from:"Security announcements for all Red Hat products and services."

[RHSA-2017:1833-01] Important: chromium-browser security update

2017-07-31 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: chromium-browser security update
Advisory ID:   RHSA-2017:1833-01
Product:   Red Hat Enterprise Linux Supplementary
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1833
Issue date:2017-07-31
CVE Names: CVE-2017-5091 CVE-2017-5092 CVE-2017-5093 
   CVE-2017-5094 CVE-2017-5095 CVE-2017-5096 
   CVE-2017-5097 CVE-2017-5098 CVE-2017-5099 
   CVE-2017-5100 CVE-2017-5101 CVE-2017-5102 
   CVE-2017-5103 CVE-2017-5104 CVE-2017-5105 
   CVE-2017-5106 CVE-2017-5107 CVE-2017-5108 
   CVE-2017-5109 CVE-2017-5110 CVE-2017-7000 
=

1. Summary:

An update for chromium-browser is now available for Red Hat Enterprise
Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

3. Description:

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 60.0.3112.78.

Security Fix(es):

* Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Chromium to crash,
execute arbitrary code, or disclose sensitive information when visited by
the victim. (CVE-2017-5091, CVE-2017-5092, CVE-2017-5093, CVE-2017-5094,
CVE-2017-5095, CVE-2017-5096, CVE-2017-5097, CVE-2017-5098, CVE-2017-5099,
CVE-2017-5100, CVE-2017-5101, CVE-2017-5102, CVE-2017-5103, CVE-2017-5104,
CVE-2017-5106, CVE-2017-7000, CVE-2017-5105, CVE-2017-5107, CVE-2017-5108,
CVE-2017-5109, CVE-2017-5110)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1475193 - CVE-2017-5091 chromium-browser: use after free in indexeddb
1475194 - CVE-2017-5092 chromium-browser: use after free in ppapi
1475195 - CVE-2017-5093 chromium-browser: ui spoofing in blink
1475196 - CVE-2017-5094 chromium-browser: type confusion in extensions
1475197 - CVE-2017-5095 chromium-browser: out-of-bounds write in pdfium
1475198 - CVE-2017-5096 chromium-browser: user information leak via android 
intents
1475199 - CVE-2017-5097 chromium-browser: out-of-bounds read in skia
1475200 - CVE-2017-5098 chromium-browser: use after free in v8
1475201 - CVE-2017-5099 chromium-browser: out-of-bounds write in ppapi
1475202 - CVE-2017-5100 chromium-browser: use after free in chrome apps
1475203 - CVE-2017-5101 chromium-browser: url spoofing in omnibox
1475204 - CVE-2017-5102 chromium-browser: uninitialized use in skia
1475205 - CVE-2017-5103 chromium-browser: uninitialized use in skia
1475206 - CVE-2017-5104 chromium-browser: ui spoofing in browser
1475207 - CVE-2017-7000 chromium-browser: pointer disclosure in sqlite
1475208 - CVE-2017-5105 chromium-browser: url spoofing in omnibox
1475209 - CVE-2017-5106 chromium-browser: url spoofing in omnibox
1475210 - CVE-2017-5107 chromium-browser: user information leak via svg
1475211 - CVE-2017-5108 chromium-browser: type confusion in pdfium
1475212 - CVE-2017-5109 chromium-browser: ui spoofing in browser
1475213 - CVE-2017-5110 chromium-browser: ui spoofing in payments dialog

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
chromium-browser-60.0.3112.78-1.el6_9.i686.rpm
chromium-browser-debuginfo-60.0.3112.78-1.el6_9.i686.rpm

x86_64:
chromium-browser-60.0.3112.78-1.el6_9.x86_64.rpm
chromium-browser-debuginfo-60.0.3112.78-1.el6_9.x86_64.rpm

Red Hat Enterprise Linux Server Supplementary (v. 6):

i386:
chromium-browser-60.0.3112.78-1.el6_9.i686.rpm
chromium-browser-debuginfo-60.0.3112.78-1.el6_9.i686.rpm

x86_64:
chromium-browser-60.0.3112.78-1.el6_9.x86_64.rpm
chromium-browser-debuginfo-60.0.3112.78-1.el6_9.x86_64.rpm

Red Hat Enterprise Linux Workstation Supplementary (v. 6):

i386:
chromium-browser-60.0.3112.78-1.el6_9.i686.rpm
chromium-browser-debuginfo-60.0.3112.78-1.el6_9.i686.rpm

x86_64:
chromium-browser-60.0.3112.78-1.el6_9.x86_64.rpm
chromium-browser-debuginfo-60.0.3112.78-1.el6_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available

[RHSA-2017:1837-01] Important: eap7-jboss-ec2-eap security update

2017-07-31 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Important: eap7-jboss-ec2-eap security update
Advisory ID: RHSA-2017:1837-01
Product: Red Hat JBoss Enterprise Application Platform
Advisory URL: https://access.redhat.com/errata/RHSA-2017:1837
Issue date:2017-07-31
CVE Names: CVE-2016-4978 CVE-2017-7525
=

1. Summary:

An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss
Enterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss Enterprise
Application Platform 7.0 for RHEL 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server - noarch
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server - noarch

3. Description:

The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss
Enterprise Application Platform running on the Amazon Web Services (AWS)
Elastic Compute Cloud (EC2).

With this update, the eap7-jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 7.0.7.

Refer to the JBoss Enterprise Application Platform 7.0.7 Release Notes,
linked to in the References section, for information on the most
significant bug fixes and enhancements included in this release.

Security Fix(es):

* A deserialization flaw was discovered in jackson-databind which could
allow an unauthenticated user to perform code execution by sending
maliciously crafted input to the readValue method of the ObjectMapper.
(CVE-2017-7525)

* It was found that use of a JMS ObjectMessage does not safely handle
user-supplied data when deserializing objects. A remote attacker could use
this flaw to execute arbitrary code with the permissions of the application
using the JMS ObjectMessage. (CVE-2016-4978)

Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting
CVE-2017-7525.

4. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1379207 - CVE-2016-4978 Apache ActiveMQ Artemis: Deserialization of untrusted
input vulnerability
1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via
readValue method of ObjectMapper

6. JIRA issues fixed (https://issues.jboss.org/):

JBEAP-9466 - jboss-ec2-eap for EAP 7.0.7

7. Package List:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server:

Source:
eap7-jboss-ec2-eap-7.0.7-1.GA_redhat_1.ep7.el6.src.rpm

noarch:
eap7-jboss-ec2-eap-7.0.7-1.GA_redhat_1.ep7.el6.noarch.rpm
eap7-jboss-ec2-eap-samples-7.0.7-1.GA_redhat_1.ep7.el6.noarch.rpm

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server:

Source:
eap7-jboss-ec2-eap-7.0.7-1.GA_redhat_1.ep7.el7.src.rpm

noarch:
eap7-jboss-ec2-eap-7.0.7-1.GA_redhat_1.ep7.el7.noarch.rpm
eap7-jboss-ec2-eap-samples-7.0.7-1.GA_redhat_1.ep7.el7.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2016-4978
https://access.redhat.com/security/cve/CVE-2017-7525
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/
https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/

9. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iD8DBQFZf0u6XlSAg2UNWIIRAuGPAJ0ajp7wHYlxSHBHropcvmVYqeJnbwCgt7VP
xUtYFLU+7D11mscwGdNAFEo=
=nj5w
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1838-01] Moderate: rh-postgresql95-postgresql security update

2017-07-31 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: rh-postgresql95-postgresql security update
Advisory ID:   RHSA-2017:1838-01
Product:   Red Hat Satellite
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1838
Issue date:2017-07-31
CVE Names: CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 
=

1. Summary:

An update for rh-postgresql95-postgresql is now available for Red Hat
Satellite 5.8 and Red Hat Satellite 5.8 ELS.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

This update applies only to Satellite 5.8 instances using either embedded
or managed PostgreSQL databases.

There are manual steps required in order to finish the migration from
postgresql92-postgresql to rh-postgresql95-postgresql. If these steps are
not undertaken, the affected Satellite will continue to use PostgreSQL 9.2.

postgresql92-postgresql will be upgraded automatically to
rh-postgresql95-postgresql as part of an upgrade to Satellite 5.8.

2. Relevant releases/architectures:

Red Hat Satellite 5.8 (RHEL v.6) - s390x, x86_64
Red Hat Satellite 5.8 ELS (RHEL v.6) - s390x, x86_64
Red Hat Satellite Managed DB 5.8 (RHEL v.6) - s390x, x86_64
Red Hat Satellite Managed DB 5.8 ELS (RHEL v.6) - s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

Security Fix(es):

* It was found that some selectivity estimation functions did not check
user privileges before providing information from pg_statistic, possibly
leaking information. A non-administrative database user could use this flaw
to steal some information from tables they are otherwise not allowed to
access. (CVE-2017-7484)

* It was discovered that the PostgreSQL client library (libpq) did not
enforce the use of TLS/SSL for a connection to a PostgreSQL server when the
PGREQUIRESSL environment variable was set. An man-in-the-middle attacker
could use this flaw to strip the SSL/TLS protection from a connection
between a client and a server. (CVE-2017-7485)

* It was found that the pg_user_mappings view could disclose information
about user mappings to a foreign database to non-administrative database
users. A database user with USAGE privilege for this mapping could, when
querying the view, obtain user mapping data, such as the username and
password used to connect to the foreign database. (CVE-2017-7486)

Red Hat would like to thank the PostgreSQL project for reporting these
issues. Upstream acknowledges Robert Haas as the original reporter of
CVE-2017-7484; Daniel Gustafsson as the original reporter of CVE-2017-7485;
and Andrew Wheelwright as the original reporter of CVE-2017-7486.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After applying this update restart Satellite database using following
command:

db-control stop && db-control start

5. Bugs fixed (https://bugzilla.redhat.com/):

1448078 - CVE-2017-7484 postgresql: Selectivity estimators bypass SELECT 
privilege checks
1448086 - CVE-2017-7485 postgresql: libpq ignores PGREQUIRESSL environment 
variable
1448089 - CVE-2017-7486 postgresql: pg_user_mappings view discloses foreign 
server passwords

6. Package List:

Red Hat Satellite Managed DB 5.8 (RHEL v.6):

Source:
rh-postgresql95-postgresql-9.5.7-2.el6.src.rpm

s390x:
rh-postgresql95-postgresql-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-contrib-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-debuginfo-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-libs-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-pltcl-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-server-9.5.7-2.el6.s390x.rpm

x86_64:
rh-postgresql95-postgresql-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-contrib-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-debuginfo-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-libs-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-pltcl-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-server-9.5.7-2.el6.x86_64.rpm

Red Hat Satellite Managed DB 5.8 ELS (RHEL v.6):

Source:
rh-postgresql95-postgresql-9.5.7-2.el6.src.rpm

s390x:
rh-postgresql95-postgresql-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-contrib-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-debuginfo-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-libs-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-pltcl-9.5.7-2.el6.s390x.rpm
rh-postgresql95-postgresql-server-9.5.7-2.el6.s390x.rpm

x86_64:
rh-postgresql95-postgresql-9.5.7-2.el6.x86_64.rpm

[RHSA-2017:1839-01] Important: rh-eclipse46-jackson-databind security update

2017-07-31 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: rh-eclipse46-jackson-databind security update
Advisory ID:   RHSA-2017:1839-01
Product:   Red Hat Software Collections
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1839
Issue date:2017-07-31
CVE Names: CVE-2017-7525 
=

1. Summary:

An update for rh-eclipse46-jackson-databind is now available for Red Hat
Software Collections.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - 
noarch
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - 
noarch

3. Description:

The jackson-databind package provides general data-binding functionality
for Jackson, which works on top of Jackson core streaming API.

Security Fix(es):

* A deserialization flaw was discovered in the jackson-databind which could
allow an unauthenticated user to perform code execution by sending the
maliciously crafted input to the readValue method of the ObjectMapper.
(CVE-2017-7525)

Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via 
readValue method of ObjectMapper

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

Source:
rh-eclipse46-jackson-databind-2.6.3-2.3.el7.src.rpm

noarch:
rh-eclipse46-jackson-databind-2.6.3-2.3.el7.noarch.rpm
rh-eclipse46-jackson-databind-javadoc-2.6.3-2.3.el7.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):

Source:
rh-eclipse46-jackson-databind-2.6.3-2.3.el7.src.rpm

noarch:
rh-eclipse46-jackson-databind-2.6.3-2.3.el7.noarch.rpm
rh-eclipse46-jackson-databind-javadoc-2.6.3-2.3.el7.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-eclipse46-jackson-databind-2.6.3-2.3.el7.src.rpm

noarch:
rh-eclipse46-jackson-databind-2.6.3-2.3.el7.noarch.rpm
rh-eclipse46-jackson-databind-javadoc-2.6.3-2.3.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7525
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZf1zWXlSAg2UNWIIRAgEIAKCYcnw4RVh9+WSlF3+lbPiGY6Yr3gCeJ8Fr
7db1dOhyIzap6Xv4mWvWTpA=
=3cS2
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1834-01] Important: Red Hat JBoss Enterprise Application Platform 7.0.7 on RHEL 6

2017-07-31 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: Red Hat JBoss Enterprise Application Platform 
7.0.7 on RHEL 6
Advisory ID:   RHSA-2017:1834-01
Product:   Red Hat JBoss Enterprise Application Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1834
Issue date:2017-07-31
CVE Names: CVE-2016-4978 CVE-2017-7525 
=

1. Summary:

An update is now available for Red Hat JBoss Enterprise Application
Platform 7.0 for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server - noarch

3. Description:

Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.

This release of Red Hat JBoss Enterprise Application Platform 7.0.7 serves
as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.6,
and includes bug fixes and enhancements, which are documented in the
Release Notes linked to in the References.

Security Fix(es):

* A deserialization flaw was discovered in jackson-databind which could
allow an unauthenticated user to perform code execution by sending
maliciously crafted input to the readValue method of the ObjectMapper.
(CVE-2017-7525)

* It was found that use of a JMS ObjectMessage does not safely handle
user-supplied data when deserializing objects. A remote attacker could use
this flaw to execute arbitrary code with the permissions of the application
using the JMS ObjectMessage. (CVE-2016-4978)

Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting
CVE-2017-7525.

4. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1379207 - CVE-2016-4978 Apache ActiveMQ Artemis: Deserialization of untrusted 
input vulnerability
1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via 
readValue method of ObjectMapper

6. JIRA issues fixed (https://issues.jboss.org/):

JBEAP-9464 - Tracker bug for the EAP 7.0.7 release for RHEL-6

7. Package List:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server:

Source:
eap7-activemq-artemis-1.1.0-18.SP21_redhat_1.1.ep7.el6.src.rpm
eap7-glassfish-jsf-2.2.12-2.SP4_redhat_1.1.ep7.el6.src.rpm
eap7-hibernate-5.0.14-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-ironjacamar-1.3.7-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-jackson-databind-2.5.4-2.redhat_2.1.ep7.el6.src.rpm
eap7-jboss-modules-1.5.4-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-jboss-remoting-4.0.23-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-jboss-xnio-base-3.4.6-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-resteasy-3.0.19-6.SP4_redhat_1.1.ep7.el6.src.rpm
eap7-wildfly-7.0.7-4.GA_redhat_3.1.ep7.el6.src.rpm
eap7-wildfly-javadocs-7.0.7-3.GA_redhat_4.1.ep7.el6.src.rpm
eap7-wildfly-web-console-eap-2.8.30-1.Final_redhat_1.1.ep7.el6.src.rpm

noarch:
eap7-activemq-artemis-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-cli-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-commons-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-core-client-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-dto-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-hornetq-protocol-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-hqclient-protocol-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-jms-client-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-jms-server-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-journal-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-native-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-ra-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-selector-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-server-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-service-extensions-1.1.0-18.SP21_redhat_1.1.ep7.el6.noarch.rpm
eap7-glassfish-jsf-2.2.12-2.SP4_redhat_1.1.ep7.el6.noarch.rpm
eap7-hibernate-5.0.14-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-hibernate-core-5.0.14-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-hibernate-entitymanager-5.0.14-1.Final_redhat_1.1.ep7.el6.noarch.rpm

[RHSA-2017:1836-01] Important: Red Hat JBoss Enterprise Application Platform 7.0.7

2017-07-31 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Important: Red Hat JBoss Enterprise Application Platform
7.0.7
Advisory ID: RHSA-2017:1836-01
Product: Red Hat JBoss Enterprise Application Platform
Advisory URL: https://access.redhat.com/errata/RHSA-2017:1836
Issue date:2017-07-31
CVE Names: CVE-2016-4978 CVE-2017-7525
=

1. Summary:

An update is now available for Red Hat JBoss Enterprise Application
Platform.

2. Description:

Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.

This release of Red Hat JBoss Enterprise Application Platform 7.0.7 serves
as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.6,
and includes bug fixes and enhancements, which are documented in the
Release Notes document linked to in the References.

Security Fix(es):

Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting
CVE-2017-7525.

3. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

The References section of this erratum contains a download link (you must
log in to download the update).

4. Bugs fixed (https://bugzilla.redhat.com/):

5. References:

https://access.redhat.com/security/cve/CVE-2016-4978
https://access.redhat.com/security/cve/CVE-2017-7525
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform=securityPatches=7.0
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/
https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iD8DBQFZf0Q5XlSAg2UNWIIRAtUtAKCWq1DaaLDVfu+tlaIMQTKfUw6SDACfabQp
MpnEvHHPoWII54nU7gLH5YI=
=iy7P
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1835-01] Important: Red Hat JBoss Enterprise Application Platform 7.0.7 on RHEL 7

2017-07-31 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: Red Hat JBoss Enterprise Application Platform 
7.0.7 on RHEL 7
Advisory ID:   RHSA-2017:1835-01
Product:   Red Hat JBoss Enterprise Application Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1835
Issue date:2017-07-31
CVE Names: CVE-2016-4978 CVE-2017-7525 
=

1. Summary:

An update is now available for Red Hat JBoss Enterprise Application
Platform 7.0 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server - noarch

3. Description:

Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.

This release of Red Hat JBoss Enterprise Application Platform 7.0.7 serves
as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.6,
and includes bug fixes and enhancements, which are documented in the
Release Notes linked to in the References.

Security Fix(es):

* A deserialization flaw was discovered in jackson-databind which could
allow an unauthenticated user to perform code execution by sending
maliciously crafted input to the readValue method of the ObjectMapper.
(CVE-2017-7525)

* It was found that use of a JMS ObjectMessage does not safely handle
user-supplied data when deserializing objects. A remote attacker could use
this flaw to execute arbitrary code with the permissions of the application
using the JMS ObjectMessage. (CVE-2016-4978)

Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting
CVE-2017-7525.

4. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1379207 - CVE-2016-4978 Apache ActiveMQ Artemis: Deserialization of untrusted 
input vulnerability
1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via 
readValue method of ObjectMapper

6. JIRA issues fixed (https://issues.jboss.org/):

JBEAP-9465 - Tracker bug for the EAP 7.0.7 release for RHEL-7

7. Package List:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server:

Source:
eap7-activemq-artemis-1.1.0-18.SP21_redhat_1.1.ep7.el7.src.rpm
eap7-glassfish-jsf-2.2.12-2.SP4_redhat_1.1.ep7.el7.src.rpm
eap7-hibernate-5.0.14-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-ironjacamar-1.3.7-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jackson-databind-2.5.4-2.redhat_2.1.ep7.el7.src.rpm
eap7-jboss-modules-1.5.4-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jboss-remoting-4.0.23-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jboss-xnio-base-3.4.6-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-resteasy-3.0.19-6.SP4_redhat_1.1.ep7.el7.src.rpm
eap7-wildfly-7.0.7-4.GA_redhat_3.1.ep7.el7.src.rpm
eap7-wildfly-javadocs-7.0.7-3.GA_redhat_4.1.ep7.el7.src.rpm
eap7-wildfly-web-console-eap-2.8.30-1.Final_redhat_1.1.ep7.el7.src.rpm

noarch:
eap7-activemq-artemis-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-cli-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-commons-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-core-client-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-dto-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-hornetq-protocol-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-hqclient-protocol-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-jms-client-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-jms-server-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-journal-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-native-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-ra-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-selector-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-server-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-service-extensions-1.1.0-18.SP21_redhat_1.1.ep7.el7.noarch.rpm
eap7-glassfish-jsf-2.2.12-2.SP4_redhat_1.1.ep7.el7.noarch.rpm
eap7-hibernate-5.0.14-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-hibernate-core-5.0.14-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-hibernate-entitymanager-5.0.14-1.Final_redhat_1.1.ep7.el7.noarch.rpm

[RHSA-2017:1840-01] Important: devtoolset-4-jackson-databind security update

2017-07-31 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: devtoolset-4-jackson-databind security update
Advisory ID:   RHSA-2017:1840-01
Product:   Red Hat Software Collections
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1840
Issue date:2017-07-31
CVE Names: CVE-2017-7525 
=

1. Summary:

An update for devtoolset-4-jackson-databind is now available for Red Hat
Software Collections.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - 
noarch
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - 
noarch
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - 
noarch
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - 
noarch

3. Description:

The jackson-databind package provides general data-binding functionality
for Jackson, which works on top of Jackson core streaming API.

Security Fix(es):

* A deserialization flaw was discovered in the jackson-databind which could
allow an unauthenticated user to perform code execution by sending the
maliciously crafted input to the readValue method of the ObjectMapper.
(CVE-2017-7525)

Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via 
readValue method of ObjectMapper

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):

Source:
devtoolset-4-jackson-databind-2.5.0-2.4.el6.src.rpm

noarch:
devtoolset-4-jackson-databind-2.5.0-2.4.el6.noarch.rpm
devtoolset-4-jackson-databind-javadoc-2.5.0-2.4.el6.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):

Source:
devtoolset-4-jackson-databind-2.5.0-2.4.el6.src.rpm

noarch:
devtoolset-4-jackson-databind-2.5.0-2.4.el6.noarch.rpm
devtoolset-4-jackson-databind-javadoc-2.5.0-2.4.el6.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):

Source:
devtoolset-4-jackson-databind-2.5.0-2.4.el6.src.rpm

noarch:
devtoolset-4-jackson-databind-2.5.0-2.4.el6.noarch.rpm
devtoolset-4-jackson-databind-javadoc-2.5.0-2.4.el6.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

Source:
devtoolset-4-jackson-databind-2.5.0-2.4.el7.src.rpm

noarch:
devtoolset-4-jackson-databind-2.5.0-2.4.el7.noarch.rpm
devtoolset-4-jackson-databind-javadoc-2.5.0-2.4.el7.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):

Source:
devtoolset-4-jackson-databind-2.5.0-2.4.el7.src.rpm

noarch:
devtoolset-4-jackson-databind-2.5.0-2.4.el7.noarch.rpm
devtoolset-4-jackson-databind-javadoc-2.5.0-2.4.el7.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

Source:
devtoolset-4-jackson-databind-2.5.0-2.4.el7.src.rpm

noarch:
devtoolset-4-jackson-databind-2.5.0-2.4.el7.noarch.rpm
devtoolset-4-jackson-databind-javadoc-2.5.0-2.4.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7525
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZf2GJXlSAg2UNWIIRAqU+AJ0UTlDS8WN8y/upRsPh/KSEB/Gs1ACgkqJW
ERxYMD6ZZZrgot9pM3U07vE=
=m/e7
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2285-01] Moderate: authconfig security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Moderate: authconfig security, bug fix, and enhancement
update
Advisory ID: RHSA-2017:2285-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2017:2285
Issue date:2017-08-01
CVE Names: CVE-2017-7488
=

1. Summary:

An update for authconfig is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

The authconfig packages contain a command-line utility and a GUI
application that can configure a workstation to be a client for certain
network user information, authentication schemes, and other user
information and authentication-related options.

Security Fix(es):

* A flaw was found where authconfig could configure sssd in a way that
treats existing and non-existing logins differently, leaking information on
existence of a user. An attacker with physical or network access to the
machine could enumerate users via a timing attack. (CVE-2017-7488)

This issue was discovered by Tomas Mraz (Red Hat) and Thorsten Scherf (Red
Hat).

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1329598 - authconfig breaks PAM system-auth-ac password-auth-ac for sssd in
RHEL7.2
1378943 - [RFE] Allow authconfig to configure Smartcard authentication with SSSD
1441374 - gdm prompts for user password when smartcard login is configured and
smartcard is inserted
1441604 - CVE-2017-7488 authconfig: Information leak when SSSD is used for
authentication against remote server
1443949 - authconfig generates sssd.conf with --updateall --enablesssd
--enablesssdauth
1449625 - Unlocalized strings and fuzzy translations in de, es, fr, it, ja, ko,
pt_BR, ru, zh_CN, zh_TW
1450425 - After ipa-server-install cannot ssh to machine anymore.

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
authconfig-6.2.8-30.el7.src.rpm

x86_64:
authconfig-6.2.8-30.el7.x86_64.rpm
authconfig-debuginfo-6.2.8-30.el7.x86_64.rpm
authconfig-gtk-6.2.8-30.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
authconfig-6.2.8-30.el7.src.rpm

x86_64:
authconfig-6.2.8-30.el7.x86_64.rpm
authconfig-debuginfo-6.2.8-30.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
authconfig-debuginfo-6.2.8-30.el7.x86_64.rpm
authconfig-gtk-6.2.8-30.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
authconfig-6.2.8-30.el7.src.rpm

aarch64:
authconfig-6.2.8-30.el7.aarch64.rpm
authconfig-debuginfo-6.2.8-30.el7.aarch64.rpm
authconfig-gtk-6.2.8-30.el7.aarch64.rpm

ppc64:
authconfig-6.2.8-30.el7.ppc64.rpm
authconfig-debuginfo-6.2.8-30.el7.ppc64.rpm
authconfig-gtk-6.2.8-30.el7.ppc64.rpm

ppc64le:
authconfig-6.2.8-30.el7.ppc64le.rpm
authconfig-debuginfo-6.2.8-30.el7.ppc64le.rpm
authconfig-gtk-6.2.8-30.el7.ppc64le.rpm

s390x:
authconfig-6.2.8-30.el7.s390x.rpm
authconfig-debuginfo-6.2.8-30.el7.s390x.rpm
authconfig-gtk-6.2.8-30.el7.s390x.rpm

x86_64:
authconfig-6.2.8-30.el7.x86_64.rpm
authconfig-debuginfo-6.2.8-30.el7.x86_64.rpm
authconfig-gtk-6.2.8-30.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
authconfig-6.2.8-30.el7.src.rpm

x86_64:
authconfig-6.2.8-30.el7.x86_64.rpm
authconfig-debuginfo-6.2.8-30.el7.x86_64.rpm
authconfig-gtk-6.2.8-30.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7488
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

[RHSA-2017:2338-01] Moderate: samba security update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: samba security update
Advisory ID:   RHSA-2017:2338-01
Product:   Red Hat Gluster Storage
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2338
Issue date:2017-08-01
CVE Names: CVE-2017-2619 CVE-2017-9461 
=

1. Summary:

An update for samba is now available for Red Hat Gluster Storage 3.2 for
Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Gluster 3.2 Samba on RHEL-7 - noarch, x86_64

3. Description:

Samba is an open-source implementation of the Server Message Block (SMB)
protocol and the related Common Internet File System (CIFS) protocol, which
allow PC-compatible machines to share files, printers, and various
information.

Security Fix(es):

* A race condition was found in samba server. A malicious samba client
could use this flaw to access files and directories, in areas of the server
file system not exported under the share definitions. (CVE-2017-2619)

* A flaw was found in the way Samba handled dangling symlinks. An
authenticated malicious Samba client could use this flaw to cause the smbd
daemon to enter an infinite loop and use an excessive amount of CPU and
memory. (CVE-2017-9461)

Red Hat would like to thank the Samba project for reporting CVE-2017-2619.
Upstream acknowledges Jann Horn (Google) as the original reporter of
CVE-2017-2619.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1429472 - CVE-2017-2619 samba: symlink race permits opening files outside share 
directory
1459464 - CVE-2017-9461 samba: fd_open_atomic infinite loop due to wrong 
handling of dangling symlinks
1465528 - RHEL7.4 Upgrade fails over RHGS 3.2.0 for samba ctdb packages

6. Package List:

Red Hat Gluster 3.2 Samba on RHEL-7:

Source:
samba-4.6.3-4.el7rhgs.src.rpm

noarch:
samba-common-4.6.3-4.el7rhgs.noarch.rpm
samba-pidl-4.6.3-4.el7rhgs.noarch.rpm

x86_64:
ctdb-4.6.3-4.el7rhgs.x86_64.rpm
ctdb-tests-4.6.3-4.el7rhgs.x86_64.rpm
libsmbclient-4.6.3-4.el7rhgs.x86_64.rpm
libsmbclient-devel-4.6.3-4.el7rhgs.x86_64.rpm
libwbclient-4.6.3-4.el7rhgs.x86_64.rpm
libwbclient-devel-4.6.3-4.el7rhgs.x86_64.rpm
samba-4.6.3-4.el7rhgs.x86_64.rpm
samba-client-4.6.3-4.el7rhgs.x86_64.rpm
samba-client-libs-4.6.3-4.el7rhgs.x86_64.rpm
samba-common-libs-4.6.3-4.el7rhgs.x86_64.rpm
samba-common-tools-4.6.3-4.el7rhgs.x86_64.rpm
samba-dc-4.6.3-4.el7rhgs.x86_64.rpm
samba-dc-libs-4.6.3-4.el7rhgs.x86_64.rpm
samba-debuginfo-4.6.3-4.el7rhgs.x86_64.rpm
samba-devel-4.6.3-4.el7rhgs.x86_64.rpm
samba-krb5-printing-4.6.3-4.el7rhgs.x86_64.rpm
samba-libs-4.6.3-4.el7rhgs.x86_64.rpm
samba-python-4.6.3-4.el7rhgs.x86_64.rpm
samba-test-4.6.3-4.el7rhgs.x86_64.rpm
samba-test-libs-4.6.3-4.el7rhgs.x86_64.rpm
samba-vfs-glusterfs-4.6.3-4.el7rhgs.x86_64.rpm
samba-winbind-4.6.3-4.el7rhgs.x86_64.rpm
samba-winbind-clients-4.6.3-4.el7rhgs.x86_64.rpm
samba-winbind-krb5-locator-4.6.3-4.el7rhgs.x86_64.rpm
samba-winbind-modules-4.6.3-4.el7rhgs.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-2619
https://access.redhat.com/security/cve/CVE-2017-9461
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZgDMRXlSAg2UNWIIRAmx7AJ4/yrWNAzO0L+QSTnhkGBUpBRSE0QCeO4za
WSjthzb7dTXz2qqQ6jWTeS0=
=/JaT
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2299-01] Moderate: NetworkManager and libnl3 security, bug fix and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: NetworkManager and libnl3 security, bug fix and 
enhancement update
Advisory ID:   RHSA-2017:2299-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2299
Issue date:2017-08-01
CVE Names: CVE-2017-0553 
=

1. Summary:

An update for NetworkManager, NetworkManager-libreswan, libnl3, and
network-manager-applet is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, 
ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

NetworkManager is a system network service that manages network devices and
connections, attempting to keep active network connectivity when available.
Its capabilities include managing Ethernet, wireless, mobile broadband
(WWAN), and PPPoE devices, as well as providing VPN integration with a
variety of different VPN services.

The libnl3 packages contain a convenience library that simplifies using the
Linux kernel's Netlink sockets interface for network manipulation.

The following packages have been upgraded to a later upstream version:
NetworkManager (1.8.0), network-manager-applet (1.8.0). (BZ#1413312,
BZ#1414103, BZ#1441621)

Security Fix(es) in the libnl3 component:

* An integer overflow leading to a heap-buffer overflow was found in the
libnl library. An attacker could use this flaw to cause an application
compiled with libnl to crash or possibly execute arbitrary code in the
context of the user running such an application. (CVE-2017-0553)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1231526 - nmcli slow with large numbers of VLANs
1256822 - [RFE] support ipv6 shared connections
1312359 - activating vlan on virtual device fails with: failed to determine 
interface name: error determine name for vlan
1344303 - hostnamectl set-hostname over-writes existing resolv.conf entries
1348198 - [RFE] cannot easily change active_slave
1349266 - NetworkManager adds extra options while bonding mode=6, which causes 
extra warning
1351263 - [review] lr/cli-ask-rh1351263: [RFE] allow passing -a to the end of 
nmcli command
1360386 - bond slaves of master which is slave of a bridge are sometimes not 
activated in installer
1367752 - startin team slave when master has invalid json config leads to 
infinite connecting state
1368353 - [NMCI] [abrt] [faf] NetworkManager: g_object_get_property(): 
/usr/bin/nmcli killed by 11
1369008 - Once NetworkManager is stopped, the ifcfg files it created via 
nmtui\cockpit are incompatible with initscripts, since MASTER=UUID instead of 
MASTER=device_name
1369380 - NetworkManager.service ignores commented 'ONBOOT=no # comment' lines 
in ifcfg
1369716 - Checkpoint/rollback improvements
1371126 - layer 2-only device is taken down when NetworkManager stops
1371433 - [RFE] Directly instruct NM to avoid controlling and monitoring a 
device.
1376199 - stalled eth1.80 vlan after restart and connection delete
1378418 - vlan device is down and lost ip once stopping NetworkManager
1380165 - [NMCI] just last address specified in novice mode is written into 
profile
1384937 - [NMCI] team activation timeout with incorrect setup
1386106 - NM fails to detect Red Hat VPN after first login
1388286 - Incorrect MAC address set on em1 after interface renaming
1388613 - [RFE] Allow setting the MTU of mobile broadband connections in 
NetworkManager
1391170 - nmcli should show output in non-pretty-printed form for parsing
1391477 - [bug] ifcfg-rh plugin fails to re-read valid connection 802-1x 
connection
1393853 - [NMCI] add team fails after clean install, NM service restart helps
1393997 - nmcli duplicates a connection  after a NetworkManager

[RHSA-2017:2292-01] Moderate: gnutls security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: gnutls security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:2292-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2292
Issue date:2017-08-01
CVE Names: CVE-2016-7444 CVE-2017-5334 CVE-2017-5335 
   CVE-2017-5336 CVE-2017-5337 CVE-2017-7507 
   CVE-2017-7869 
=

1. Summary:

An update for gnutls is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

The gnutls packages provide the GNU Transport Layer Security (GnuTLS)
library, which implements cryptographic algorithms and protocols such as
SSL, TLS, and DTLS.

The following packages have been upgraded to a later upstream version:
gnutls (3.3.26). (BZ#1378373)

Security Fix(es):

* A double-free flaw was found in the way GnuTLS parsed certain X.509
certificates with Proxy Certificate Information extension. An attacker
could create a specially-crafted certificate which, when processed by an
application compiled against GnuTLS, could cause that application to crash.
(CVE-2017-5334)

* Multiple flaws were found in the way gnutls processed OpenPGP
certificates. An attacker could create specially crafted OpenPGP
certificates which, when parsed by gnutls, would cause it to crash.
(CVE-2017-5335, CVE-2017-5336, CVE-2017-5337, CVE-2017-7869)

* A null pointer dereference flaw was found in the way GnuTLS processed
ClientHello messages with status_request extension. A remote attacker could
use this flaw to cause an application compiled with GnuTLS to crash.
(CVE-2017-7507)

* A flaw was found in the way GnuTLS validated certificates using OCSP
responses. This could falsely report a certificate as valid under certain
circumstances. (CVE-2016-7444)

The CVE-2017-7507 issue was discovered by Hubert Kario (Red Hat QE BaseOS
Security team).

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1335931 - gnutls: Disable TLS connections with less than 1024-bit DH parameters
1374266 - CVE-2016-7444 gnutls: Incorrect certificate validation when using 
OCSP responses (GNUTLS-SA-2016-3)
1375303 - gnutls trusts a certificate whose CA is both explicitly trusted and 
blacklisted
1375463 - doc update: certtool's manpage does not mention it cannot handle 
PKCS#11 URLs for certain options
1378373 - RFE: Add functions to set issuer and subject id in x509 certificates
1379283 - gnutls: Support the pin-value attribute in RFC7512 URLs
1379739 - gnutls: do not require trousers
1380642 - Cannot read encrypted PKCS#8 from OpenSSL
1383748 - GnuTLS parses only the first 32 extensions, ignoring the rest
1388932 - gnutls: interoperability issue 3.3.x vs. 3.5.5
1399232 - RFE: p11tool command misses the --id option
1411835 - CVE-2017-5334 gnutls: Double-free while decoding crafted X.509 
certificates
1411836 - CVE-2017-5337 gnutls: Heap read overflow in read-packet.c
1412235 - CVE-2017-5335 gnutls: Out of memory while parsing crafted OpenPGP 
certificate
1412236 - CVE-2017-5336 gnutls: Stack overflow in cdk_pk_get_keyid
1443033 - CVE-2017-7869 gnutls: Out-of-bounds write related to the cdk_pkt_read 
function (GNUTLS-SA-2017-3)
1454621 - CVE-2017-7507 gnutls: Crash upon receiving well-formed status_request 
extension

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
gnutls-3.3.26-9.el7.src.rpm

x86_64:
gnutls-3.3.26-9.el7.i686.rpm
gnutls-3.3.26-9.el7.x86_64.rpm
gnutls-dane-3.3.26-9.el7.i686.rpm
gnutls-dane-3.3.26-9.el7.x86_64.rpm
gnutls-debuginfo-3.3.26-9.el7.i686.rpm
gnutls-debuginfo-3.3.26-9.el7.x86_64.rpm
gnutls-utils-3.3.26-9.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
gnutls-c++-3.3.26-9.el7.i686.rpm
gnutls-c++-3.3.26-9.el7.x86_64.rpm
gnutls-debuginfo-3.3.26-9.el7.i686.rpm

[RHSA-2017:2180-01] Low: ghostscript security and bug fix update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Low: ghostscript security and bug fix update
Advisory ID:   RHSA-2017:2180-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2180
Issue date:2017-08-01
CVE Names: CVE-2017-7207 
=

1. Summary:

An update for ghostscript is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, 
ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

The Ghostscript suite contains utilities for rendering PostScript and PDF
documents. Ghostscript translates PostScript code to common bitmap formats
so that the code can be displayed or printed.

