RHSA-2021:4785 | rpm-build-libs | 4.11.3-35.el7 | The RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fix(es): * rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2019:2189 | procps-ng | 3.3.10-23.el7 | The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es): * procps-ng, procps: Local privilege escalation in top (CVE-2018-1122) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2019:2030 | python-libs | 2.7.5-77.el7_6 | Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:1131 | python-libs | 2.7.5-77.el7_6 | Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Cookie domain check returns incorrect results (CVE-2018-20852) * python: email.utils.parseaddr wrongly parses email addresses (CVE-2019-16056) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2020:5009 | python-libs | 2.7.5-77.el7_6 | Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:3911 | python-libs | 2.7.5-77.el7_6 | Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2022:5235 | python-libs | 2.7.5-77.el7_6 | Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116) * python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137) * python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:1190 | libxml2 | 2.9.1-6.el7_2.3 | The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131) * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412) * libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035) * libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404) * libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258) * libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2020:3996 | libxml2 | 2.9.1-6.el7_2.3 | The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c (CVE-2019-19956) * libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388) * libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2021:3810 | libxml2 | 2.9.1-6.el7_2.3 | The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:1021 | shared-mime-info | 1.8-4.el7 | GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix(es): * gnome-shell: partial lock screen bypass (CVE-2019-3820) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2019:2237 | nspr | 4.19.0-1.el7_5 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:4076 | nspr | 4.19.0-1.el7_5 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885) |
RHSA-2019:1815 | java-1.8.0-openjdk | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511) (CVE-2019-2842) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:4350 | java-1.8.0-openjdk | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * JDK-8215727: Restore JFR thread sampler loop to old / previous behavior (BZ#1889532) |
RHSA-2021:1298 | java-1.8.0-openjdk | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (8249906) (CVE-2021-2163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2022:0306 | java-1.8.0-openjdk | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248) * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) (CVE-2022-21282) * OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813) (CVE-2022-21283) * OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293) * OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294) * OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498) (CVE-2022-21296) * OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299) * OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014) (CVE-2022-21305) * OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340) * OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360) * OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2023:0203 | java-1.8.0-openjdk | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) (BZ#2150191) |
RHSA-2022:7002 | java-1.8.0-openjdk | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) (BZ#2130371) |
RHSA-2019:2030 | python | 2.7.5-77.el7_6 | Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:1131 | python | 2.7.5-77.el7_6 | Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Cookie domain check returns incorrect results (CVE-2018-20852) * python: email.utils.parseaddr wrongly parses email addresses (CVE-2019-16056) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2020:5009 | python | 2.7.5-77.el7_6 | Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:3911 | python | 2.7.5-77.el7_6 | Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2022:5235 | python | 2.7.5-77.el7_6 | Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116) * python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137) * python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2019:2079 | libX11 | 1.6.5-2.el7 | X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * libX11: Crash on invalid reply in XListExtensions in ListExt.c (CVE-2018-14598) * libX11: Off-by-one error in XListExtensions in ListExt.c (CVE-2018-14599) * libX11: Out of Bounds write in XListExtensions in ListExt.c (CVE-2018-14600) * libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash (CVE-2018-15857) * libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash (CVE-2018-15853) * libxkbcommon: NULL pointer dereference resulting in a crash (CVE-2018-15854) * libxkbcommon: NULL pointer dereference when handling xkb_geometry (CVE-2018-15855) * libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash (CVE-2018-15856) * libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash (CVE-2018-15859) * libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash (CVE-2018-15861) * libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash (CVE-2018-15862) * libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash (CVE-2018-15863) * libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash (CVE-2018-15864) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2019:2237 | nss-softokn | 3.36.0-5.el7_5 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:4076 | nss-softokn | 3.36.0-5.el7_5 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885) |
