0.2-2.el8ost.src.rpm
python-flask-restful-0.3.6-8.el8ost.src.rpm
python-netaddr-0.7.19-8.1.el8ost.src.rpm
python-notario-0.0.16-2.el8cp.src.rpm
python-ovsdbapp-0.17.1-0.20191216120142.206cf14.el8ost.src.rpm
python-pbr-5.1.2-2.el8ost.src.rpm
python-six-1.12.0-1.el8ost.src.rpm
python-websocket-client-0.54.0-1.el8ost.src.rpm
python-werkzeug-0.16.0-1.el8ost.src.rpm
rhv-log-collector-analyzer-1.0.2-1.el8ev.src.rpm
rhvm-branding-rhv-4.4.4-1.el8ev.src.rpm
rhvm-dependencies-4.4.0-1.el8ev.src.rpm
rhvm-setup-plugins-4.4.2-1.el8ev.src.rpm
snmp4j-2.4.1-1.el8ev.src.rpm
unboundid-ldapsdk-4.0.14-1.el8ev.src.rpm
vdsm-jsonrpc-java-1.5.4-1.el8ev.src.rpm
ws-commons-util-1.0.2-1.el8ev.src.rpm
xmlrpc-3.1.3-1.el8ev.src.rpm
noarch:
ansible-runner-1.4.5-1.el8ar.noarch.rpm
ansible-runner-service-1.0.2-1.el8ev.noarch.rpm
apache-commons-collections4-4.4-1.el8ev.noarch.rpm
apache-commons-collections4-javadoc-4.4-1.el8ev.noarch.rpm
apache-commons-compress-1.18-1.el8ev.noarch.rpm
apache-commons-compress-javadoc-1.18-1.el8ev.noarch.rpm
apache-commons-configuration-1.10-1.el8ev.noarch.rpm
apache-commons-jexl-2.1.1-1.el8ev.noarch.rpm
apache-commons-jexl-javadoc-2.1.1-1.el8ev.noarch.rpm
apache-commons-jxpath-1.3-29.el8ev.noarch.rpm
apache-commons-jxpath-javadoc-1.3-29.el8ev.noarch.rpm
apache-commons-vfs-2.4.1-1.el8ev.noarch.rpm
apache-commons-vfs-ant-2.4.1-1.el8ev.noarch.rpm
apache-commons-vfs-examples-2.4.1-1.el8ev.noarch.rpm
apache-commons-vfs-javadoc-2.4.1-1.el8ev.noarch.rpm
apache-sshd-2.5.1-1.el8ev.noarch.rpm
apache-sshd-javadoc-2.5.1-1.el8ev.noarch.rpm
ebay-cors-filter-1.0.1-4.el8ev.noarch.rpm
ed25519-java-0.3.0-1.el8ev.noarch.rpm
ed25519-java-javadoc-0.3.0-1.el8ev.noarch.rpm
engine-db-query-1.6.1-1.el8ev.noarch.rpm
java-client-kubevirt-0.5.0-1.el8ev.noarch.rpm
log4j12-1.2.17-22.el8ev.noarch.rpm
log4j12-javadoc-1.2.17-22.el8ev.noarch.rpm
makeself-2.4.0-4.el8ev.noarch.rpm
novnc-1.1.0-1.el8ost.noarch.rpm
openstack-java-ceilometer-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-ceilometer-model-3.2.9-1.el8ev.noarch.rpm
openstack-java-cinder-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-cinder-model-3.2.9-1.el8ev.noarch.rpm
openstack-java-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-glance-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-glance-model-3.2.9-1.el8ev.noarch.rpm
openstack-java-heat-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-heat-model-3.2.9-1.el8ev.noarch.rpm
openstack-java-javadoc-3.2.9-1.el8ev.noarch.rpm
openstack-java-keystone-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-keystone-model-3.2.9-1.el8ev.noarch.rpm
openstack-java-nova-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-nova-model-3.2.9-1.el8ev.noarch.rpm
openstack-java-quantum-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-quantum-model-3.2.9-1.el8ev.noarch.rpm
openstack-java-resteasy-connector-3.2.9-1.el8ev.noarch.rpm
openstack-java-swift-client-3.2.9-1.el8ev.noarch.rpm
openstack-java-swift-model-3.2.9-1.el8ev.noarch.rpm
ovirt-cockpit-sso-0.1.4-1.el8ev.noarch.rpm
ovirt-engine-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-api-explorer-0.0.6-1.el8ev.noarch.rpm
ovirt-engine-backend-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-dbscripts-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-dwh-4.4.1.2-1.el8ev.noarch.rpm
ovirt-engine-dwh-grafana-integration-setup-4.4.1.2-1.el8ev.noarch.rpm
ovirt-engine-dwh-setup-4.4.1.2-1.el8ev.noarch.rpm
ovirt-engine-extension-aaa-jdbc-1.2.0-1.el8ev.noarch.rpm
ovirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.noarch.rpm