Security Fix(es):

* A NULL pointer dereference flaw was found in ghostscript's
mem_get_bits_rectangle function. A specially crafted postscript document
could cause a crash in the context of the gs process. (CVE-2017-7207)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1411725 - Ghostscript regression, .eps files no longer work
1424752 - ghostscript bug creates high CPU load and hangs
1434353 - CVE-2017-7207 ghostscript: NULL pointer dereference in 
mem_get_bits_rectangle()
1436273 - ghostscript update cause symbol lookup error

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
ghostscript-9.07-28.el7.src.rpm

x86_64:
ghostscript-9.07-28.el7.i686.rpm
ghostscript-9.07-28.el7.x86_64.rpm
ghostscript-cups-9.07-28.el7.x86_64.rpm
ghostscript-debuginfo-9.07-28.el7.i686.rpm
ghostscript-debuginfo-9.07-28.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:
ghostscript-doc-9.07-28.el7.noarch.rpm

x86_64:
ghostscript-debuginfo-9.07-28.el7.i686.rpm
ghostscript-debuginfo-9.07-28.el7.x86_64.rpm
ghostscript-devel-9.07-28.el7.i686.rpm
ghostscript-devel-9.07-28.el7.x86_64.rpm
ghostscript-gtk-9.07-28.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
ghostscript-9.07-28.el7.src.rpm

x86_64:
ghostscript-9.07-28.el7.i686.rpm
ghostscript-9.07-28.el7.x86_64.rpm
ghostscript-cups-9.07-28.el7.x86_64.rpm
ghostscript-debuginfo-9.07-28.el7.i686.rpm
ghostscript-debuginfo-9.07-28.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:
ghostscript-doc-9.07-28.el7.noarch.rpm

x86_64:
ghostscript-debuginfo-9.07-28.el7.i686.rpm
ghostscript-debuginfo-9.07-28.el7.x86_64.rpm
ghostscript-devel-9.07-28.el7.i686.rpm
ghostscript-devel-9.07-28.el7.x86_64.rpm
ghostscript-gtk-9.07-28.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
ghostscript-9.07-28.el7.src.rpm

aarch64:
ghostscript-9.07-28.el7.aarch64.rpm
ghostscript-cups-9.07-28.el7.aarch64.rpm
ghostscript-debuginfo-9.07-28.el7.aarch64.rpm

ppc64:
ghostscript-9.07-28.el7.ppc.rpm
ghostscript-9.07-28.el7.ppc64.rpm
ghostscript-cups-9.07-28.el7.ppc64.rpm
ghostscript-debuginfo-9.07-28.el7.ppc.rpm
ghostscript-debuginfo-9.07-28.el7.ppc64.rpm

ppc64le:
ghostscript-9.07-28.el7.ppc64le.rpm
ghostscript-cups-9.07-28.el7.ppc64le.rpm
ghostscript-debuginfo-9.07-28.el7.ppc64le.rpm

s390x:
ghostscript-9.07-28.el7.s390.rpm
ghostscript-9.07-28.el7.s390x.rpm
ghostscript-cups-9.07-28.el7.s390x.rpm
ghostscript-debuginfo-9.07-28.el7.s390.rpm
ghostscript-debuginfo-9.07-28.el7.s390x.rpm

x86_64:
ghostscript-9.07-28.el7.i686.rpm
ghostscript-9.07-28.el7.x86_64.rpm
ghostscript-cups-9.07-28.el7.x86_64.rpm
ghostscript-debuginfo-9.07-28.el7.i686.rpm
ghostscript-debuginfo-9.07-28.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

aarch64:
ghostscript-debuginfo-9.07-28.el7.aarch64.rpm
ghostscript-devel-9.07-28.el7.aarch64.rpm
ghostscript-gtk-9.07-28.el7.aarch64.rpm

noarch:
ghostscript-doc-9.07-28.el7.noarch.rpm

ppc64:
ghostscript-debuginfo-9.07-28.el7.ppc.rpm

[RHSA-2017:2389-01] Important: freeradius security update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: freeradius security update
Advisory ID:   RHSA-2017:2389-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2389
Issue date:2017-08-01
CVE Names: CVE-2017-10978 CVE-2017-10983 CVE-2017-10984 
   CVE-2017-10985 CVE-2017-10986 CVE-2017-10987 
=

1. Summary:

An update for freeradius is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

FreeRADIUS is a high-performance and highly configurable free Remote
Authentication Dial In User Service (RADIUS) server, designed to allow
centralized authentication and authorization for a network.

Security Fix(es):

* An out-of-bounds write flaw was found in the way FreeRADIUS server
handled certain attributes in request packets. A remote attacker could use
this flaw to crash the FreeRADIUS server or to execute arbitrary code in
the context of the FreeRADIUS server process by sending a specially crafted
request packet. (CVE-2017-10984)

* An out-of-bounds read and write flaw was found in the way FreeRADIUS
server handled RADIUS packets. A remote attacker could use this flaw to
crash the FreeRADIUS server by sending a specially crafted RADIUS packet.
(CVE-2017-10978)

* An out-of-bounds read flaw was found in the way FreeRADIUS server handled
decoding of DHCP packets. A remote attacker could use this flaw to crash
the FreeRADIUS server by sending a specially crafted DHCP request.
(CVE-2017-10983)

* A denial of service flaw was found in the way FreeRADIUS server handled
certain attributes in request packets. A remote attacker could use this
flaw to cause the FreeRADIUS server to enter an infinite loop, consume
increasing amounts of memory resources, and ultimately crash by sending a
specially crafted request packet. (CVE-2017-10985)

* Multiple out-of-bounds read flaws were found in the way FreeRADIUS server
handled decoding of DHCP packets. A remote attacker could use these flaws
to crash the FreeRADIUS server by sending a specially crafted DHCP request.
(CVE-2017-10986, CVE-2017-10987)

Red Hat would like to thank the FreeRADIUS project for reporting these
issues. Upstream acknowledges Guido Vranken as the original reporter of
these issues.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1468487 - CVE-2017-10978 freeradius: Out-of-bounds read/write due to improper 
output buffer size check in make_secret()
1468503 - CVE-2017-10983 freeradius: Out-of-bounds read in fr_dhcp_decode() 
when decoding option 63
1468549 - CVE-2017-10984 freeradius: Out-of-bounds write in data2vp_wimax()
1468550 - CVE-2017-10985 freeradius: Infinite loop and memory exhaustion with 
'concat' attributes
1468551 - CVE-2017-10986 freeradius: Infinite read in dhcp_attr2vp()
1468552 - CVE-2017-10987 freeradius: Buffer over-read in 
fr_dhcp_decode_suboptions()

6. Package List:

Red Hat Enterprise Linux Server (v. 7):

Source:
freeradius-3.0.13-8.el7_4.src.rpm

aarch64:
freeradius-3.0.13-8.el7_4.aarch64.rpm
freeradius-debuginfo-3.0.13-8.el7_4.aarch64.rpm

ppc64:
freeradius-3.0.13-8.el7_4.ppc64.rpm
freeradius-debuginfo-3.0.13-8.el7_4.ppc64.rpm

ppc64le:
freeradius-3.0.13-8.el7_4.ppc64le.rpm
freeradius-debuginfo-3.0.13-8.el7_4.ppc64le.rpm

s390x:
freeradius-3.0.13-8.el7_4.s390x.rpm
freeradius-debuginfo-3.0.13-8.el7_4.s390x.rpm

x86_64:
freeradius-3.0.13-8.el7_4.x86_64.rpm
freeradius-debuginfo-3.0.13-8.el7_4.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

aarch64:
freeradius-debuginfo-3.0.13-8.el7_4.aarch64.rpm
freeradius-devel-3.0.13-8.el7_4.aarch64.rpm
freeradius-doc-3.0.13-8.el7_4.aarch64.rpm
freeradius-krb5-3.0.13-8.el7_4.aarch64.rpm
freeradius-ldap-3.0.13-8.el7_4.aarch64.rpm
freeradius-mysql-3.0.13-8.el7_4.aarch64.rpm
freeradius-perl-3.0.13-8.el7_4.aarch64.rpm
freeradius-postgresql-3.0.13-8.el7_4.aarch64.rpm
freeradius-python-3.0.13-8.el7_4.aarch64.rpm
freeradius-sqlite-3.0.13-8.el7_4.aarch64.rpm
freeradius-unixODBC-3.0.13-8.el7_4.aarch64.rpm

[RHSA-2017:2388-01] Important: evince security update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: evince security update
Advisory ID:   RHSA-2017:2388-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2388
Issue date:2017-08-01
CVE Names: CVE-2017-183 
=

1. Summary:

An update for evince is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The evince packages provide a simple multi-page document viewer for
Portable Document Format (PDF), PostScript (PS), Encapsulated PostScript
(EPS) files, and, with additional back-ends, also the Device Independent
File format (DVI) files.

Security Fix(es):

* It was found that evince did not properly sanitize the command line which
is run to untar Comic Book Tar (CBT) files, thereby allowing command
injection. A specially crafted CBT file, when opened by evince or
evince-thumbnailer, could execute arbitrary commands in the context of the
evince program. (CVE-2017-183)

Red Hat would like to thank Felix Wilhelm (Google Security Team) for
reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1468488 - CVE-2017-183 evince: command injection via filename in 
tar-compressed comics archive

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
evince-3.22.1-5.2.el7_4.src.rpm

x86_64:
evince-3.22.1-5.2.el7_4.x86_64.rpm
evince-debuginfo-3.22.1-5.2.el7_4.i686.rpm
evince-debuginfo-3.22.1-5.2.el7_4.x86_64.rpm
evince-dvi-3.22.1-5.2.el7_4.x86_64.rpm
evince-libs-3.22.1-5.2.el7_4.i686.rpm
evince-libs-3.22.1-5.2.el7_4.x86_64.rpm
evince-nautilus-3.22.1-5.2.el7_4.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
evince-browser-plugin-3.22.1-5.2.el7_4.x86_64.rpm
evince-debuginfo-3.22.1-5.2.el7_4.i686.rpm
evince-debuginfo-3.22.1-5.2.el7_4.x86_64.rpm
evince-devel-3.22.1-5.2.el7_4.i686.rpm
evince-devel-3.22.1-5.2.el7_4.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
evince-3.22.1-5.2.el7_4.src.rpm

aarch64:
evince-3.22.1-5.2.el7_4.aarch64.rpm
evince-debuginfo-3.22.1-5.2.el7_4.aarch64.rpm
evince-dvi-3.22.1-5.2.el7_4.aarch64.rpm
evince-libs-3.22.1-5.2.el7_4.aarch64.rpm
evince-nautilus-3.22.1-5.2.el7_4.aarch64.rpm

ppc64:
evince-3.22.1-5.2.el7_4.ppc64.rpm
evince-debuginfo-3.22.1-5.2.el7_4.ppc.rpm
evince-debuginfo-3.22.1-5.2.el7_4.ppc64.rpm
evince-dvi-3.22.1-5.2.el7_4.ppc64.rpm
evince-libs-3.22.1-5.2.el7_4.ppc.rpm
evince-libs-3.22.1-5.2.el7_4.ppc64.rpm
evince-nautilus-3.22.1-5.2.el7_4.ppc64.rpm

ppc64le:
evince-3.22.1-5.2.el7_4.ppc64le.rpm
evince-debuginfo-3.22.1-5.2.el7_4.ppc64le.rpm
evince-dvi-3.22.1-5.2.el7_4.ppc64le.rpm
evince-libs-3.22.1-5.2.el7_4.ppc64le.rpm
evince-nautilus-3.22.1-5.2.el7_4.ppc64le.rpm

s390x:
evince-3.22.1-5.2.el7_4.s390x.rpm
evince-debuginfo-3.22.1-5.2.el7_4.s390.rpm
evince-debuginfo-3.22.1-5.2.el7_4.s390x.rpm
evince-dvi-3.22.1-5.2.el7_4.s390x.rpm
evince-libs-3.22.1-5.2.el7_4.s390.rpm
evince-libs-3.22.1-5.2.el7_4.s390x.rpm
evince-nautilus-3.22.1-5.2.el7_4.s390x.rpm

x86_64:
evince-3.22.1-5.2.el7_4.x86_64.rpm
evince-debuginfo-3.22.1-5.2.el7_4.i686.rpm
evince-debuginfo-3.22.1-5.2.el7_4.x86_64.rpm
evince-dvi-3.22.1-5.2.el7_4.x86_64.rpm
evince-libs-3.22.1-5.2.el7_4.i686.rpm
evince-libs-3.22.1-5.2.el7_4.x86_64.rpm
evince-nautilus-3.22.1-5.2.el7_4.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

aarch64:
evince-browser-plugin-3.22.1-5.2.el7_4.aarch64.rpm
evince-debuginfo-3.22.1-5.2.el7_4.aarch64.rpm
evince-devel-3.22.1-5.2.el7_4.aarch64.rpm

ppc64:
evince-browser-plugin-3.22.1-5.2.el7_4.ppc64.rpm
evince-debuginfo-3.22.1-5.2.el7_4.ppc.rpm
evince-debuginfo-3.22.1-5.2.el7_4.ppc64.rpm
evince-devel-3.22.1-5.2.el7_4.ppc.rpm
evince-devel-3.22.1-5.2.el7_4.ppc64.rpm

ppc64le:
evince-browser-plugin-3.22.1-5.2.el7_4.ppc64le.rpm
evince-debuginfo-3.22.1-5.2.el7_4.ppc64le.rpm
evince-devel-3.22.1-5.2.el7_4.ppc64le.rpm

s390x:
evince-browser-plugin-3.22.1-5.2.el7_4.s390x.rpm

[RHSA-2017:2247-01] Low: tomcat security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Low: tomcat security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:2247-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2247
Issue date:2017-08-01
CVE Names: CVE-2016-0762 CVE-2016-5018 CVE-2016-6794 
   CVE-2016-6796 CVE-2016-6797 
=

1. Summary:

An update for tomcat is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch
Red Hat Enterprise Linux Client Optional (v. 7) - noarch
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch
Red Hat Enterprise Linux Server (v. 7) - noarch
Red Hat Enterprise Linux Server Optional (v. 7) - noarch
Red Hat Enterprise Linux Workstation (v. 7) - noarch
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch

3. Description:

Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.

The following packages have been upgraded to a later upstream version:
tomcat (7.0.76). (BZ#1414895)

Security Fix(es):

* The Realm implementations did not process the supplied password if the
supplied user name did not exist. This made a timing attack possible to
determine valid user names. Note that the default configuration includes
the LockOutRealm which makes exploitation of this vulnerability harder.
(CVE-2016-0762)

* It was discovered that a malicious web application could bypass a
configured SecurityManager via a Tomcat utility method that was accessible
to web applications. (CVE-2016-5018)

* It was discovered that when a SecurityManager was configured, Tomcat's
system property replacement feature for configuration files could be used
by a malicious web application to bypass the SecurityManager and read
system properties that should not be visible. (CVE-2016-6794)

* It was discovered that a malicious web application could bypass a
configured SecurityManager via manipulation of the configuration parameters
for the JSP Servlet. (CVE-2016-6796)

* It was discovered that it was possible for a web application to access
any global JNDI resource whether an explicit ResourceLink had been
configured or not. (CVE-2016-6797)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1390493 - CVE-2016-6797 tomcat: unrestricted access to global resources
1390515 - CVE-2016-6796 tomcat: security manager bypass via JSP Servlet config 
parameters
1390520 - CVE-2016-6794 tomcat: system property disclosure
1390525 - CVE-2016-5018 tomcat: security manager bypass via IntrospectHelper 
utility function
1390526 - CVE-2016-0762 tomcat: timing attack in Realm implementation
1411738 - Please update tomcat to >= 7.0.70 to fix ASF Bugzilla – Bug 59619
1414895 - Rebase tomcat to the current release

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
tomcat-7.0.76-2.el7.src.rpm

noarch:
tomcat-servlet-3.0-api-7.0.76-2.el7.noarch.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:
tomcat-7.0.76-2.el7.noarch.rpm
tomcat-admin-webapps-7.0.76-2.el7.noarch.rpm
tomcat-docs-webapp-7.0.76-2.el7.noarch.rpm
tomcat-el-2.2-api-7.0.76-2.el7.noarch.rpm
tomcat-javadoc-7.0.76-2.el7.noarch.rpm
tomcat-jsp-2.2-api-7.0.76-2.el7.noarch.rpm
tomcat-jsvc-7.0.76-2.el7.noarch.rpm
tomcat-lib-7.0.76-2.el7.noarch.rpm
tomcat-webapps-7.0.76-2.el7.noarch.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
tomcat-7.0.76-2.el7.src.rpm

noarch:
tomcat-servlet-3.0-api-7.0.76-2.el7.noarch.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:
tomcat-7.0.76-2.el7.noarch.rpm
tomcat-admin-webapps-7.0.76-2.el7.noarch.rpm
tomcat-docs-webapp-7.0.76-2.el7.noarch.rpm
tomcat-el-2.2-api-7.0.76-2.el7.noarch.rpm
tomcat-javadoc-7.0.76-2.el7.noarch.rpm
tomcat-jsp-2.2-api-7.0.76-2.el7.noarch.rpm
tomcat-jsvc-7.0.76-2.el7.noarch.rpm
tomcat-lib-7.0.76-2.el7.noarch.rpm
tomcat-webapps-7.0.76-2.el7.noarch.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
tomcat-7.0.76-2.el7.src.rpm

noarch:
tomcat-7.0.76-2.el7.noarch.rpm
tomcat-admin-webapps-7.0.76-2.el7.noarch.rpm
tomcat-el-2.2-api-7.0.76-2.el7.noarch.rpm

[RHSA-2017:2390-01] Moderate: qemu-kvm-rhev security update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: qemu-kvm-rhev security update
Advisory ID:   RHSA-2017:2390-01
Product:   Red Hat Virtualization
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2390
Issue date:2017-08-01
CVE Names: CVE-2017-10664 
=

1. Summary:

An update for qemu-kvm-rhev is now available for RHEV 3.X Hypervisor and
Agents for RHEL-7 and RHEV 4.X RHEV-H and Agents for RHEL-7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Managment Agent for RHEL 7 Hosts - ppc64le, x86_64
RHEV-H and VDSM for 7 Hosts - ppc64le, x86_64

3. Description:

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm-rhev packages provide the
user-space component for running virtual machines that use KVM in
environments managed by Red Hat products.