RHSA-2019:2304 | openssl-libs | 1:1.0.2k-16.el7_6.1 | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: 0-byte record padding oracle (CVE-2019-1559) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2021:3798 | openssl-libs | 1:1.0.2k-16.el7_6.1 | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: integer overflow in CipherUpdate (CVE-2021-23840) * openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2022:0064 | openssl-libs | 1:1.0.2k-16.el7_6.1 | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2019:2075 | binutils | 2.27-34.base.el7 | The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fix(es): * binutils: integer overflow leads to heap-based buffer overflow in objdump (CVE-2018-1000876) * binutils: Stack Exhaustion in the demangling functions provided by libiberty (CVE-2018-12641) * binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. (CVE-2018-12697) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2021:4033 | binutils | 2.27-34.base.el7 | The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in binutils in order to facilitate detection of BiDi Unicode characters: Tools which display names or strings (readelf, strings, nm, objdump) have a new command line option --unicode / -U which controls how Unicode characters are handled. Using "--unicode=default" will treat them as normal for the tool. This is the default behaviour when --unicode option is not used. Using "--unicode=locale" will display them according to the current locale. Using "--unicode=hex" will display them as hex byte values. Using "--unicode=escape" will display them as Unicode escape sequences. Using "--unicode=highlight" will display them as Unicode escape sequences highlighted in red, if supported by the output device. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2021:4785 | rpm-python | 4.11.3-35.el7 | The RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fix(es): * rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:4041 | openldap | 2.4.44-21.el7_6 | OpenLDAP is an open-source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and documentation for OpenLDAP. Security Fix(es): * openldap: denial of service via nested boolean expressions in LDAP search filters (CVE-2020-12243) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2022:0621 | openldap | 2.4.44-21.el7_6 | OpenLDAP is an open-source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Security Fix(es): * openldap: assertion failure in Certificate List syntax validation (CVE-2020-25709) * openldap: assertion failure in CSN normalization with invalid input (CVE-2020-25710) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2021:1389 | openldap | 2.4.44-21.el7_6 | OpenLDAP is an open-source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Security Fix(es): * openldap: NULL pointer dereference for unauthenticated packet in slapd (CVE-2020-25692) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:4011 | libcom_err | 1.42.9-13.el7 | The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems. Security Fix(es): * e2fsprogs: Crafted ext4 partition leads to out-of-bounds write (CVE-2019-5094) * e2fsprogs: Out-of-bounds write in e2fsck/rehash.c (CVE-2019-5188) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2019:2091 | systemd | 219-62.el7_6.6 | The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: line splitting via fgets() allows for state injection during daemon-reexec (CVE-2018-15686) * systemd: out-of-bounds read when parsing a crafted syslog message (CVE-2018-16866) * systemd: kills privileged process if unprivileged PIDFile was tampered (CVE-2018-16888) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:4032 | dbus | 1:1.10.24-13.el7_6 | D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix(es): * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass (CVE-2019-12749) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2023:1095 | zlib | 1.2.7-18.el7 | The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fix(es): * zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field (CVE-2022-37434) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2019:1815 | java-1.8.0-openjdk-headless | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511) (CVE-2019-2842) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:4350 | java-1.8.0-openjdk-headless | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * JDK-8215727: Restore JFR thread sampler loop to old / previous behavior (BZ#1889532) |
RHSA-2021:1298 | java-1.8.0-openjdk-headless | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (8249906) (CVE-2021-2163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2022:0306 | java-1.8.0-openjdk-headless | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248) * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) (CVE-2022-21282) * OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813) (CVE-2022-21283) * OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293) * OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294) * OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498) (CVE-2022-21296) * OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299) * OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014) (CVE-2022-21305) * OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340) * OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360) * OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2023:0203 | java-1.8.0-openjdk-headless | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) (BZ#2150191) |
RHSA-2022:7002 | java-1.8.0-openjdk-headless | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) (BZ#2130371) |
RHSA-2020:1021 | gtk-update-icon-cache | 3.22.30-3.el7 | GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix(es): * gnome-shell: partial lock screen bypass (CVE-2019-3820) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2019:2237 | nss-softokn-freebl | 3.36.0-5.el7_5 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:4076 | nss-softokn-freebl | 3.36.0-5.el7_5 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885) |
RHSA-2019:1815 | java-1.8.0-openjdk-devel | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511) (CVE-2019-2842) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:4350 | java-1.8.0-openjdk-devel | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * JDK-8215727: Restore JFR thread sampler loop to old / previous behavior (BZ#1889532) |
RHSA-2021:1298 | java-1.8.0-openjdk-devel | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (8249906) (CVE-2021-2163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2022:0306 | java-1.8.0-openjdk-devel | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248) * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) (CVE-2022-21282) * OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813) (CVE-2022-21283) * OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293) * OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294) * OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498) (CVE-2022-21296) * OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299) * OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014) (CVE-2022-21305) * OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340) * OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360) * OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2023:0203 | java-1.8.0-openjdk-devel | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) (BZ#2150191) |
RHSA-2022:7002 | java-1.8.0-openjdk-devel | 1:1.8.0.212.b04-0.el7_6 | The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) (BZ#2130371) |