ovirt-engine-extension-aaa-ldap-setup-1.4.0-1.el8ev.noarch.rpm
ovirt-engine-extension-aaa-misc-1.1.0-1.el8ev.noarch.rpm
ovirt-engine-extension-logger-log4j-1.1.0-1.el8ev.noarch.rpm
ovirt-engine-extensions-api-1.0.1-1.el8ev.noarch.rpm
ovirt-engine-extensions-api-javadoc-1.0.1-1.el8ev.noarch.rpm
ovirt-engine-health-check-bundler-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-metrics-1.4.1.1-1.el8ev.noarch.rpm
ovirt-engine-restapi-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-setup-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-setup-base-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-setup-plugin-cinderlib-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-setup-plugin-imageio-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-setup-plugin-ovirt-engine-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-setup-plugin-ovirt-engine-common-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-setup-plugin-websocket-proxy-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-tools-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-tools-backup-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-ui-extensions-1.2.2-1.el8ev.noarch.rpm
ovirt-engine-vmconsole-proxy-helper-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-webadmin-portal-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-engine-websocket-proxy-4.4.1.8-0.7.el8ev.noarch.rpm
ovirt-fast-forward-upgrade-1.1.6-0.el8ev.noarch.rpm
ovirt-log-collector-4.4.2-1.el8ev.noarch.rpm
ovirt-scheduler-proxy-0.1.9-1.el8ev.noarch.rpm
ovirt-web-ui-1.6.3-1.el8ev.noarch.rpm
python-flask-doc-1.0.2-2.el8ost.noarch.rpm
python2-netaddr-0.7.19-8.1.el8ost.noarch.rpm
python2-pbr-5.1.2-2.el8ost.noarch.rpm
python2-six-1.12.0-1.el8ost.noarch.rpm
python3-aniso8601-0.82-4.el8ost.noarch.rpm
python3-ansible-runner-1.4.5-1.el8ar.noarch.rpm
python3-flask-1.0.2-2.el8ost.noarch.rpm
python3-flask-restful-0.3.6-8.el8ost.noarch.rpm
python3-netaddr-0.7.19-8.1.el8ost.noarch.rpm
python3-notario-0.0.16-2.el8cp.noarch.rpm
python3-ovirt-engine-lib-4.4.1.8-0.7.el8ev.noarch.rpm
python3-ovsdbapp-0.17.1-0.20191216120142.206cf14.el8ost.noarch.rpm
python3-pbr-5.1.2-2.el8ost.noarch.rpm
python3-six-1.12.0-1.el8ost.noarch.rpm
python3-websocket-client-0.54.0-1.el8ost.noarch.rpm
python3-werkzeug-0.16.0-1.el8ost.noarch.rpm
python3-werkzeug-doc-0.16.0-1.el8ost.noarch.rpm
rhv-log-collector-analyzer-1.0.2-1.el8ev.noarch.rpm
rhvm-4.4.1.8-0.7.el8ev.noarch.rpm
rhvm-branding-rhv-4.4.4-1.el8ev.noarch.rpm
rhvm-dependencies-4.4.0-1.el8ev.noarch.rpm
rhvm-setup-plugins-4.4.2-1.el8ev.noarch.rpm
snmp4j-2.4.1-1.el8ev.noarch.rpm
snmp4j-javadoc-2.4.1-1.el8ev.noarch.rpm
unboundid-ldapsdk-4.0.14-1.el8ev.noarch.rpm
unboundid-ldapsdk-javadoc-4.0.14-1.el8ev.noarch.rpm
vdsm-jsonrpc-java-1.5.4-1.el8ev.noarch.rpm
ws-commons-util-1.0.2-1.el8ev.noarch.rpm
ws-commons-util-javadoc-1.0.2-1.el8ev.noarch.rpm
xmlrpc-client-3.1.3-1.el8ev.noarch.rpm
xmlrpc-common-3.1.3-1.el8ev.noarch.rpm
xmlrpc-javadoc-3.1.3-1.el8ev.noarch.rpm
xmlrpc-server-3.1.3-1.el8ev.noarch.rpm
x86_64:
m2crypto-debugsource-0.35.2-5.el8ev.x86_64.rpm
python3-m2crypto-0.35.2-5.el8ev.x86_64.rpm
python3-m2crypto-debuginfo-0.35.2-5.el8ev.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2017-18635
https://access.redhat.com/security/cve/CVE-2019-8331
https://access.redhat.com/security/cve/CVE-2019-10086
https://access.redhat.com/security/cve/CVE-2019-13990
https://access.redhat.com/security/cve/CVE-2019-17195
https://access.redhat.com/security/cve/CVE-2019-19336
https://access.redhat.com/security/cve/CVE-2020-7598