Security Fix(es):

* Quick Emulator (QEMU) built with the Network Block Device (NBD) Server
support is vulnerable to a crash via a SIGPIPE signal. The crash can occur
if a client aborts a connection due to any failure during negotiation or
read operation. A remote user/process could use this flaw to crash the
qemu-nbd server resulting in a DoS. (CVE-2017-10664)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1466190 - CVE-2017-10664 Qemu: qemu-nbd: server breaks with SIGPIPE upon client 
abort
1471076 - unbreak virtio-scsi for vIOMMU
1473145 - Wrong allocation value after virDomainBlockCopy() (alloc=capacity)

6. Package List:

Managment Agent for RHEL 7 Hosts:

Source:
qemu-kvm-rhev-2.9.0-16.el7_4.3.src.rpm

ppc64le:
qemu-img-rhev-2.9.0-16.el7_4.3.ppc64le.rpm
qemu-kvm-common-rhev-2.9.0-16.el7_4.3.ppc64le.rpm
qemu-kvm-rhev-2.9.0-16.el7_4.3.ppc64le.rpm
qemu-kvm-rhev-debuginfo-2.9.0-16.el7_4.3.ppc64le.rpm
qemu-kvm-tools-rhev-2.9.0-16.el7_4.3.ppc64le.rpm

x86_64:
qemu-img-rhev-2.9.0-16.el7_4.3.x86_64.rpm
qemu-kvm-common-rhev-2.9.0-16.el7_4.3.x86_64.rpm
qemu-kvm-rhev-2.9.0-16.el7_4.3.x86_64.rpm
qemu-kvm-rhev-debuginfo-2.9.0-16.el7_4.3.x86_64.rpm
qemu-kvm-tools-rhev-2.9.0-16.el7_4.3.x86_64.rpm

RHEV-H and VDSM for 7 Hosts:

Source:
qemu-kvm-rhev-2.9.0-16.el7_4.3.src.rpm

ppc64le:
qemu-img-rhev-2.9.0-16.el7_4.3.ppc64le.rpm
qemu-kvm-common-rhev-2.9.0-16.el7_4.3.ppc64le.rpm
qemu-kvm-rhev-2.9.0-16.el7_4.3.ppc64le.rpm
qemu-kvm-rhev-debuginfo-2.9.0-16.el7_4.3.ppc64le.rpm
qemu-kvm-tools-rhev-2.9.0-16.el7_4.3.ppc64le.rpm

x86_64:
qemu-img-rhev-2.9.0-16.el7_4.3.x86_64.rpm
qemu-kvm-common-rhev-2.9.0-16.el7_4.3.x86_64.rpm
qemu-kvm-rhev-2.9.0-16.el7_4.3.x86_64.rpm
qemu-kvm-rhev-debuginfo-2.9.0-16.el7_4.3.x86_64.rpm
qemu-kvm-tools-rhev-2.9.0-16.el7_4.3.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-10664
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZgQy9XlSAg2UNWIIRAusAAJ9aGi9InuU0g7xpEO5newuM0VCqYwCfdnJ7
LrlIpVBbpx/eZs7+hzmw3BE=
=cIub
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2392-01] Important: qemu-kvm-rhev security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: qemu-kvm-rhev security, bug fix, and enhancement 
update
Advisory ID:   RHSA-2017:2392-01
Product:   Red Hat Virtualization
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2392
Issue date:2017-08-01
CVE Names: CVE-2016-10155 CVE-2016-4020 CVE-2016-6835 
   CVE-2016-6888 CVE-2016-7422 CVE-2016-7466 
   CVE-2016-8576 CVE-2016-8669 CVE-2016-8909 
   CVE-2016-8910 CVE-2016-9907 CVE-2016-9911 
   CVE-2016-9921 CVE-2016-9922 CVE-2017-2630 
   CVE-2017-5579 CVE-2017-5898 CVE-2017-5973 
   CVE-2017-9310 CVE-2017-9373 CVE-2017-9374 
   CVE-2017-9375 
=

1. Summary:

An update for qemu-kvm-rhev is now available for RHEV 4.X RHEV-H and Agents
for RHEL-7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Managment Agent for RHEL 7 Hosts - ppc64le, x86_64

3. Description:

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm-rhev packages provide the
user-space component for running virtual machines that use KVM in
environments managed by Red Hat products.

The following packages have been upgraded to a later upstream version:
qemu-kvm-rhev (2.9.0). (BZ#1387372, BZ#1387600, BZ#1400962)

Security Fix(es):

* A stack buffer overflow flaw was found in the Quick Emulator (QEMU) built
with the Network Block Device (NBD) client support. The flaw could occur
while processing server's response to a 'NBD_OPT_LIST' request. A malicious
NBD server could use this issue to crash a remote NBD client resulting in
DoS or potentially execute arbitrary code on client host with privileges of
the QEMU process. (CVE-2017-2630)

* An integer overflow flaw was found in Quick Emulator (QEMU) in the CCID
Card device support. The flaw could occur while passing messages via
command/response packets to and from the host. A privileged user inside a
guest could use this flaw to crash the QEMU process. (CVE-2017-5898)

* An information exposure flaw was found in Quick Emulator (QEMU) in Task
Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw
could occur while accessing TPR. A privileged user inside a guest could use
this issue to read portions of the host memory. (CVE-2016-4020)

* A memory-leak flaw was found in the Quick Emulator(QEMU) built with USB
xHCI controller emulation support. The flaw could occur while doing a
USB-device unplug operation. Unplugging the device repeatedly resulted in
leaking host memory, affecting other services on the host. A privileged
user inside the guest could exploit this flaw to cause a denial of service
on the host or potentially crash the host's QEMU process instance.
(CVE-2016-7466)

* Multiple CVEs(CVE-2016-10155, CVE-2016-4020, CVE-2016-6835,
CVE-2016-6888, CVE-2016-7422, CVE-2016-7466, CVE-2016-8576, CVE-2016-8669,
CVE-2016-8909, CVE-2016-8910, CVE-2016-9907, CVE-2016-9911, CVE-2016-9921,
CVE-2016-9922, CVE-2017-2630, CVE-2017-5579, CVE-2017-5898, CVE-2017-5973,
CVE-2017-9310, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375) were fixed as
result of rebase to QEMU version 2.9.0.

Red Hat would like to thank Li Qiang (Qihoo 360 Inc.) for reporting
CVE-2016-6835 and CVE-2016-6888; Li Qiang (360.cn Inc.) for reporting
CVE-2017-5898, CVE-2016-7466, CVE-2016-10155, CVE-2017-5579, and
CVE-2017-5973; Donghai Zdh (Alibaba Inc.) for reporting CVE-2016-4020;
Qinghao Tang (Marvel Team 360.cn Inc.) and Zhenhao Hong (Marvel Team 360.cn
Inc.) for reporting CVE-2016-7422; PSIRT (Huawei Inc.) for reporting
CVE-2016-8669; Andrew Henderson (Intelligent Automation Inc.) for reporting
CVE-2016-8910; Qinghao Tang (Qihoo 360), Li Qiang (Qihoo 360), and Jiangxin
(Huawei Inc.) for reporting CVE-2016-9921 and CVE-2016-9922; and Li Qiang
(Qihoo 360 Gear Team) for reporting CVE-2017-9310, CVE-2017-9373,
CVE-2017-9374, and CVE-2017-9375.

Additional Changes:

This update also fixes several bugs and adds various enhancements.
Documentation for these changes is available from the Release Notes
document linked to in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.

5. Bugs fixed

[RHSA-2017:2128-01] Moderate: gdm and gnome-session security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: gdm and gnome-session security, bug fix, and 
enhancement update
Advisory ID:   RHSA-2017:2128-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2128
Issue date:2017-08-01
CVE Names: CVE-2015-7496 
=

1. Summary:

An update for gdm and gnome-session is now available for Red Hat Enterprise
Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The GNOME Display Manager (GDM) provides the graphical login screen shown
shortly after boot up, log out, and when user-switching.

The following packages have been upgraded to a later upstream version: gdm
(3.22.3), gnome-session (3.22.3). (BZ#1386862, BZ#1386957)

Security Fix(es):

* It was found that gdm could crash due to a signal handler dispatched to
an invalid conversation. An attacker could crash gdm by holding the escape
key when the screen is locked, possibly bypassing the locked screen.
(CVE-2015-7496)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

GDM must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1273156 - GDM does not work with XDMCP indirect
1283279 - CVE-2015-7496 gdm: Crash when holding Escape in log screen
1373837 - gdm not starting because of error in config
1386862 - rebase gdm to 3.22.x
1386957 - rebase gnome-session to 3.22.x
1392970 - gnome-session-failed segfaults on hard GDM service stop
1448209 - Locked screen does not show a message to insert the smartcard when 
smartcard is removed
1449632 - Fuzzy translations in de, es, fr, it, ja, ko, pt_BR, ru, zh_CN, zh_TW

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
gdm-3.22.3-11.el7.src.rpm
gnome-session-3.22.3-4.el7.src.rpm

x86_64:
gdm-3.22.3-11.el7.i686.rpm
gdm-3.22.3-11.el7.x86_64.rpm
gdm-debuginfo-3.22.3-11.el7.i686.rpm
gdm-debuginfo-3.22.3-11.el7.x86_64.rpm
gnome-session-3.22.3-4.el7.x86_64.rpm
gnome-session-debuginfo-3.22.3-4.el7.x86_64.rpm
gnome-session-xsession-3.22.3-4.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
gdm-debuginfo-3.22.3-11.el7.i686.rpm
gdm-debuginfo-3.22.3-11.el7.x86_64.rpm
gdm-devel-3.22.3-11.el7.i686.rpm
gdm-devel-3.22.3-11.el7.x86_64.rpm
gnome-session-custom-session-3.22.3-4.el7.x86_64.rpm
gnome-session-debuginfo-3.22.3-4.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
gdm-3.22.3-11.el7.src.rpm
gnome-session-3.22.3-4.el7.src.rpm

x86_64:
gdm-3.22.3-11.el7.i686.rpm
gdm-3.22.3-11.el7.x86_64.rpm
gdm-debuginfo-3.22.3-11.el7.i686.rpm
gdm-debuginfo-3.22.3-11.el7.x86_64.rpm
gdm-devel-3.22.3-11.el7.i686.rpm
gdm-devel-3.22.3-11.el7.x86_64.rpm
gnome-session-3.22.3-4.el7.x86_64.rpm
gnome-session-custom-session-3.22.3-4.el7.x86_64.rpm
gnome-session-debuginfo-3.22.3-4.el7.x86_64.rpm
gnome-session-xsession-3.22.3-4.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
gdm-3.22.3-11.el7.src.rpm
gnome-session-3.22.3-4.el7.src.rpm

aarch64:
gdm-3.22.3-11.el7.aarch64.rpm
gdm-debuginfo-3.22.3-11.el7.aarch64.rpm
gnome-session-3.22.3-4.el7.aarch64.rpm
gnome-session-debuginfo-3.22.3-4.el7.aarch64.rpm
gnome-session-xsession-3.22.3-4.el7.aarch64.rpm

ppc64:
gdm-3.22.3-11.el7.ppc.rpm
gdm-3.22.3-11.el7.ppc64.rpm
gdm-debuginfo-3.22.3-11.el7.ppc.rpm
gdm-debuginfo-3.22.3-11.el7.ppc64.rpm
gnome-session-3.22.3-4.el7.ppc64.rpm
gnome-session-debuginfo-3.22.3-4.el7.ppc64.rpm
gnome-session-xsession-3.22.3-4.el7.ppc64.rpm

ppc64le:
gdm-3.22.3-11.el7.ppc64le.rpm
gdm-debuginfo-3.22.3-11.el7.ppc64le.rpm
gnome-session-3.22.3-4.el7.ppc64le.rpm
gnome-session-debuginfo-3.22.3-4.el7.ppc64le.rpm
gnome-session-xsession-3.22.3-4.el7.ppc64le.rpm

s390x:
gdm-3.22.3-11.el7.s390.rpm
gdm-3.22.3-11.el7.s390x.rpm
gdm-debuginfo-3.22.3-11.el7.s390.rpm

[RHSA-2017:2412-01] Important: kernel security and bug fix update

2017-08-02 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security and bug fix update
Advisory ID:   RHSA-2017:2412-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2412
Issue date:2017-08-02
CVE Names: CVE-2017-7895 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 5
Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server (v. 5 ELS) - i386, noarch, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

Bug Fix(es):

* When upgrading to kernel with the fix for stack guard flaw, a crash could
occur in Java Virtual Machine (JVM) environments, which attempted to
implement their own stack guard page. With this update, the underlying
source code has been fixed to consider the PROT_NONE mapping as a part of
the stack, and the crash in JVM no longer occurs under the described
circumstances. (BZ#1467938)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload 
bounds checking of WRITE requests

6. Package List:

Red Hat Enterprise Linux Server (v. 5 ELS):

Source:
kernel-2.6.18-422.el5.src.rpm

i386:
kernel-2.6.18-422.el5.i686.rpm
kernel-PAE-2.6.18-422.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-422.el5.i686.rpm
kernel-PAE-devel-2.6.18-422.el5.i686.rpm
kernel-debug-2.6.18-422.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-422.el5.i686.rpm
kernel-debug-devel-2.6.18-422.el5.i686.rpm
kernel-debuginfo-2.6.18-422.el5.i686.rpm
kernel-debuginfo-common-2.6.18-422.el5.i686.rpm
kernel-devel-2.6.18-422.el5.i686.rpm
kernel-headers-2.6.18-422.el5.i386.rpm
kernel-xen-2.6.18-422.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-422.el5.i686.rpm
kernel-xen-devel-2.6.18-422.el5.i686.rpm

noarch:
kernel-doc-2.6.18-422.el5.noarch.rpm

s390x:
kernel-2.6.18-422.el5.s390x.rpm
kernel-debug-2.6.18-422.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-422.el5.s390x.rpm
kernel-debug-devel-2.6.18-422.el5.s390x.rpm
kernel-debuginfo-2.6.18-422.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-422.el5.s390x.rpm
kernel-devel-2.6.18-422.el5.s390x.rpm
kernel-headers-2.6.18-422.el5.s390x.rpm
kernel-kdump-2.6.18-422.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-422.el5.s390x.rpm
kernel-kdump-devel-2.6.18-422.el5.s390x.rpm

x86_64:
kernel-2.6.18-422.el5.x86_64.rpm
kernel-debug-2.6.18-422.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-422.el5.x86_64.rpm
kernel-debug-devel-2.6.18-422.el5.x86_64.rpm
kernel-debuginfo-2.6.18-422.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-422.el5.x86_64.rpm
kernel-devel-2.6.18-422.el5.x86_64.rpm
kernel-headers-2.6.18-422.el5.x86_64.rpm
kernel-xen-2.6.18-422.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-422.el5.x86_64.rpm
kernel-xen-devel-2.6.18-422.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7895
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZgaOFXlSAg2UNWIIRAhPxAJ9v7ACgNckbaAjtH+oFe4cP1jWNVQCeNiIC
d1jNey2cSZGOKsTjj7R/FNY=
=dU8N
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2000-01] Moderate: tigervnc and fltk security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: tigervnc and fltk security, bug fix, and 
enhancement update
Advisory ID:   RHSA-2017:2000-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2000
Issue date:2017-08-01
CVE Names: CVE-2016-10207 CVE-2017-5581 CVE-2017-7392 
   CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 
   CVE-2017-7396 
=

1. Summary:

An update for tigervnc and fltk is now available for Red Hat Enterprise
Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, 
ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

Virtual Network Computing (VNC) is a remote display system which allows
users to view a computing desktop environment not only on the machine where
it is running, but from anywhere on the Internet and from a wide variety of
machine architectures. TigerVNC is a suite of VNC servers and clients which
allows users to connect to other desktops running a VNC server.

FLTK (pronounced "fulltick") is a cross-platform C++ GUI toolkit. It
provides modern GUI functionality without the bloat, and supports 3D
graphics via OpenGL and its built-in GLUT emulation.

The following packages have been upgraded to a later upstream version:
tigervnc (1.8.0), fltk (1.3.4). (BZ#1388620, BZ#1413598)

Security Fix(es):

* A denial of service flaw was found in the TigerVNC's Xvnc server. A
remote unauthenticated attacker could use this flaw to make Xvnc crash by
terminating the TLS handshake process early. (CVE-2016-10207)

* A double free flaw was found in the way TigerVNC handled ClientFence
messages. A remote, authenticated attacker could use this flaw to make Xvnc
crash by sending specially crafted ClientFence messages, resulting in
denial of service. (CVE-2017-7393)

* A missing input sanitization flaw was found in the way TigerVNC handled
credentials. A remote unauthenticated attacker could use this flaw to make
Xvnc crash by sending specially crafted usernames, resulting in denial of
service. (CVE-2017-7394)

* An integer overflow flaw was found in the way TigerVNC handled
ClientCutText messages. A remote, authenticated attacker could use this
flaw to make Xvnc crash by sending specially crafted ClientCutText
messages, resulting in denial of service. (CVE-2017-7395)

* A buffer overflow flaw, leading to memory corruption, was found in
TigerVNC viewer. A remote malicious VNC server could use this flaw to crash
the client vncviewer process resulting in denial of service.
(CVE-2017-5581)

* A memory leak flaw was found in the way TigerVNC handled termination of
VeNCrypt connections. A remote unauthenticated attacker could repeatedly
send connection requests to the Xvnc server, causing it to consume large
amounts of memory resources over time, and ultimately leading to a denial
of service due to memory exhaustion. (CVE-2017-7392)

* A memory leak flaw was found in the way TigerVNC handled client
connections. A remote unauthenticated attacker could repeatedly send
connection requests to the Xvnc server, causing it to consume large amounts
of memory resources over time, and ultimately leading to a denial of
service due to memory exhaustion. (CVE-2017-7396)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1343899 - Disabling vncconfig window
1358090 - shared memory leakage in vncviewer
1388620 - [REBASE] Tigervnc from 1.3 to 1.8
1393971 - [RFE] systemd unit for Xvnc (not vncserver)
1410164 - tigervnc-server fails to remove /tmp files if not gracefully shut down
1413598 - [REBASE] Update fltk to 1.3.4 for tigervnc
1415547 - Rebuilding tigervnc SRPM stops at applying Patch101
1415712 -

[RHSA-2017:1983-01] Moderate: postgresql security and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: postgresql security and enhancement update
Advisory ID:   RHSA-2017:1983-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1983
Issue date:2017-08-01
CVE Names: CVE-2017-7484 CVE-2017-7486 
=

1. Summary:

An update for postgresql is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (9.2.21). (BZ#1449706)

Security Fix(es):

* It was found that some selectivity estimation functions did not check
user privileges before providing information from pg_statistic, possibly
leaking information. A non-administrative database user could use this flaw
to steal some information from tables they are otherwise not allowed to
access. (CVE-2017-7484)

* It was found that the pg_user_mappings view could disclose information
about user mappings to a foreign database to non-administrative database
users. A database user with USAGE privilege for this mapping could, when
querying the view, obtain user mapping data, such as the username and
password used to connect to the foreign database. (CVE-2017-7486)

Red Hat would like to thank the PostgreSQL project for reporting these
issues. Upstream acknowledges Robert Haas as the original reporter of
CVE-2017-7484; and Andrew Wheelwright as the original reporter of
CVE-2017-7486.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1305979 - feature request: include libpgport.a in postgresql-devel (or its 
dynamic version somewhere)
1448078 - CVE-2017-7484 postgresql: Selectivity estimators bypass SELECT 
privilege checks
1448089 - CVE-2017-7486 postgresql: pg_user_mappings view discloses foreign 
server passwords

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
postgresql-9.2.21-1.el7.src.rpm

x86_64:
postgresql-debuginfo-9.2.21-1.el7.i686.rpm
postgresql-debuginfo-9.2.21-1.el7.x86_64.rpm
postgresql-libs-9.2.21-1.el7.i686.rpm
postgresql-libs-9.2.21-1.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
postgresql-9.2.21-1.el7.i686.rpm
postgresql-9.2.21-1.el7.x86_64.rpm
postgresql-contrib-9.2.21-1.el7.x86_64.rpm
postgresql-debuginfo-9.2.21-1.el7.i686.rpm
postgresql-debuginfo-9.2.21-1.el7.x86_64.rpm
postgresql-devel-9.2.21-1.el7.i686.rpm
postgresql-devel-9.2.21-1.el7.x86_64.rpm
postgresql-docs-9.2.21-1.el7.x86_64.rpm
postgresql-plperl-9.2.21-1.el7.x86_64.rpm
postgresql-plpython-9.2.21-1.el7.x86_64.rpm
postgresql-pltcl-9.2.21-1.el7.x86_64.rpm
postgresql-server-9.2.21-1.el7.x86_64.rpm
postgresql-static-9.2.21-1.el7.i686.rpm
postgresql-static-9.2.21-1.el7.x86_64.rpm
postgresql-test-9.2.21-1.el7.x86_64.rpm
postgresql-upgrade-9.2.21-1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
postgresql-9.2.21-1.el7.src.rpm

x86_64:
postgresql-9.2.21-1.el7.x86_64.rpm
postgresql-debuginfo-9.2.21-1.el7.i686.rpm
postgresql-debuginfo-9.2.21-1.el7.x86_64.rpm
postgresql-libs-9.2.21-1.el7.i686.rpm
postgresql-libs-9.2.21-1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
postgresql-9.2.21-1.el7.i686.rpm
postgresql-contrib-9.2.21-1.el7.x86_64.rpm
postgresql-debuginfo-9.2.21-1.el7.i686.rpm
postgresql-debuginfo-9.2.21-1.el7.x86_64.rpm
postgresql-devel-9.2.21-1.el7.i686.rpm
postgresql-devel-9.2.21-1.el7.x86_64.rpm
postgresql-docs-9.2.21-1.el7.x86_64.rpm
postgresql-plperl-9.2.21-1.el7.x86_64.rpm

[RHSA-2017:1854-01] Moderate: pidgin security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: pidgin security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:1854-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1854
Issue date:2017-08-01
CVE Names: CVE-2014-3694 CVE-2014-3695 CVE-2014-3696 
   CVE-2014-3698 CVE-2017-2640 
=

1. Summary:

An update for pidgin is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Pidgin is an instant messaging program which can log in to multiple
accounts on multiple instant messaging networks simultaneously.