RHSA-2020:1011 | expat | 2.1.0-10.el7_3 | Expat is a C library for parsing XML documents. Security Fix(es): * expat: Integer overflow leading to buffer overflow in XML_GetBuffer() (CVE-2015-2716) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2020:3952 | expat | 2.1.0-10.el7_3 | Expat is a C library for parsing XML documents. Security Fix(es): * expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2019:2057 | bind-license | 32:9.9.4-74.el7_6.1 | The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The following packages have been upgraded to a later upstream version: bind (9.11.4). (BZ#1640561) Security Fix(es): * bind: Incorrect documentation of krb5-subdomain and ms-subdomain update policies (CVE-2018-5741) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:1061 | bind-license | 32:9.9.4-74.el7_6.1 | The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: TCP Pipelining doesn't limit TCP clients on a single connection (CVE-2019-6477) * bind: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (CVE-2018-5745) * bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable (CVE-2019-6465) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2020:5011 | bind-license | 32:9.9.4-74.el7_6.1 | The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622) * bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623) * bind: incorrect enforcement of update-policy rules of type "subdomain" (CVE-2020-8624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * BIND stops DNSKEY lookup in get_dst_key() when a key with unsupported algorithm is found first [RHEL7] (BZ#1884530) |
RHSA-2021:3325 | bind-license | 32:9.9.4-74.el7_6.1 | The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2023:0402 | bind-license | 32:9.9.4-74.el7_6.1 | The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: processing large delegations may severely degrade resolver performance (CVE-2022-2795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2019:2237 | nss-sysinit | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:4076 | nss-sysinit | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885) |
RHSA-2021:1384 | nss-sysinit | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * FTBFS: Paypal Cert expired (BZ#1883973) * FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) * Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) * CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193) |
RHSA-2020:1050 | cups-libs | 1:1.6.3-35.el7 | The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: Local privilege escalation to root due to insecure environment variable handling (CVE-2018-4180) * cups: Manipulation of cupsd.conf by a local attacker resulting in limited reads of arbitrary files as root (CVE-2018-4181) * cups: Predictable session cookie breaks CSRF protection (CVE-2018-4700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2020:3864 | cups-libs | 1:1.6.3-35.el7 | The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: DNS rebinding attacks via incorrect whitelist (CVE-2017-18190) * cups: stack-buffer-overflow in libcups's asn1_get_type function (CVE-2019-8675) * cups: stack-buffer-overflow in libcups's asn1_get_packed function (CVE-2019-8696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2019:2079 | libX11-common | 1.6.5-2.el7 | X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * libX11: Crash on invalid reply in XListExtensions in ListExt.c (CVE-2018-14598) * libX11: Off-by-one error in XListExtensions in ListExt.c (CVE-2018-14599) * libX11: Out of Bounds write in XListExtensions in ListExt.c (CVE-2018-14600) * libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash (CVE-2018-15857) * libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash (CVE-2018-15853) * libxkbcommon: NULL pointer dereference resulting in a crash (CVE-2018-15854) * libxkbcommon: NULL pointer dereference when handling xkb_geometry (CVE-2018-15855) * libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash (CVE-2018-15856) * libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash (CVE-2018-15859) * libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash (CVE-2018-15861) * libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash (CVE-2018-15862) * libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash (CVE-2018-15863) * libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash (CVE-2018-15864) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:3978 | glib2 | 2.56.1-4.el7_6 | GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The Intelligent Input Bus (IBus) is an input method framework for multilingual input in Unix-like operating systems. Security Fix(es): * glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress (CVE-2019-12450) * ibus: missing authorization allows local attacker to access the input bus of another user (CVE-2019-14822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2019:2052 | libjpeg-turbo | 1.2.90-6.el7 | The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg: null pointer dereference in cjpeg (CVE-2016-3616) * libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service (CVE-2018-14498) * libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c (CVE-2018-11212) * libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c (CVE-2018-11213) * libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c (CVE-2018-11214) * libjpeg: "cjpeg" utility large loop because read_pixel in rdtarga.c mishandles EOF (CVE-2018-11813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2019:2136 | libssh2 | 1.4.3-12.el7_6.2 | The libssh2 packages provide a library that implements the SSH2 protocol. The following packages have been upgraded to a later upstream version: libssh2 (1.8.0). (BZ#1592784) Security Fix(es): * libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read (CVE-2019-3858) * libssh2: Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2019:1884 | libssh2 | 1.4.3-12.el7_6.2 | The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es): * libssh2: Out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:3915 | libssh2 | 1.4.3-12.el7_6.2 | The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es): * libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c (CVE-2019-17498) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2020:1113 | bash | 4.2.46-31.el7 | The bash packages provide Bash (Bourne-again shell), which is the default shell for Red Hat Enterprise Linux. Security Fix(es): * bash: BASH_CMD is writable in restricted bash shells (CVE-2019-9924) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2019:2053 | libtiff | 4.0.3-27.el7_3 | The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: buffer overflow in gif2tiff (CVE-2016-3186) * libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution (CVE-2018-12900) * libtiff: Out-of-bounds