https://access.redhat.com/security/cve/CVE-2020-10775
https://access.redhat.com/security/cve/CVE-2020-11022
https://access.redhat.com/security/cve/CVE-2020-11023
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/technical_notes
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXylir9zjgjWX9erEAQii/A//bJm3u0+ul+LdQwttSJJ79OdVqcp3FktP
tdPj8AFbB6F9KkuX9FAQja0/2pgZAldB3Eyz57GYTxyDD1qeMqYSayGHCH01GWAn
u8uF90lcSz6YvgEPDh1mWhLYQMfdWT6IUuKOEHldt8TyHbc7dX3xCbsLDzNCxGbl
QuPSFPQBJaAXETSw42NGzdUzaM9zoQ0Mngj+Owcgw53YyBy3BSLAb5bKuijvkcLy
SVCAxxiQ89E+cnETKYIv4dOfqXGA5wLg68hDmUQyFcXHA9nQbJM9Q0s1fbZ2Wav1
oGGTqJDTgVElxrHB5pYJ6pu484ZgJealkBCrHA2OBsMJUadwitVvQLXFZF5OyN0N
f/vtZ1ua4mZADa61qfnlmVRiyISwmPPWIOImA3TIE5Q8Yl5ucCqtDjQPoJAbXsUl
Y22Bb5x7JyrN0nyOgwh6BGGK51CmOaP+xNuWD7osI24pnzdmPTZuJrZLePxgPgac
WWQNznzvokknva2ofvujAm+DEl+W7W3A8Vs9wkmUWYlaVC7GFLEkcvQjjHahZ7kh
dVJNoh70vpA+aJCMQHYK6MGtCSAWoqXkRTsHb3Stfm2vLLz6GYxY5OuvB7Z0ME1N
zCiFjBla5+3nKx5ab8Pola56T1wRULHL6zYN9GTsOzxjdJsKHXBVeV8OYcnoHiza
2TrKn2dtZwI=
=92Q3
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. Solution:
Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.
The References section of this erratum contains a download link (you must
log in to download the update). Bugs fixed (https://bugzilla.redhat.com/):
1705975 - CVE-2020-1714 keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution
1790759 - CVE-2020-1694 keycloak: verify-token-audience support is missing in the NodeJS adapter
1816330 - CVE-2020-8840 jackson-databind: Lacks certain xbean-reflect/JNDI blocking
1816332 - CVE-2020-9546 jackson-databind: Serialization gadgets in shaded-hikari-config
1816337 - CVE-2020-9547 jackson-databind: Serialization gadgets in ibatis-sqlmap
1816340 - CVE-2020-9548 jackson-databind: Serialization gadgets in anteros-core
1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
1828459 - CVE-2020-10719 undertow: invalid HTTP request with large chunk size
1836786 - CVE-2020-10748 keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697)
1850004 - CVE-2020-11023 jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution
5
| VAR-202004-2259 | No CVE | An unauthorized access vulnerability exists in the gas SCADA system of Shandong Stard Measurement & Control Equipment Co., Ltd. |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
The gas transmission and distribution height SCADA system is a large-scale network system.
An unauthorized access vulnerability exists in the SCADA system of Shandong Stard Measurement & Control Equipment Co., Ltd. An attacker can use this vulnerability to obtain key information of the corporate SCADA system without logging in to the system, resulting in the disclosure of sensitive information.
| VAR-202004-1326 | CVE-2017-18854 | NETGEAR ReadyNAS Injection vulnerabilities in |
CVSS V2: 4.6 CVSS V3: 6.7 Severity: MEDIUM |
NETGEAR ReadyNAS 6.6.1 and earlier is affected by command injection. NETGEAR ReadyNAS There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR ReadyNAS OS is an operating system for ReadyNAS network-attached storage devices developed by NETGEAR. An injection vulnerability exists in NETGEAR ReadyNAS OS versions 6 through 6.6.1. The vulnerability stems from the fact that the network system or product lacks correct verification of user input data during the operation process of user input to construct commands, data structures, or records, and does not filter or correctly filter out special elements in it, resulting in parsing or failure of the system or product. Wrong way of interpreting