The following packages have been upgraded to a later upstream version:
pidgin (2.10.11). (BZ#1369526)

Security Fix(es):

* A denial of service flaw was found in the way Pidgin's Mxit plug-in
handled emoticons. A malicious remote server or a man-in-the-middle
attacker could potentially use this flaw to crash Pidgin by sending a
specially crafted emoticon. (CVE-2014-3695)

* A denial of service flaw was found in the way Pidgin parsed Groupwise
server messages. A malicious remote server or a man-in-the-middle attacker
could potentially use this flaw to cause Pidgin to consume an excessive
amount of memory, possibly leading to a crash, by sending a specially
crafted message. (CVE-2014-3696)

* An information disclosure flaw was discovered in the way Pidgin parsed
XMPP messages. A malicious remote server or a man-in-the-middle attacker
could potentially use this flaw to disclose a portion of memory belonging
to the Pidgin process by sending a specially crafted XMPP message.
(CVE-2014-3698)

* An out-of-bounds write flaw was found in the way Pidgin processed XML
content. A malicious remote server could potentially use this flaw to crash
Pidgin or execute arbitrary code in the context of the pidgin process.
(CVE-2017-2640)

* It was found that Pidgin's SSL/TLS plug-ins had a flaw in the certificate
validation functionality. An attacker could use this flaw to create a fake
certificate, that Pidgin would trust, which could be used to conduct
man-in-the-middle attacks against Pidgin. (CVE-2014-3694)

Red Hat would like to thank the Pidgin project for reporting these issues.
Upstream acknowledges Yves Younan (Cisco Talos) and Richard Johnson (Cisco
Talos) as the original reporters of CVE-2014-3695 and CVE-2014-3696; Thijs
Alkemade and Paul Aurich as the original reporters of CVE-2014-3698; and
Jacob Appelbaum and Moxie Marlinspike as the original reporters of
CVE-2014-3694.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

Pidgin must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1154908 - CVE-2014-3694 pidgin: SSL/TLS plug-ins failed to check Basic 
Constraints
1154909 - CVE-2014-3695 pidgin: crash in Mxit protocol plug-in
1154910 - CVE-2014-3696 pidgin: denial of service parsing Groupwise server 
message
1154911 - CVE-2014-3698 pidgin: remote information leak via crafted XMPP message
1369526 - Rebase pidgin to a newer upstream release
1430019 - CVE-2017-2640 pidgin: Out-of-bounds write in 
purple_markup_unescape_entity triggered by invalid XML
1439296 - Disable MXit
1445921 - jingle_rtp_initiate_media: 'resource' is used after being freed in an 
error path
1446368 - Silence -Wsign-compare

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
pidgin-2.10.11-5.el7.src.rpm

x86_64:
libpurple-2.10.11-5.el7.i686.rpm
libpurple-2.10.11-5.el7.x86_64.rpm
pidgin-2.10.11-5.el7.x86_64.rpm
pidgin-debuginfo-2.10.11-5.el7.i686.rpm
pidgin-debuginfo-2.10.11-5.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
finch-2.10.11-5.el7.i686.rpm
finch-2.10.11-5.el7.x86_64.rpm
finch-devel-2.10.11-5.el7.i686.rpm
finch-devel-2.10.11-5.el7.x86_64.rpm

[RHSA-2017:1868-01] Moderate: python security and bug fix update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: python security and bug fix update
Advisory ID:   RHSA-2017:1868-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1868
Issue date:2017-08-01
CVE Names: CVE-2014-9365 
=

1. Summary:

An update for python is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Python is an interpreted, interactive, object-oriented programming
language, which includes modules, classes, exceptions, very high level
dynamic data types and dynamic typing. Python supports interfaces to many
system calls and libraries, as well as to various windowing systems.

Security Fix(es):

* The Python standard library HTTP client modules (such as httplib or
urllib) did not perform verification of TLS/SSL certificates when
connecting to HTTPS servers. A man-in-the-middle attacker could use this
flaw to hijack connections and eavesdrop or modify transferred data.
(CVE-2014-9365)

Note: The Python standard library was updated to enable certificate
verification by default. Refer to the Knowledgebase article 2039753 linked
to in the References section for further details about this change.
(BZ#1219110)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1173041 - CVE-2014-9365 python: failure to validate certificates in the HTTP 
client with TLS (PEP 476)
1272562 - Memory leaks found by unit tests
1297522 - Undefined python_provide causes silently missing provides
1333064 - /CoreOS/python/Sanity/gdb test is failing on s390x
136 - Python fails to decode X.509 cert with GEN_RID subject alt name
1368076 - threading wait(timeout) doesn't return after timeout if system clock 
is set backward
1373363 - Incorrect parsing of regular expressions
1432003 - After logrotate , dynamic looping call gets 'ValueError: I/O 
operation on closed file' on self.stream.flush() in 
/usr/lib64/python2.7/logging/handlers.py
1439734 - Backport fix for shutil.make_archive doesn't archive empty directories

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
python-2.7.5-58.el7.src.rpm

x86_64:
python-2.7.5-58.el7.x86_64.rpm
python-debuginfo-2.7.5-58.el7.i686.rpm
python-debuginfo-2.7.5-58.el7.x86_64.rpm
python-libs-2.7.5-58.el7.i686.rpm
python-libs-2.7.5-58.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
python-debug-2.7.5-58.el7.x86_64.rpm
python-debuginfo-2.7.5-58.el7.x86_64.rpm
python-devel-2.7.5-58.el7.x86_64.rpm
python-test-2.7.5-58.el7.x86_64.rpm
python-tools-2.7.5-58.el7.x86_64.rpm
tkinter-2.7.5-58.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
python-2.7.5-58.el7.src.rpm

x86_64:
python-2.7.5-58.el7.x86_64.rpm
python-debuginfo-2.7.5-58.el7.i686.rpm
python-debuginfo-2.7.5-58.el7.x86_64.rpm
python-devel-2.7.5-58.el7.x86_64.rpm
python-libs-2.7.5-58.el7.i686.rpm
python-libs-2.7.5-58.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
python-debug-2.7.5-58.el7.x86_64.rpm
python-debuginfo-2.7.5-58.el7.x86_64.rpm
python-test-2.7.5-58.el7.x86_64.rpm
python-tools-2.7.5-58.el7.x86_64.rpm
tkinter-2.7.5-58.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
python-2.7.5-58.el7.src.rpm

aarch64:
python-2.7.5-58.el7.aarch64.rpm
python-debuginfo-2.7.5-58.el7.aarch64.rpm
python-devel-2.7.5-58.el7.aarch64.rpm
python-libs-2.7.5-58.el7.aarch64.rpm

ppc64:
python-2.7.5-58.el7.ppc64.rpm
python-debuginfo-2.7.5-58.el7.ppc.rpm
python-debuginfo-2.7.5-58.el7.ppc64.rpm
python-devel-2.7.5-58.el7.ppc64.rpm
python-libs-2.7.5-58.el7.ppc.rpm
python-libs-2.7.5-58.el7.ppc64.rpm

ppc64le:
python-2.7.5-58.el7.ppc64le.rpm

[RHSA-2017:2060-01] Moderate: GStreamer security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: GStreamer security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:2060-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2060
Issue date:2017-08-01
CVE Names: CVE-2016-10198 CVE-2016-10199 CVE-2016-9446 
   CVE-2016-9810 CVE-2016-9811 CVE-2017-5837 
   CVE-2017-5838 CVE-2017-5839 CVE-2017-5840 
   CVE-2017-5841 CVE-2017-5842 CVE-2017-5843 
   CVE-2017-5844 CVE-2017-5845 CVE-2017-5848 
=

1. Summary:

An update is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, 
ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

GStreamer is a streaming media framework based on graphs of filters which
operate on media data.

The following packages have been upgraded to a later upstream version:
clutter-gst2 (2.0.18), gnome-video-effects (0.4.3), gstreamer1 (1.10.4),
gstreamer1-plugins-bad-free (1.10.4), gstreamer1-plugins-base (1.10.4),
gstreamer1-plugins-good (1.10.4), orc (0.4.26).

Security Fix(es):

* Multiple flaws were found in gstreamer1, gstreamer1-plugins-base,
gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An
attacker could potentially use these flaws to crash applications which use
the GStreamer framework. (CVE-2016-9446, CVE-2016-9810, CVE-2016-9811,
CVE-2016-10198, CVE-2016-10199, CVE-2017-5837, CVE-2017-5838,
CVE-2017-5839, CVE-2017-5840, CVE-2017-5841, CVE-2017-5842, CVE-2017-5843,
CVE-2017-5844, CVE-2017-5845, CVE-2017-5848)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1265905 - FAIL: libs/libsabi on ppc64/ppc64le
1386833 - rebase clutter-gst2 to 2.0.18
1386968 - rebase gnome-video-effects to 0.4.2
1397063 - CVE-2016-9446 gstreamer-plugins-bad-free: Missing initialization of 
allocated heap memory leads to information leak
1401913 - CVE-2016-9810 gstreamer: Invalid memory read in 
g_type_check_instance_is_fundamentally_a
1401918 - CVE-2016-9811 gstreamer: Out of bounds heap read in 
windows_icon_typefind
1406039 - Installed (but unpackaged) file(s) found
1419558 - CVE-2016-10198 gstreamer-plugins-good: Invalid memory read in 
gst_aac_parse_sink_setcaps
1419580 - CVE-2016-10199 gstreamer-plugins-good: Out of bounds read in 
qtdemux_tag_add_str_full
1419582 - CVE-2017-5845 gstreamer-plugins-good: Invalid memory read in 
gst_avi_demux_parse_ncdt
1419583 - CVE-2017-5848 gstreamer-plugins-bad-free: Invalid memory read in 
gst_ps_demux_parse_psm
1419584 - CVE-2017-5837 gstreamer-plugins-base: Floating point exception in 
gst_riff_create_audio_caps
1419586 - CVE-2017-5839 gstreamer-plugins-base: Stack overflow in 
gst_riff_create_audio_caps
1419587 - CVE-2017-5838 gstreamer: Out-of-bounds read in 
gst_date_time_new_from_iso8601_string()
1419588 - CVE-2017-5840 gstreamer-plugins-good: Out of bounds heap read in 
qtdemux_parse_samples
1419589 - CVE-2017-5841 gstreamer-plugins-good: Heap out-of-bounds read in 
gst_avi_demux_parse_ncdt
1419591 - CVE-2017-5842 gstreamer-plugins-base: Out-of-bounds heap read in 
html_context_handle_element
1419592 - CVE-2017-5843 gstreamer-plugins-bad-free: Use after free in 
gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks
1419600 - CVE-2017-5844 gstreamer-plugins-base: Floating point exception in 
gst_riff_create_audio_caps
1420650 - rebase gstreamer1 to 1.10
1428918 - Update to gst-plugins-base 1.10.x
1429577 - Rebase gstreamer1-plugins-good to 1.10.x
1429587 - Rebase gstreamer1-plugins-bad-free to 1.10.x
1430051 - rebase orc to 0.4.26

6. Package List:

Red Hat Enterprise Linux Client

[RHSA-2017:1859-01] Moderate: golang security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Moderate: golang security, bug fix, and enhancement update
Advisory ID: RHSA-2017:1859-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2017:1859
Issue date:2017-08-01
CVE Names: CVE-2017-8932
=

1. Summary:

An update for golang is now available for Red Hat Enterprise Linux 7.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64le,
s390x, x86_64

3. Description:

The golang packages provide the Go programming language compiler.

The following packages have been upgraded to a later upstream version:
golang (1.8.3). (BZ#1414500)

Security Fix(es):

* A carry propagation flaw was found in the implementation of the P-256
elliptic curve in golang. An attacker could possibly use this flaw to
extract private keys when static ECDH was used. (CVE-2017-8932)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1381593 - runtime: backport 'fix nanotime for macOS Sierra, again' to go 1.6.x
1405587 - build golang for ppc64le and s390x
1444122 - codegen bug for uint64 type on s390x
1452241 - All golang versions prior to 1.9 do not support OIDs that require
more than 28 bits
1452616 - golang 1.8 performance regression in net/http affecting kubernetes
scale
1455189 - CVE-2017-8932 golang: Elliptic curves carry propagation issue in
x86-64 P-256

6. Package List:

Red Hat Enterprise Linux Server Optional (v. 7):

Source:
golang-1.8.3-1.el7.src.rpm

aarch64:
golang-1.8.3-1.el7.aarch64.rpm
golang-bin-1.8.3-1.el7.aarch64.rpm

noarch:
golang-docs-1.8.3-1.el7.noarch.rpm
golang-misc-1.8.3-1.el7.noarch.rpm
golang-src-1.8.3-1.el7.noarch.rpm
golang-tests-1.8.3-1.el7.noarch.rpm

ppc64le:
golang-1.8.3-1.el7.ppc64le.rpm
golang-bin-1.8.3-1.el7.ppc64le.rpm

s390x:
golang-1.8.3-1.el7.s390x.rpm
golang-bin-1.8.3-1.el7.s390x.rpm

x86_64:
golang-1.8.3-1.el7.x86_64.rpm
golang-bin-1.8.3-1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-8932
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iD8DBQFZgOPKXlSAg2UNWIIRAnlwAJ9afElOntVCIJg8S20KoSfIgFECDwCeN0CB
HmBBIMGjsXkXl9BJNELyBoA=
=0xTx
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2258-01] Moderate: gtk-vnc security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: gtk-vnc security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:2258-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2258
Issue date:2017-08-01
CVE Names: CVE-2017-5884 CVE-2017-5885 
=

1. Summary:

An update for gtk-vnc is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The gtk-vnc packages provide a VNC viewer widget for GTK. The gtk-vnc
widget is built by using co-routines, which allows the widget to be
completely asynchronous while remaining single-threaded.

The following packages have been upgraded to a later upstream version:
gtk-vnc (0.7.0). (BZ#1416783)

Security Fix(es):

* It was found that gtk-vnc lacked proper bounds checking while processing
messages using RRE, hextile, or copyrect encodings. A remote malicious VNC
server could use this flaw to crash VNC viewers which are based on the
gtk-vnc library. (CVE-2017-5884)

* An integer overflow flaw was found in gtk-vnc. A remote malicious VNC
server could use this flaw to crash VNC viewers which are based on the
gtk-vnc library. (CVE-2017-5885)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

921008 - Guest will keep typing '~' after press F9 and F10 in same time.
921330 - Remote-viewer shows no error if connect to a spice port through vnc 
protocol
1126825 - Unnecessary warning messages show when shutdown vnc guest during 
virt-viewer $guest --wait
1416783 - Rebase to 0.7.0 release to fix numerous bugs
1418944 - CVE-2017-5884 gtk-vnc: Improper check of framebuffer boundaries when 
processing a tile
1418952 - CVE-2017-5885 gtk-vnc: Integer overflow when processing 
SetColorMapEntries
1441120 - segment fault when connecting a host with no VNC server listening

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
gtk-vnc-0.7.0-2.el7.src.rpm

x86_64:
gtk-vnc-debuginfo-0.7.0-2.el7.i686.rpm
gtk-vnc-debuginfo-0.7.0-2.el7.x86_64.rpm
gtk-vnc2-0.7.0-2.el7.i686.rpm
gtk-vnc2-0.7.0-2.el7.x86_64.rpm
gvnc-0.7.0-2.el7.i686.rpm
gvnc-0.7.0-2.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
gtk-vnc-0.7.0-2.el7.i686.rpm
gtk-vnc-0.7.0-2.el7.x86_64.rpm
gtk-vnc-debuginfo-0.7.0-2.el7.i686.rpm
gtk-vnc-debuginfo-0.7.0-2.el7.x86_64.rpm
gtk-vnc-devel-0.7.0-2.el7.i686.rpm
gtk-vnc-devel-0.7.0-2.el7.x86_64.rpm
gtk-vnc-python-0.7.0-2.el7.x86_64.rpm
gtk-vnc2-devel-0.7.0-2.el7.i686.rpm
gtk-vnc2-devel-0.7.0-2.el7.x86_64.rpm
gvnc-devel-0.7.0-2.el7.i686.rpm
gvnc-devel-0.7.0-2.el7.x86_64.rpm
gvnc-tools-0.7.0-2.el7.x86_64.rpm
gvncpulse-0.7.0-2.el7.i686.rpm
gvncpulse-0.7.0-2.el7.x86_64.rpm
gvncpulse-devel-0.7.0-2.el7.i686.rpm
gvncpulse-devel-0.7.0-2.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
gtk-vnc-0.7.0-2.el7.src.rpm

aarch64:
gtk-vnc-debuginfo-0.7.0-2.el7.aarch64.rpm
gtk-vnc2-0.7.0-2.el7.aarch64.rpm
gvnc-0.7.0-2.el7.aarch64.rpm

ppc64:
gtk-vnc-debuginfo-0.7.0-2.el7.ppc.rpm
gtk-vnc-debuginfo-0.7.0-2.el7.ppc64.rpm
gtk-vnc2-0.7.0-2.el7.ppc.rpm
gtk-vnc2-0.7.0-2.el7.ppc64.rpm
gvnc-0.7.0-2.el7.ppc.rpm
gvnc-0.7.0-2.el7.ppc64.rpm

ppc64le:
gtk-vnc-debuginfo-0.7.0-2.el7.ppc64le.rpm
gtk-vnc2-0.7.0-2.el7.ppc64le.rpm
gvnc-0.7.0-2.el7.ppc64le.rpm

s390x:
gtk-vnc-debuginfo-0.7.0-2.el7.s390.rpm
gtk-vnc-debuginfo-0.7.0-2.el7.s390x.rpm
gtk-vnc2-0.7.0-2.el7.s390.rpm
gtk-vnc2-0.7.0-2.el7.s390x.rpm
gvnc-0.7.0-2.el7.s390.rpm
gvnc-0.7.0-2.el7.s390x.rpm

x86_64:
gtk-vnc-debuginfo-0.7.0-2.el7.i686.rpm
gtk-vnc-debuginfo-0.7.0-2.el7.x86_64.rpm
gtk-vnc2-0.7.0-2.el7.i686.rpm
gtk-vnc2-0.7.0-2.el7.x86_64.rpm
gvnc-0.7.0-2.el7.i686.rpm
gvnc-0.7.0-2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

aarch64:
gtk-vnc-0.7.0-2.el7.aarch64.rpm

[RHSA-2017:2192-01] Moderate: mariadb security and bug fix update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: mariadb security and bug fix update
Advisory ID:   RHSA-2017:2192-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2192
Issue date:2017-08-01
CVE Names: CVE-2016-5483 CVE-2016-5617 CVE-2016-6664 
   CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 
   CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 
   CVE-2017-3302 CVE-2017-3308 CVE-2017-3309 
   CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 
   CVE-2017-3318 CVE-2017-3453 CVE-2017-3456 
   CVE-2017-3464 CVE-2017-3600 
=

1. Summary:

An update for mariadb is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL.