write in tif_jbig.c (CVE-2018-18557) * libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service (CVE-2018-7456) * libtiff: heap-based buffer overflow in tif_lzw.c:LZWDecodeCompat() allows for denial of service (CVE-2018-8905) * libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c (CVE-2018-10779) * libtiff: reachable assertion in TIFFWriteDirectorySec function in tif_dirwrite.c (CVE-2018-10963) * libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c (CVE-2018-17100) * libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c (CVE-2018-17101) * libtiff: tiff2bw tool failed memory allocation leads to crash (CVE-2018-18661) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:3902 | libtiff | 4.0.3-27.el7_3 | The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: integer overflow in _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c (CVE-2019-14973) * libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c (CVE-2019-17546) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2019:2237 | nss-util | 3.36.0-1.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:4076 | nss-util | 3.36.0-1.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885) |
RHSA-2019:2118 | glibc | 2.17-260.el7_6.5 | The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2021:0348 | glibc | 2.17-260.el7_6.5 | The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013) * glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions (CVE-2020-10029) * glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern (CVE-2020-29573) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * glibc: 64bit_strstr_via_64bit_strstr_sse2_unaligned detection fails with large device and inode numbers (BZ#1883162) * glibc: Performance regression in ebizzy benchmark (BZ#1889977) |
RHSA-2020:4005 | libxslt | 1.1.28-5.el7 | libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL (CVE-2019-11068) * libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure (CVE-2019-18197) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2020:5002 | curl | 7.29.0-51.el7 | The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:3916 | curl | 7.29.0-51.el7 | The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2020:3908 | cpio | 2.11-27.el7 | The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fix(es): * cpio: improper input validation when writing tar header fields leads to unexpect tar generation (CVE-2019-14866) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2019:2091 | systemd-libs | 219-62.el7_6.6 | The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: line splitting via fgets() allows for state injection during daemon-reexec (CVE-2018-15686) * systemd: out-of-bounds read when parsing a crafted syslog message (CVE-2018-16866) * systemd: kills privileged process if unprivileged PIDFile was tampered (CVE-2018-16888) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2021:4788 | krb5-libs | 1.15.1-37.el7_6 | Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): * krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field (CVE-2021-37750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHBA-2019:2599 | krb5-libs | 1.15.1-37.el7_6 | Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). This update fixes the following bug: * KDC and keytab can disagree on kvno after update (BZ#1732743) |
RHSA-2020:5002 | libcurl | 7.29.0-51.el7 | The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:3916 | libcurl | 7.29.0-51.el7 | The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2021:4785 | rpm-libs | 4.11.3-35.el7 | The RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fix(es): * rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2019:2118 | glibc-common | 2.17-260.el7_6.5 | The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2021:0348 | glibc-common | 2.17-260.el7_6.5 | The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013) * glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions (CVE-2020-10029) * glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern (CVE-2020-29573) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * glibc: 64bit_strstr_via_64bit_strstr_sse2_unaligned detection fails with large device and inode numbers (BZ#1883162) * glibc: Performance regression in ebizzy benchmark (BZ#1889977) |
RHSA-2020:4032 | dbus-libs | 1:1.10.24-13.el7_6 | D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix(es): * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass (CVE-2019-12749) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2019:2237 | nss | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:4076 | nss | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885) |
RHSA-2021:1384 | nss | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * FTBFS: Paypal Cert expired (BZ#1883973) * FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) * Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) * CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193) |
RHSA-2019:2237 | nss-tools | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. |
RHSA-2020:4076 | nss-tools | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885) |
RHSA-2021:1384 | nss-tools | 3.36.0-7.1.el7_6 | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * FTBFS: Paypal Cert expired (BZ#1883973) * FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) * Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) * CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193) |
RHSA-2021:4785 | rpm | 4.11.3-35.el7 | The RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fix(es): * rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |
RHSA-2020:1080 | atk | 2.28.1-1.el7 | Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications. Security Fix(es): * evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages (CVE-2018-15587) * evolution-ews: all certificate errors ignored if error is ignored during initial account setup in gnome-online-accounts (CVE-2019-3890) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2020:1190 | libxml2-python | 2.9.1-6.el7_2.3 | The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131) * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412) * libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035) * libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404) * libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258) * libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. |
RHSA-2020:3996 | libxml2-python | 2.9.1-6.el7_2.3 | The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c (CVE-2019-19956) * libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388) * libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. |
RHSA-2021:3810 | libxml2-python | 2.9.1-6.el7_2.3 | The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. |