The following packages have been upgraded to a later upstream version:
mariadb (5.5.56). (BZ#1458933)

Security Fix(es):

* It was discovered that the mysql and mysqldump tools did not correctly
handle database and table names containing newline characters. A database
user with privileges to create databases or tables could cause the mysql
command to execute arbitrary shell or SQL commands while restoring database
backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600)

* A flaw was found in the way the mysqld_safe script handled creation of
error log file. The mysql operating system user could use this flaw to
escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664)

* Multiple flaws were found in the way the MySQL init script handled
initialization of the database data directory and permission setting on the
error log file. The mysql operating system user could use these flaws to
escalate their privileges to root. (CVE-2017-3265)

* It was discovered that the mysqld_safe script honored the ledir option
value set in a MySQL configuration file. A user able to modify one of the
MySQL configuration files could use this flaw to escalate their privileges
to root. (CVE-2017-3291)

* Multiple flaws were found in the way the mysqld_safe script handled
creation of error log file. The mysql operating system user could use these
flaws to escalate their privileges to root. (CVE-2017-3312)

* A flaw was found in the way MySQL client library (libmysqlclient) handled
prepared statements when server connection was lost. A malicious server or
a man-in-the-middle attacker could possibly use this flaw to crash an
application using libmysqlclient. (CVE-2017-3302)

* This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2017-3238,
CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309,
CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456,
CVE-2017-3464)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MariaDB server daemon (mysqld) will be
restarted automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1027829 - Testsuite test main.gis-precise is failing on ppc %{power64} s390 
s390x aarch64
1356897 - MariaDB removes all databases
1386564 - CVE-2016-6664 CVE-2016-5617 mysql: insecure error log file handling 
in mysqld_safe (CPU Oct 2016)
1414133 - CVE-2017-3312 mysql: insecure error log file handling in mysqld_safe, 
incomplete CVE-2016-6664 fix (CPU Jan 2017)
1414338 - CVE-2017-3238 mysql: Server: Optimizer  unspecified vulnerability 
(CPU Jan 2017)
1414340 - CVE-2017-3243 mysql: Server: Charsets  unspecified vulnerability

[RHSA-2017:1852-01] Moderate: openldap security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: openldap security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:1852-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1852
Issue date:2017-08-01
CVE Names: CVE-2017-9287 
=

1. Summary:

An update for openldap is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol
(LDAP) applications and development tools. LDAP is a set of protocols used
to access and maintain distributed directory information services over an
IP network. The openldap packages contain configuration files, libraries,
and documentation for OpenLDAP.

The following packages have been upgraded to a later upstream version:
openldap (2.4.44). (BZ#1386365)

Security Fix(es):

* A double-free flaw was found in the way OpenLDAP's slapd server using the
MDB backend handled LDAP searches. A remote attacker with access to search
the directory could potentially use this flaw to crash slapd by issuing a
specially crafted LDAP search query. (CVE-2017-9287)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1405354 - [RHEL7] openldap does not re-register nss shutdown callbacks after 
nss_Shutdown is called
1432907 - Cipher suite mismatch with latest nss
1456712 - CVE-2017-9287 openldap: Double free vulnerability in 
servers/slapd/back-mdb/search.c

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
openldap-2.4.44-5.el7.src.rpm

x86_64:
openldap-2.4.44-5.el7.i686.rpm
openldap-2.4.44-5.el7.x86_64.rpm
openldap-clients-2.4.44-5.el7.x86_64.rpm
openldap-debuginfo-2.4.44-5.el7.i686.rpm
openldap-debuginfo-2.4.44-5.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
openldap-debuginfo-2.4.44-5.el7.i686.rpm
openldap-debuginfo-2.4.44-5.el7.x86_64.rpm
openldap-devel-2.4.44-5.el7.i686.rpm
openldap-devel-2.4.44-5.el7.x86_64.rpm
openldap-servers-2.4.44-5.el7.x86_64.rpm
openldap-servers-sql-2.4.44-5.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
openldap-2.4.44-5.el7.src.rpm

x86_64:
openldap-2.4.44-5.el7.i686.rpm
openldap-2.4.44-5.el7.x86_64.rpm
openldap-clients-2.4.44-5.el7.x86_64.rpm
openldap-debuginfo-2.4.44-5.el7.i686.rpm
openldap-debuginfo-2.4.44-5.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
openldap-debuginfo-2.4.44-5.el7.i686.rpm
openldap-debuginfo-2.4.44-5.el7.x86_64.rpm
openldap-devel-2.4.44-5.el7.i686.rpm
openldap-devel-2.4.44-5.el7.x86_64.rpm
openldap-servers-2.4.44-5.el7.x86_64.rpm
openldap-servers-sql-2.4.44-5.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
openldap-2.4.44-5.el7.src.rpm

aarch64:
openldap-2.4.44-5.el7.aarch64.rpm
openldap-clients-2.4.44-5.el7.aarch64.rpm
openldap-debuginfo-2.4.44-5.el7.aarch64.rpm
openldap-devel-2.4.44-5.el7.aarch64.rpm
openldap-servers-2.4.44-5.el7.aarch64.rpm

ppc64:
openldap-2.4.44-5.el7.ppc.rpm
openldap-2.4.44-5.el7.ppc64.rpm
openldap-clients-2.4.44-5.el7.ppc64.rpm
openldap-debuginfo-2.4.44-5.el7.ppc.rpm
openldap-debuginfo-2.4.44-5.el7.ppc64.rpm
openldap-devel-2.4.44-5.el7.ppc.rpm
openldap-devel-2.4.44-5.el7.ppc64.rpm
openldap-servers-2.4.44-5.el7.ppc64.rpm

ppc64le:
openldap-2.4.44-5.el7.ppc64le.rpm
openldap-clients-2.4.44-5.el7.ppc64le.rpm
openldap-debuginfo-2.4.44-5.el7.ppc64le.rpm
openldap-devel-2.4.44-5.el7.ppc64le.rpm
openldap-servers-2.4.44-5.el7.ppc64le.rpm

s390x:
openldap-2.4.44-5.el7.s390.rpm
openldap-2.4.44-5.el7.s390x.rpm
openldap-clients-2.4.44-5.el7.s390x.rpm
openldap-debuginfo-2.4.44-5.el7.s390.rpm
openldap-debuginfo-2.4.44-5.el7.s390x.rpm

[RHSA-2017:2004-01] Moderate: git security and bug fix update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: git security and bug fix update
Advisory ID:   RHSA-2017:2004-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2004
Issue date:2017-08-01
CVE Names: CVE-2014-9938 CVE-2017-8386 
=

1. Summary:

An update for git is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, 
ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

Git is a distributed revision control system with a decentralized
architecture. As opposed to centralized version control systems with a
client-server model, Git ensures that each working copy of a Git repository
is an exact copy with complete revision history. This not only allows the
user to work on and contribute to projects without the need to have
permission to push the changes to their official repositories, but also
makes it possible for the user to work with no network connection.

Security Fix(es):

* It was found that the git-prompt.sh script shipped with git failed to
correctly handle branch names containing special characters. A specially
crafted git repository could use this flaw to execute arbitrary commands if
a user working with the repository configured their shell to include
repository information in the prompt. (CVE-2014-9938)

* A flaw was found in the way git-shell handled command-line options for
the restricted set of git-shell commands. A remote, authenticated attacker
could use this flaw to bypass git-shell restrictions, to view and
manipulate files, by abusing the instance of the less command launched
using crafted command-line options. (CVE-2017-8386)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1369173 - Git is unable to use HTTP(S)-SSO because of fix for CVE-2011-2192 
[el7]
1434415 - CVE-2014-9938 git: git-prompt.sh does not sanitize branch names in 
$PS1
1450407 - CVE-2017-8386 git: Escape out of git-shell

6. Package List:

Red Hat Enterprise Linux Client Optional (v. 7):

Source:
git-1.8.3.1-11.el7.src.rpm

noarch:
emacs-git-1.8.3.1-11.el7.noarch.rpm
emacs-git-el-1.8.3.1-11.el7.noarch.rpm
git-all-1.8.3.1-11.el7.noarch.rpm
git-bzr-1.8.3.1-11.el7.noarch.rpm
git-cvs-1.8.3.1-11.el7.noarch.rpm
git-email-1.8.3.1-11.el7.noarch.rpm
git-gui-1.8.3.1-11.el7.noarch.rpm
git-hg-1.8.3.1-11.el7.noarch.rpm
git-p4-1.8.3.1-11.el7.noarch.rpm
gitk-1.8.3.1-11.el7.noarch.rpm
gitweb-1.8.3.1-11.el7.noarch.rpm
perl-Git-1.8.3.1-11.el7.noarch.rpm
perl-Git-SVN-1.8.3.1-11.el7.noarch.rpm

x86_64:
git-1.8.3.1-11.el7.x86_64.rpm
git-daemon-1.8.3.1-11.el7.x86_64.rpm
git-debuginfo-1.8.3.1-11.el7.x86_64.rpm
git-svn-1.8.3.1-11.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
git-1.8.3.1-11.el7.src.rpm

noarch:
emacs-git-1.8.3.1-11.el7.noarch.rpm
emacs-git-el-1.8.3.1-11.el7.noarch.rpm
git-all-1.8.3.1-11.el7.noarch.rpm
git-bzr-1.8.3.1-11.el7.noarch.rpm
git-cvs-1.8.3.1-11.el7.noarch.rpm
git-email-1.8.3.1-11.el7.noarch.rpm
git-gui-1.8.3.1-11.el7.noarch.rpm
git-hg-1.8.3.1-11.el7.noarch.rpm
git-p4-1.8.3.1-11.el7.noarch.rpm
gitk-1.8.3.1-11.el7.noarch.rpm
gitweb-1.8.3.1-11.el7.noarch.rpm
perl-Git-1.8.3.1-11.el7.noarch.rpm
perl-Git-SVN-1.8.3.1-11.el7.noarch.rpm

x86_64:
git-1.8.3.1-11.el7.x86_64.rpm
git-daemon-1.8.3.1-11.el7.x86_64.rpm
git-debuginfo-1.8.3.1-11.el7.x86_64.rpm
git-svn-1.8.3.1-11.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
git-1.8.3.1-11.el7.src.rpm

aarch64:
git-1.8.3.1-11.el7.aarch64.rpm
git-debuginfo-1.8.3.1-11.el7.aarch64.rpm

noarch:
perl-Git-1.8.3.1-11.el7.noarch.rpm

ppc64:
git-1.8.3.1-11.el7.ppc64.rpm
git-debuginfo-1.8.3.1-11.el7.ppc64.rpm

ppc64le:
git-1.8.3.1-11.el7.ppc64le.rpm
git-debuginfo-1.8.3.1-11.el7.ppc64le.rpm

s390x:
git-1.8.3.1-11.el7.s390x.rpm

[RHSA-2017:2418-01] Moderate: openvswitch security, bug fix, and enhancement update

2017-08-03 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: openvswitch security, bug fix, and enhancement 
update
Advisory ID:   RHSA-2017:2418-01
Product:   Fast Datapath
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2418
Issue date:2017-08-03
CVE Names: CVE-2017-9214 CVE-2017-9263 CVE-2017-9264 
   CVE-2017-9265 
=

1. Summary:

An update for openvswitch is now available for Fast Datapath for Red Hat
Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Channel to provide early releases to layered products - noarch, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.

The following packages have been upgraded to a later upstream version:
openvswitch (2.7.2). (BZ#1472854)

Security Fix(es):

* An unsigned int wrap around leading to a buffer over-read was found when
parsing OFPT_QUEUE_GET_CONFIG_REPLY messages in Open vSwitch (OvS). An
attacker could use this flaw to cause a remote DoS. (CVE-2017-9214)

* In Open vSwitch (OvS), while parsing an OpenFlow role status message
there is a call to the abort() function for undefined role status reasons
in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that
may be leveraged toward a remote DoS attack by a malicious switch.
(CVE-2017-9263)

* A buffer over-read was found in the Open vSwitch (OvS) firewall
implementation. This flaw can be triggered by parsing a specially crafted
TCP, UDP, or IPv6 packet. A remote attack could use this flaw to cause a
Denial of Service (DoS). (CVE-2017-9264)

* A buffer over-read flaw was found in Open vSwitch (OvS) while parsing the
group mod OpenFlow messages sent from the controller. An attacker could use
this flaw to cause a Denial of Service (DoS). (CVE-2017-9265)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1456795 - CVE-2017-9214 openvswitch: Integer underflow in the 
ofputil_pull_queue_get_config_reply10 function
1457327 - CVE-2017-9263 openvswitch: Invalid processing of a malicious OpenFlow 
role status message
1457329 - CVE-2017-9264 openvswitch: Buffer over-read while parsing malformed 
TCP, UDP and IPv6 packets
1457335 - CVE-2017-9265 openvswitch: Buffer over-read while parsing the group 
mod OpenFlow message
1472729 - /usr/lib/ocf/resource.d/ovn/ovndb-servers is missing in the 
openvswitch.spec file
1472854 - [fdProd] Update OVS to 2.7.2

6. Package List:

Channel to provide early releases to layered products:

Source:
openvswitch-2.7.2-1.git20170719.el7fdp.src.rpm

noarch:
openvswitch-test-2.7.2-1.git20170719.el7fdp.noarch.rpm
python-openvswitch-2.7.2-1.git20170719.el7fdp.noarch.rpm

x86_64:
openvswitch-2.7.2-1.git20170719.el7fdp.x86_64.rpm
openvswitch-debuginfo-2.7.2-1.git20170719.el7fdp.x86_64.rpm
openvswitch-devel-2.7.2-1.git20170719.el7fdp.x86_64.rpm
openvswitch-ovn-central-2.7.2-1.git20170719.el7fdp.x86_64.rpm
openvswitch-ovn-common-2.7.2-1.git20170719.el7fdp.x86_64.rpm
openvswitch-ovn-docker-2.7.2-1.git20170719.el7fdp.x86_64.rpm
openvswitch-ovn-host-2.7.2-1.git20170719.el7fdp.x86_64.rpm
openvswitch-ovn-vtep-2.7.2-1.git20170719.el7fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-9214
https://access.redhat.com/security/cve/CVE-2017-9263
https://access.redhat.com/security/cve/CVE-2017-9264
https://access.redhat.com/security/cve/CVE-2017-9265
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZgxmYXlSAg2UNWIIRAuzuAJ9Dngapo5j66itwFnpsvl92GKMAywCfb2Ah
V7og7GgSn4a1oFzQjIZHeXk=
=qOi+
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2478-01] Important: httpd security update

2017-08-15 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: httpd security update
Advisory ID:   RHSA-2017:2478-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2478
Issue date:2017-08-15
CVE Names: CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 
   CVE-2017-9788 
=

1. Summary:

An update for httpd is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient,
and extensible web server.

Security Fix(es):

* It was discovered that the httpd's mod_auth_digest module did not
properly initialize memory before using it when processing certain headers
related to digest authentication. A remote attacker could possibly use this
flaw to disclose potentially sensitive information or cause httpd child
process to crash by sending specially crafted requests to a server.
(CVE-2017-9788)

* It was discovered that the use of httpd's ap_get_basic_auth_pw() API
function outside of the authentication phase could lead to authentication
bypass. A remote attacker could possibly use this flaw to bypass required
authentication if the API was used incorrectly by one of the modules used
by httpd. (CVE-2017-3167)

* A NULL pointer dereference flaw was found in the httpd's mod_ssl module.
A remote attacker could use this flaw to cause an httpd child process to
crash if another module used by httpd called a certain API function during
the processing of an HTTPS request. (CVE-2017-3169)

* A buffer over-read flaw was found in the httpd's mod_mime module. A user
permitted to modify httpd's MIME configuration could use this flaw to cause
httpd child process to crash. (CVE-2017-7679)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, the httpd daemon will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass
1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
1463207 - CVE-2017-7679 httpd: mod_mime buffer overread
1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in 
mod_auth_digest

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
httpd-2.2.15-60.el6_9.5.src.rpm

i386:
httpd-2.2.15-60.el6_9.5.i686.rpm
httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm
httpd-tools-2.2.15-60.el6_9.5.i686.rpm

x86_64:
httpd-2.2.15-60.el6_9.5.x86_64.rpm
httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm
httpd-tools-2.2.15-60.el6_9.5.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386:
httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm
httpd-devel-2.2.15-60.el6_9.5.i686.rpm
mod_ssl-2.2.15-60.el6_9.5.i686.rpm

noarch:
httpd-manual-2.2.15-60.el6_9.5.noarch.rpm

x86_64:
httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm
httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm
httpd-devel-2.2.15-60.el6_9.5.i686.rpm
httpd-devel-2.2.15-60.el6_9.5.x86_64.rpm
mod_ssl-2.2.15-60.el6_9.5.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
httpd-2.2.15-60.el6_9.5.src.rpm

x86_64:
httpd-2.2.15-60.el6_9.5.x86_64.rpm
httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm
httpd-tools-2.2.15-60.el6_9.5.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

noarch:
httpd-manual-2.2.15-60.el6_9.5.noarch.rpm

x86_64:
httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm
httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm
httpd-devel-2.2.15-60.el6_9.5.i686.rpm
httpd-devel-2.2.15-60.el6_9.5.x86_64.rpm
mod_ssl-2.2.15-60.el6_9.5.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
httpd-2.2.15-60.el6_9.5.src.rpm

i386:
httpd-2.2.15-60.el6_9.5.i686.rpm
httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm
httpd-devel-2.2.15-60.el6_9.5.i686.rpm
httpd-tools-2.2.15-60.el6_9.5.i686.rpm
mod_ssl-2.2.15-60.el6_9.5.i686.rpm

noarch:
httpd-manual-2.2.15-60.el6_9.5.noarch.rpm

ppc64:
httpd-2.2.15-60.el6_9.5.ppc64.rpm
httpd-debuginfo-2.2.15-60.el6_9.5.ppc.rpm

[RHSA-2017:2477-01] Important: Red Hat JBoss Data Virtualization 6.3 Update 7 security update

2017-08-15 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Important: Red Hat JBoss Data Virtualization 6.3 Update 7
security update
Advisory ID: RHSA-2017:2477-01
Product: Red Hat JBoss Data Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2017:2477
Issue date:2017-08-15
CVE Names: CVE-2015-3254 CVE-2017-5637 CVE-2017-7525
=

1. Summary:

An update is now available for Red Hat JBoss Data Virtualization.

2. Description:

Red Hat JBoss Data Virtualization is a lean data integration solution that
provides easy, real-time, and unified data access across disparate sources
to multiple applications and users. JBoss Data Virtualization makes data
spread across physically distinct systems - such as multiple databases, XML
files, and even Hadoop systems - appear as a set of tables in a local
database.

This release of Red Hat JBoss Data Virtualization 6.3 Update 7 serves as a
replacement for Red Hat JBoss Data Virtualization 6.3 Update 6, and
includes bug fixes and enhancements, which are documented in the Release
Notes document linked to in the References.

Security Fix(es):

* A deserialization flaw was discovered in the jackson-databind which could
allow an unauthenticated user to perform code execution by sending the
maliciously crafted input to the readValue method of the ObjectMapper.
(CVE-2017-7525)

* A vulnerability was discovered in Apache Thrift client libraries that
allows remote, authenticated attackers to cause an infinite recursion via
vectors involving the skip function; resulting in a denial of service (DoS)
condition. (CVE-2015-3254)

* A denial of service vulnerability was discovered in ZooKeeper which
allows an attacker to dramatically increase CPU utilization by abusing
"wchp/wchc" commands, leading to the server being unable to serve
legitimate requests. (CVE-2017-5637)

Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting
CVE-2017-7525.

3. Solution:

Before applying the update, back up your existing Red Hat JBoss Data
Virtualization installation (including its databases, applications,
configuration files, and so on).

Note that it is recommended to halt the Red Hat JBoss Data Virtualization
server by stopping the JBoss Application Server process before installing
this update, and then after installing the update, restart the Red Hat
JBoss Data Virtualization server by starting the JBoss Application Server
process.

The References section of this erratum contains a download link (you must
log in to download the update).

4. Bugs fixed (https://bugzilla.redhat.com/):

1454808 - CVE-2017-5637 zookeeper: Incorrect input validation with wchp/wchc
four letter words
1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via
readValue method of ObjectMapper
1462783 - CVE-2015-3254 thrift: Infinite recursion via vectors involving the
skip function

5. References:

https://access.redhat.com/security/cve/CVE-2015-3254
https://access.redhat.com/security/cve/CVE-2017-5637
https://access.redhat.com/security/cve/CVE-2017-7525
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.services.platform=securityPatches=6.3.0

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iD8DBQFZkw+VXlSAg2UNWIIRAjRPAKCQB3sAGC0r8CRA7UAwANIGLYbYOACglbUm
yNok32QMlwbMdl5AsafILjg=
=9Aix
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2479-01] Important: httpd security update

2017-08-15 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: httpd security update
Advisory ID:   RHSA-2017:2479-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2479
Issue date:2017-08-15
CVE Names: CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 
   CVE-2017-7679 CVE-2017-9788 
=

1. Summary:

An update for httpd is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient,
and extensible web server.

Security Fix(es):

* It was discovered that the httpd's mod_auth_digest module did not
properly initialize memory before using it when processing certain headers
related to digest authentication. A remote attacker could possibly use this
flaw to disclose potentially sensitive information or cause httpd child
process to crash by sending specially crafted requests to a server.
(CVE-2017-9788)

* It was discovered that the use of httpd's ap_get_basic_auth_pw() API
function outside of the authentication phase could lead to authentication
bypass. A remote attacker could possibly use this flaw to bypass required
authentication if the API was used incorrectly by one of the modules used
by httpd. (CVE-2017-3167)

* A NULL pointer dereference flaw was found in the httpd's mod_ssl module.
A remote attacker could use this flaw to cause an httpd child process to
crash if another module used by httpd called a certain API function during
the processing of an HTTPS request. (CVE-2017-3169)

* A buffer over-read flaw was found in the httpd's ap_find_token()
function. A remote attacker could use this flaw to cause httpd child
process to crash via a specially crafted HTTP request. (CVE-2017-7668)

* A buffer over-read flaw was found in the httpd's mod_mime module. A user
permitted to modify httpd's MIME configuration could use this flaw to cause
httpd child process to crash. (CVE-2017-7679)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, the httpd daemon will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass
1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread
1463207 - CVE-2017-7679 httpd: mod_mime buffer overread
1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in 
mod_auth_digest

6. Package List:

Red Hat Enterprise Linux Client Optional (v. 7):

Source:
httpd-2.4.6-67.el7_4.2.src.rpm

noarch:
httpd-manual-2.4.6-67.el7_4.2.noarch.rpm

x86_64:
httpd-2.4.6-67.el7_4.2.x86_64.rpm
httpd-debuginfo-2.4.6-67.el7_4.2.x86_64.rpm
httpd-devel-2.4.6-67.el7_4.2.x86_64.rpm
httpd-tools-2.4.6-67.el7_4.2.x86_64.rpm
mod_ldap-2.4.6-67.el7_4.2.x86_64.rpm
mod_proxy_html-2.4.6-67.el7_4.2.x86_64.rpm
mod_session-2.4.6-67.el7_4.2.x86_64.rpm
mod_ssl-2.4.6-67.el7_4.2.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
httpd-2.4.6-67.el7_4.2.src.rpm

noarch:
httpd-manual-2.4.6-67.el7_4.2.noarch.rpm

x86_64:
httpd-2.4.6-67.el7_4.2.x86_64.rpm
httpd-debuginfo-2.4.6-67.el7_4.2.x86_64.rpm
httpd-devel-2.4.6-67.el7_4.2.x86_64.rpm
httpd-tools-2.4.6-67.el7_4.2.x86_64.rpm
mod_ldap-2.4.6-67.el7_4.2.x86_64.rpm
mod_proxy_html-2.4.6-67.el7_4.2.x86_64.rpm
mod_session-2.4.6-67.el7_4.2.x86_64.rpm
mod_ssl-2.4.6-67.el7_4.2.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
httpd-2.4.6-67.el7_4.2.src.rpm

aarch64:
httpd-2.4.6-67.el7_4.2.aarch64.rpm
httpd-debuginfo-2.4.6-67.el7_4.2.aarch64.rpm
httpd-devel-2.4.6-67.el7_4.2.aarch64.rpm
httpd-tools-2.4.6-67.el7_4.2.aarch64.rpm
mod_session-2.4.6-67.el7_4.2.aarch64.rpm
mod_ssl-2.4.6-67.el7_4.2.aarch64.rpm

noarch:
httpd-manual-2.4.6-67.el7_4.2.noarch.rpm

ppc64:
httpd-2.4.6-67.el7_4.2.ppc64.rpm
httpd-debuginfo-2.4.6-67.el7_4.2.ppc64.rpm

[RHSA-2017:2480-01] Important: subversion security update

2017-08-15 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: subversion security update
Advisory ID:   RHSA-2017:2480-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2480
Issue date:2017-08-15
CVE Names: CVE-2017-9800 
=

1. Summary:

An update for subversion is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Subversion (SVN) is a concurrent version control system which enables one
or more users to collaborate in developing and maintaining a hierarchy of
files and directories while keeping a history of all changes.

Security Fix(es):

* A shell command injection flaw related to the handling of "svn+ssh" URLs
has been discovered in Subversion. An attacker could use this flaw to
execute shell commands with the privileges of the user running the
Subversion client, for example when performing a "checkout" or "update"
action on a malicious repository, or a legitimate repository containing a
malicious commit. (CVE-2017-9800)

Red Hat would like to thank the Subversion Team for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, for the update to take effect, you
must restart the httpd daemon, if you are using mod_dav_svn, and the
svnserve daemon, if you are serving Subversion repositories via the svn://
protocol.

5. Bugs fixed (https://bugzilla.redhat.com/):

1479686 - CVE-2017-9800 subversion: Command injection through clients via 
malicious svn+ssh URLs

6. Package List:

Red Hat Enterprise Linux Client Optional (v. 7):

Source:
subversion-1.7.14-11.el7_4.src.rpm

x86_64:
mod_dav_svn-1.7.14-11.el7_4.x86_64.rpm
subversion-1.7.14-11.el7_4.i686.rpm
subversion-1.7.14-11.el7_4.x86_64.rpm
subversion-debuginfo-1.7.14-11.el7_4.i686.rpm
subversion-debuginfo-1.7.14-11.el7_4.x86_64.rpm
subversion-devel-1.7.14-11.el7_4.i686.rpm
subversion-devel-1.7.14-11.el7_4.x86_64.rpm
subversion-gnome-1.7.14-11.el7_4.i686.rpm
subversion-gnome-1.7.14-11.el7_4.x86_64.rpm
subversion-javahl-1.7.14-11.el7_4.i686.rpm
subversion-javahl-1.7.14-11.el7_4.x86_64.rpm
subversion-kde-1.7.14-11.el7_4.i686.rpm
subversion-kde-1.7.14-11.el7_4.x86_64.rpm
subversion-libs-1.7.14-11.el7_4.i686.rpm
subversion-libs-1.7.14-11.el7_4.x86_64.rpm
subversion-perl-1.7.14-11.el7_4.i686.rpm
subversion-perl-1.7.14-11.el7_4.x86_64.rpm
subversion-python-1.7.14-11.el7_4.x86_64.rpm
subversion-ruby-1.7.14-11.el7_4.i686.rpm
subversion-ruby-1.7.14-11.el7_4.x86_64.rpm
subversion-tools-1.7.14-11.el7_4.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
subversion-1.7.14-11.el7_4.src.rpm

x86_64:
mod_dav_svn-1.7.14-11.el7_4.x86_64.rpm
subversion-1.7.14-11.el7_4.i686.rpm
subversion-1.7.14-11.el7_4.x86_64.rpm
subversion-debuginfo-1.7.14-11.el7_4.i686.rpm
subversion-debuginfo-1.7.14-11.el7_4.x86_64.rpm
subversion-devel-1.7.14-11.el7_4.i686.rpm
subversion-devel-1.7.14-11.el7_4.x86_64.rpm
subversion-gnome-1.7.14-11.el7_4.i686.rpm
subversion-gnome-1.7.14-11.el7_4.x86_64.rpm
subversion-javahl-1.7.14-11.el7_4.i686.rpm
subversion-javahl-1.7.14-11.el7_4.x86_64.rpm
subversion-kde-1.7.14-11.el7_4.i686.rpm
subversion-kde-1.7.14-11.el7_4.x86_64.rpm
subversion-libs-1.7.14-11.el7_4.i686.rpm
subversion-libs-1.7.14-11.el7_4.x86_64.rpm
subversion-perl-1.7.14-11.el7_4.i686.rpm
subversion-perl-1.7.14-11.el7_4.x86_64.rpm
subversion-python-1.7.14-11.el7_4.x86_64.rpm
subversion-ruby-1.7.14-11.el7_4.i686.rpm
subversion-ruby-1.7.14-11.el7_4.x86_64.rpm
subversion-tools-1.7.14-11.el7_4.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
subversion-1.7.14-11.el7_4.src.rpm

aarch64:
mod_dav_svn-1.7.14-11.el7_4.aarch64.rpm
subversion-1.7.14-11.el7_4.aarch64.rpm
subversion-debuginfo-1.7.14-11.el7_4.aarch64.rpm
subversion-gnome-1.7.14-11.el7_4.aarch64.rpm
subversion-libs-1.7.14-11.el7_4.aarch64.rpm

ppc64:
mod_dav_svn-1.7.14-11.el7_4.ppc64.rpm
subversion-1.7.14-11.el7_4.ppc.rpm
subversion-1.7.14-11.el7_4.ppc64.rpm

[RHSA-2017:2481-01] Critical: java-1.7.1-ibm security update

2017-08-15 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: java-1.7.1-ibm security update
Advisory ID:   RHSA-2017:2481-01
Product:   Red Hat Enterprise Linux Supplementary
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2481
Issue date:2017-08-15
CVE Names: CVE-2017-10053 CVE-2017-10067 CVE-2017-10087 
   CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 
   CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 
   CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 
   CVE-2017-10110 CVE-2017-10115 CVE-2017-10116 
   CVE-2017-10243 
=

1. Summary:

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux
6 Supplementary and Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client Supplementary (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Supplementary (v. 7) - x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, 
x86_64
Red Hat Enterprise Linux Server Supplementary (v. 7) - ppc64, ppc64le, s390x, 
x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 7) - x86_64

3. Description:

IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment
and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 7 to version 7R1 SR4-FP10.

Security Fix(es):

* This update fixes multiple vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Further information
about these flaws can be found on the IBM Java Security Vulnerabilities
page listed in the References section. (CVE-2017-10053, CVE-2017-10067,
CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096,
CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107,
CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115,
CVE-2017-10116, CVE-2017-10243)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take
effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1471266 - CVE-2017-10107 OpenJDK: insufficient access control checks in 
ActivationID (RMI, 8173697)
1471270 - CVE-2017-10089 OpenJDK: insufficient access control checks in 
ServiceRegistry (ImageIO, 8172461)
1471517 - CVE-2017-10090 OpenJDK: insufficient access control checks in 
AsynchronousChannelGroupImpl (8172465, Libraries)
1471521 - CVE-2017-10087 OpenJDK: insufficient access control checks in 
ThreadPoolExecutor (Libraries, 8172204)
1471523 - CVE-2017-10110 OpenJDK: insufficient access control checks in 
ImageWatched (AWT, 8174098)
1471527 - CVE-2017-10101 OpenJDK: unrestricted access to 
com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)
1471528 - CVE-2017-10096 OpenJDK: insufficient access control checks in XML 
transformations (JAXP, 8172469)
1471535 - CVE-2017-10067 OpenJDK: JAR verifier incorrect handling of missing 
digest (Security, 8169392)
1471670 - CVE-2017-10109 OpenJDK: unbounded memory allocation in CodeSource 
deserialization (Serialization, 8174113)
1471738 - CVE-2017-10116 OpenJDK: LDAPCertStore following referrals to non-LDAP 
URLs (Security, 8176067)
1471851 - CVE-2017-10115 OpenJDK: DSA implementation timing attack (JCE, 
8175106)
1471888 - CVE-2017-10108 OpenJDK: unbounded memory allocation in BasicAttribute 
deserialization (Serialization, 8174105)
1471889 - CVE-2017-10053 OpenJDK: reading of unprocessed image data in 
JPEGImageReader (2D, 8169209)
1472345 - CVE-2017-10102 OpenJDK: incorrect handling of references in DGC (RMI, 
8163958)
1472666 - CVE-2017-10243 OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 
8182054)
1472667 - CVE-2017-10105 Oracle JDK: unspecified vulnerability fixed in 6u161, 
7u151, and 8u141 (Deployment)

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
java-1.7.1-ibm-1.7.1.4.10-1jpp.2.el6_9.i686.rpm
java-1.7.1-ibm-demo-1.7.1.4.10-1jpp.2.el6_9.i686.rpm
java-1.7.1-ibm-devel-1.7.1.4.10-1jpp.2.el6_9.i686.rpm
java-1.7.1-ibm-jdbc-1.7.1.4.10-1jpp.2.el6_9.i686.rpm
java-1.7.1-ibm-plugin-1.7.1.4.10-1jpp.2.el6_9.i686.rpm
java-1.7.1-ibm-src-1.7.1.4.10-1jpp.2.el6_9.i686.rpm

x86_64:

[RHSA-2017:2471-01] Important: spice security update

2017-08-14 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: spice security update
Advisory ID:   RHSA-2017:2471-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2471
Issue date:2017-08-15
CVE Names: CVE-2017-7506 
=

1. Summary:

An update for spice is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display system built for virtual environments which allows the user
to view a computing 'desktop' environment not only on the machine where it
is running, but from anywhere on the Internet and from a wide variety of
machine architectures.

Security Fix(es):

* A vulnerability was discovered in spice server's protocol handling. An
authenticated attacker could send specially crafted messages to the spice
server, causing out-of-bounds memory accesses, leading to parts of server
memory being leaked or a crash. (CVE-2017-7506)

This issue was discovered by Frediano Ziglio (Red Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All applications using SPICE (most notably all QEMU-KVM instances using the
SPICE console) must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1452606 - CVE-2017-7506 spice: Possible buffer overflow via invalid monitor 
configurations

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
spice-0.12.8-2.el7.1.src.rpm

x86_64:
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm
spice-server-0.12.8-2.el7.1.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
spice-0.12.8-2.el7.1.src.rpm

x86_64:
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm
spice-server-0.12.8-2.el7.1.x86_64.rpm
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
spice-0.12.8-2.el7.1.src.rpm

x86_64:
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm
spice-server-0.12.8-2.el7.1.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

x86_64:
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
spice-0.12.8-2.el7.1.src.rpm

x86_64:
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm
spice-server-0.12.8-2.el7.1.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7506
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZknByXlSAg2UNWIIRAvyxAJ0ZF8JdiHkQEaE+xe0xckkqoBZojgCgk1DT
XYwbnyL/60d26voQKvrhi7I=
=dq3P
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2472-01] Important: kernel security and bug fix update

2017-08-15 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security and bug fix update
Advisory ID:   RHSA-2017:2472-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2472
Issue date:2017-08-15
CVE Names: CVE-2017-7895 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long
Life.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Long Life (v. 5.9 server) - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

Bug Fix(es):

* When upgrading to kernel with the fix for stack guard flaw, a crash could
occur in Java Virtual Machine (JVM) environments, which attempted to
implement their own stack guard page. With this update, the underlying
source code has been fixed to consider the PROT_NONE mapping as a part of
the stack, and the crash in JVM no longer occurs under the described
circumstances. (BZ#1472671)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload 
bounds checking of WRITE requests

6. Package List:

Red Hat Enterprise Linux Long Life (v. 5.9 server):

Source:
kernel-2.6.18-348.34.1.el5.src.rpm

i386:
kernel-2.6.18-348.34.1.el5.i686.rpm
kernel-PAE-2.6.18-348.34.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-348.34.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-348.34.1.el5.i686.rpm
kernel-debug-2.6.18-348.34.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-348.34.1.el5.i686.rpm
kernel-debug-devel-2.6.18-348.34.1.el5.i686.rpm
kernel-debuginfo-2.6.18-348.34.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-348.34.1.el5.i686.rpm
kernel-devel-2.6.18-348.34.1.el5.i686.rpm
kernel-headers-2.6.18-348.34.1.el5.i386.rpm
kernel-xen-2.6.18-348.34.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-348.34.1.el5.i686.rpm
kernel-xen-devel-2.6.18-348.34.1.el5.i686.rpm

ia64:
kernel-2.6.18-348.34.1.el5.ia64.rpm
kernel-debug-2.6.18-348.34.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-348.34.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-348.34.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-348.34.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-348.34.1.el5.ia64.rpm
kernel-devel-2.6.18-348.34.1.el5.ia64.rpm
kernel-headers-2.6.18-348.34.1.el5.ia64.rpm
kernel-xen-2.6.18-348.34.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-348.34.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-348.34.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-348.34.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-348.34.1.el5.x86_64.rpm
kernel-debug-2.6.18-348.34.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-348.34.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-348.34.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-348.34.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-348.34.1.el5.x86_64.rpm
kernel-devel-2.6.18-348.34.1.el5.x86_64.rpm
kernel-headers-2.6.18-348.34.1.el5.x86_64.rpm
kernel-xen-2.6.18-348.34.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-348.34.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-348.34.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7895
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZks9dXlSAg2UNWIIRAuzkAJ0cecgSW+j01C4j6IKY2O3zz2GTNQCfYz94
jlE29cVQZktgRt1smuWF0TU=
=tiT3
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2473-01] Important: kernel security and bug fix update

2017-08-15 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security and bug fix update
Advisory ID:   RHSA-2017:2473-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2473
Issue date:2017-08-15
CVE Names: CVE-2017-7533 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* A race condition was found in the Linux kernel, present since v3.14-rc1
through v4.12. The race happens between threads of inotify_handle_event()
and vfs_rename() while running the rename operation against the same file.
As a result of the race the next slab data or the slab's free list pointer
can be corrupted with attacker-controlled data. (CVE-2017-7533, Important)

Red Hat would like to thank Leilei Lin (Alibaba Group), Fan Wu (The
University of Hong Kong), and Shixiong Zhao (The University of Hong Kong)
for reporting this issue.

Bug Fix(es):

* Previously, direct I/O read operations going past EOF returned an invalid
error number, instead of reading 0 bytes and returning success, if these
operations were in same XFS block with EOF. Consequently, creating multiple
VMs from a Red Hat Enterprise Linux 7.4 template caused all the VMs to
become unresponsive in the 'Image Locked' state. This update fixes the
direct I/O feature of the file system, and VMs created from a Red Hat
Enterprise Linux 7.4 template now work as expected. (BZ#1475669)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1468283 - CVE-2017-7533 kernel: a race between inotify_handle_event() and 
sys_rename()

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-693.1.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.1.1.el7.noarch.rpm
kernel-doc-3.10.0-693.1.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.1.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.1.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.1.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.1.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.1.1.el7.x86_64.rpm
perf-3.10.0-693.1.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
python-perf-3.10.0-693.1.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
kernel-debug-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.1.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.1.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-693.1.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.1.1.el7.noarch.rpm
kernel-doc-3.10.0-693.1.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.1.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.1.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.1.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.1.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm

[RHSA-2017:2459-01] Important: libsoup security update

2017-08-10 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: libsoup security update
Advisory ID:   RHSA-2017:2459-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2459
Issue date:2017-08-10
CVE Names: CVE-2017-2885 
=

1. Summary:

An update for libsoup is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

* A stack-based buffer overflow flaw was discovered within the HTTP
processing of libsoup. A remote attacker could exploit this flaw to cause a
crash or, potentially, execute arbitrary code by sending a specially
crafted HTTP request to a server using the libsoup HTTP server
functionality or by tricking a user into connecting to a malicious HTTP
server with an application using the libsoup HTTP client functionality.
(CVE-2017-2885)

Red Hat would like to thank Aleksandar Nikolic (Cisco Talos) for reporting
this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1479281 - CVE-2017-2885 libsoup: Stack based buffer overflow with HTTP Chunked 
Encoding

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
libsoup-2.56.0-4.el7_4.src.rpm

x86_64:
libsoup-2.56.0-4.el7_4.i686.rpm
libsoup-2.56.0-4.el7_4.x86_64.rpm
libsoup-debuginfo-2.56.0-4.el7_4.i686.rpm
libsoup-debuginfo-2.56.0-4.el7_4.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
libsoup-debuginfo-2.56.0-4.el7_4.i686.rpm
libsoup-debuginfo-2.56.0-4.el7_4.x86_64.rpm
libsoup-devel-2.56.0-4.el7_4.i686.rpm
libsoup-devel-2.56.0-4.el7_4.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
libsoup-2.56.0-4.el7_4.src.rpm

x86_64:
libsoup-2.56.0-4.el7_4.i686.rpm
libsoup-2.56.0-4.el7_4.x86_64.rpm
libsoup-debuginfo-2.56.0-4.el7_4.i686.rpm
libsoup-debuginfo-2.56.0-4.el7_4.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
libsoup-debuginfo-2.56.0-4.el7_4.i686.rpm
libsoup-debuginfo-2.56.0-4.el7_4.x86_64.rpm
libsoup-devel-2.56.0-4.el7_4.i686.rpm
libsoup-devel-2.56.0-4.el7_4.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
libsoup-2.56.0-4.el7_4.src.rpm

aarch64:
libsoup-2.56.0-4.el7_4.aarch64.rpm
libsoup-debuginfo-2.56.0-4.el7_4.aarch64.rpm
libsoup-devel-2.56.0-4.el7_4.aarch64.rpm

ppc64:
libsoup-2.56.0-4.el7_4.ppc.rpm
libsoup-2.56.0-4.el7_4.ppc64.rpm
libsoup-debuginfo-2.56.0-4.el7_4.ppc.rpm
libsoup-debuginfo-2.56.0-4.el7_4.ppc64.rpm
libsoup-devel-2.56.0-4.el7_4.ppc.rpm
libsoup-devel-2.56.0-4.el7_4.ppc64.rpm

ppc64le:
libsoup-2.56.0-4.el7_4.ppc64le.rpm
libsoup-debuginfo-2.56.0-4.el7_4.ppc64le.rpm
libsoup-devel-2.56.0-4.el7_4.ppc64le.rpm

s390x:
libsoup-2.56.0-4.el7_4.s390.rpm
libsoup-2.56.0-4.el7_4.s390x.rpm
libsoup-debuginfo-2.56.0-4.el7_4.s390.rpm
libsoup-debuginfo-2.56.0-4.el7_4.s390x.rpm
libsoup-devel-2.56.0-4.el7_4.s390.rpm
libsoup-devel-2.56.0-4.el7_4.s390x.rpm

x86_64:
libsoup-2.56.0-4.el7_4.i686.rpm
libsoup-2.56.0-4.el7_4.x86_64.rpm
libsoup-debuginfo-2.56.0-4.el7_4.i686.rpm
libsoup-debuginfo-2.56.0-4.el7_4.x86_64.rpm
libsoup-devel-2.56.0-4.el7_4.i686.rpm
libsoup-devel-2.56.0-4.el7_4.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
libsoup-2.56.0-4.el7_4.src.rpm

x86_64:
libsoup-2.56.0-4.el7_4.i686.rpm
libsoup-2.56.0-4.el7_4.x86_64.rpm
libsoup-debuginfo-2.56.0-4.el7_4.i686.rpm
libsoup-debuginfo-2.56.0-4.el7_4.x86_64.rpm
libsoup-devel-2.56.0-4.el7_4.i686.rpm
libsoup-devel-2.56.0-4.el7_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-2885
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.

[RHSA-2017:1832-01] Important: Red Hat JBoss Fuse/A-MQ 6.3 R4 security and bug fix update

2017-08-10 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: Red Hat JBoss Fuse/A-MQ 6.3 R4 security and bug 
fix update
Advisory ID:   RHSA-2017:1832-01
Product:   Red Hat JBoss Fuse
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1832
Issue date:2017-08-10
CVE Names: CVE-2015-6644 CVE-2016-8749 CVE-2016-9879 
   CVE-2017-2589 CVE-2017-2594 CVE-2017-3156 
   CVE-2017-5643 CVE-2017-5653 CVE-2017-5656 
   CVE-2017-5929 CVE-2017-7957 
=

1. Summary:

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint,
flexible, open source enterprise service bus and integration platform. Red
Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant
messaging system that is tailored for use in mission critical applications.

This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ
6.3. It includes bug fixes and enhancements, which are documented in the
readme.txt file included with the patch files.

Security Fix(es):

* It was discovered that the hawtio servlet uses a single HttpClient
instance to proxy requests with a persistent cookie store (cookies are
stored locally and are not passed between the client and the end URL) which
means all clients using that proxy are sharing the same cookies.
(CVE-2017-2589)

* It was found that an information disclosure flaw in Bouncy Castle could
enable a local malicious application to gain access to user's private
information. (CVE-2015-6644)

* It was found that Apache Camel's camel-jackson and camel-jacksonxml
components are vulnerable to Java object de-serialisation vulnerability.
De-serializing untrusted data can lead to security flaws as demonstrated in
various similar reports about Java de-serialization issues. (CVE-2016-8749)

* It was found that Spring Security does not consider URL path parameters
when processing security constraints. By adding a URL path parameter with
an encoded / to a request an attacker may be able to bypass a security
constraint. (CVE-2016-9879)

* It was found that a path traversal vulnerability in hawtio leads to a
NullPointerException with a full stacktrace. An attacker could use this
flaw to gather undisclosed information from within hawtio's root.
(CVE-2017-2594)

* It was found that Apache CXF OAuth2 Hawk and JOSE MAC Validation code is
not using a constant time MAC signature comparison algorithm which may be
exploited by some sophisticated timing attacks. It may only affect OAuth2
Hawk, JWT access tokens, or JOSE JWS/JWE interceptors which depend on HMAC
secret key algorithms. (CVE-2017-3156)

* It was found that Apache Camel's validation component evaluates DTD
headers of XML stream sources, although a validation against XML schemas
(XSD) is executed. Remote attackers can use this feature to make
Server-Side Request Forgery (SSRF) attacks by sending XML documents with
remote DTDs URLs or XML External Entities (XXE). (CVE-2017-5643)

* It was found that a flaw exists in JAX-RS clients using the streaming
approach for XML signatures and encryption, where it does not enforce the
message to be signed/encrypted. This could allow an attacker to subvert the
integrity of the message. (CVE-2017-5653)

* It was found that the token cacher in Apache cxf uses a flawed way of
caching tokens that are associated with the delegation token received from
Security Token Service (STS). This vulnerability could allow an attacker to
craft a token which could return an identifier corresponding to a cached
token for another user. (CVE-2017-5656)

* It was found that logback is vulnerable to a deserialization issue.
Logback can be configured to allow remote logging through
SocketServer/ServerSocketReceiver interfaces that can accept untrusted
serialized data. Authenticated attackers on the adjacent network can
leverage this vulnerability to execute arbitrary code through
deserialization of custom gadget chains. (CVE-2017-5929)

* It was found that XStream contains a vulnerability that allows a
maliciously crafted file to be parsed successfully which could cause an
application crash. The crash occurs if the file that is being fed into
XStream input stream contains an instances of the primitive type 'void'. An
attacker could use this flaw to create a denial of service on the target
system. (CVE-2017-7957)

The CVE-2017-2589 issue was discovered by Adam Willard (Blue Canopy) and
Dennis

[RHSA-2017:2456-01] Critical: firefox security update

2017-08-10 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: firefox security update
Advisory ID:   RHSA-2017:2456-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2456
Issue date:2017-08-10
CVE Names: CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 
   CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 
   CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 
   CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 
   CVE-2017-7803 CVE-2017-7807 CVE-2017-7809 
=

1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 6 and
Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Mozilla Firefox is an open source web browser.

This update upgrades Firefox to version 52.3.0 ESR.

Security Fix(es):

* Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2017-7779, CVE-2017-7798, CVE-2017-7800, CVE-2017-7801,
CVE-2017-7753, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787,
CVE-2017-7792, CVE-2017-7802, CVE-2017-7807, CVE-2017-7809, CVE-2017-7791,
CVE-2017-7803)

Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Mozilla developers and community, Frederik Braun,
Looben Yang, Nils, SkyLined, Oliver Wagner, Fraser Tweedale, Mathias
Karlsson, Jose María Acuña, and Rhys Enniks as the original reporters.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1479188 - CVE-2017-7753 Mozilla: Out-of-bounds read with cached style data and 
pseudo-elements (MFSA 2017-19)
1479191 - CVE-2017-7779 Mozilla: Memory safety bugs fixed in Firefox 55 and 
Firefox ESR 52.3 (MFSA 2017-19)
1479201 - CVE-2017-7784 Mozilla: Use-after-free with image observers (MFSA 
2017-19)
1479203 - CVE-2017-7785 Mozilla: Buffer overflow manipulating ARIA elements in 
DOM (MFSA 2017-19)
1479205 - CVE-2017-7786 Mozilla: Buffer overflow while painting non-displayable 
SVG (MFSA 2017-19)
1479206 - CVE-2017-7787 Mozilla: Same-origin policy bypass with iframes through 
page reloads (MFSA 2017-19)
1479209 - CVE-2017-7791 Mozilla: Spoofing following page navigation with data: 
protocol and modal alerts (MFSA 2017-19)
1479210 - CVE-2017-7792 Mozilla: Buffer overflow viewing certificates with long 
OID (MFSA 2017-19)
1479213 - CVE-2017-7798 Mozilla: XUL injection in the style editor in devtools 
(MFSA 2017-19)
1479218 - CVE-2017-7800 Mozilla: Use-after-free in WebSockets during 
disconnection (MFSA 2017-19)
1479223 - CVE-2017-7801 Mozilla: Use-after-free with marquee during window 
resizing (MFSA 2017-19)
1479224 - CVE-2017-7802 Mozilla: Use-after-free resizing image elements (MFSA 
2017-19)
1479225 - CVE-2017-7803 Mozilla: CSP directives improperly applied with sandbox 
flag in iframes (MFSA 2017-19)
1479227 - CVE-2017-7807 Mozilla: Domain hijacking through appcache fallback 
(MFSA 2017-19)
1479650 - CVE-2017-7809 Mozilla: Use-after-free while deleting attached editor 
DOM node (MFSA 2017-19)

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
firefox-52.3.0-3.el6_9.src.rpm

i386:
firefox-52.3.0-3.el6_9.i686.rpm
firefox-debuginfo-52.3.0-3.el6_9.i686.rpm

x86_64:
firefox-52.3.0-3.el6_9.x86_64.rpm
firefox-debuginfo-52.3.0-3.el6_9.x86_64.rpm

Red Hat Enterprise

[RHSA-2017:2469-01] Critical: java-1.8.0-ibm security update

2017-08-14 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: java-1.8.0-ibm security update
Advisory ID:   RHSA-2017:2469-01
Product:   Red Hat Enterprise Linux Supplementary
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2469
Issue date:2017-08-14
CVE Names: CVE-2017-10053 CVE-2017-10067 CVE-2017-10078 
   CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 
   CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 
   CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 
   CVE-2017-10109 CVE-2017-10110 CVE-2017-10115 
   CVE-2017-10116 CVE-2017-10243 
=

1. Summary:

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux
6 Supplementary and Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client Supplementary (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Supplementary (v. 7) - x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, 
x86_64
Red Hat Enterprise Linux Server Supplementary (v. 7) - ppc64, ppc64le, s390x, 
x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 7) - x86_64

3. Description:

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM
Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR4-FP10.

Security Fix(es):

* This update fixes multiple vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Further information
about these flaws can be found on the IBM Java Security Vulnerabilities
page listed in the References section. (CVE-2017-10053, CVE-2017-10067,
CVE-2017-10078, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090,
CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105,
CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110,
CVE-2017-10115, CVE-2017-10116, CVE-2017-10243)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take
effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1471266 - CVE-2017-10107 OpenJDK: insufficient access control checks in 
ActivationID (RMI, 8173697)
1471270 - CVE-2017-10089 OpenJDK: insufficient access control checks in 
ServiceRegistry (ImageIO, 8172461)
1471517 - CVE-2017-10090 OpenJDK: insufficient access control checks in 
AsynchronousChannelGroupImpl (8172465, Libraries)
1471521 - CVE-2017-10087 OpenJDK: insufficient access control checks in 
ThreadPoolExecutor (Libraries, 8172204)
1471523 - CVE-2017-10110 OpenJDK: insufficient access control checks in 
ImageWatched (AWT, 8174098)
1471527 - CVE-2017-10101 OpenJDK: unrestricted access to 
com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)
1471528 - CVE-2017-10096 OpenJDK: insufficient access control checks in XML 
transformations (JAXP, 8172469)
1471535 - CVE-2017-10067 OpenJDK: JAR verifier incorrect handling of missing 
digest (Security, 8169392)
1471670 - CVE-2017-10109 OpenJDK: unbounded memory allocation in CodeSource 
deserialization (Serialization, 8174113)
1471738 - CVE-2017-10116 OpenJDK: LDAPCertStore following referrals to non-LDAP 
URLs (Security, 8176067)
1471851 - CVE-2017-10115 OpenJDK: DSA implementation timing attack (JCE, 
8175106)
1471888 - CVE-2017-10108 OpenJDK: unbounded memory allocation in BasicAttribute 
deserialization (Serialization, 8174105)
1471889 - CVE-2017-10053 OpenJDK: reading of unprocessed image data in 
JPEGImageReader (2D, 8169209)
1471898 - CVE-2017-10078 OpenJDK: Nashorn incompletely blocking access to Java 
APIs (Scripting, 8171539)
1472345 - CVE-2017-10102 OpenJDK: incorrect handling of references in DGC (RMI, 
8163958)
1472666 - CVE-2017-10243 OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 
8182054)
1472667 - CVE-2017-10105 Oracle JDK: unspecified vulnerability fixed in 6u161, 
7u151, and 8u141 (Deployment)

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
java-1.8.0-ibm-1.8.0.4.10-1jpp.1.el6_9.i686.rpm
java-1.8.0-ibm-demo-1.8.0.4.10-1jpp.1.el6_9.i686.rpm
java-1.8.0-ibm-devel-1.8.0.4.10-1jpp.1.el6_9.i686.rpm

[RHSA-2017:2486-01] Important: groovy security update

2017-08-16 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: groovy security update
Advisory ID:   RHSA-2017:2486-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2486
Issue date:2017-08-17
CVE Names: CVE-2016-6814 
=

1. Summary:

An update for groovy is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client Optional (v. 7) - noarch
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch
Red Hat Enterprise Linux Server Optional (v. 7) - noarch
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch

3. Description:

Groovy is an agile and dynamic language for the Java Virtual Machine, built
upon Java with features inspired by languages like Python, Ruby, and
Smalltalk. It seamlessly integrates with all existing Java objects and
libraries and compiles straight to Java bytecode so you can use it anywhere
you can use Java.

Security Fix(es):

* It was found that a flaw in Apache groovy library allows remote code
execution wherever deserialization occurs in the application. It is
possible for an attacker to craft a special serialized object that will
execute code directly when deserialized. All applications which rely on
serialization and do not isolate the code which deserializes objects are
subject to this vulnerability. (CVE-2016-6814)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1413466 - CVE-2016-6814 Apache Groovy: Remote code execution via deserialization

6. Package List:

Red Hat Enterprise Linux Client Optional (v. 7):

Source:
groovy-1.8.9-8.el7_4.src.rpm

noarch:
groovy-1.8.9-8.el7_4.noarch.rpm
groovy-javadoc-1.8.9-8.el7_4.noarch.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
groovy-1.8.9-8.el7_4.src.rpm

noarch:
groovy-1.8.9-8.el7_4.noarch.rpm
groovy-javadoc-1.8.9-8.el7_4.noarch.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

Source:
groovy-1.8.9-8.el7_4.src.rpm

noarch:
groovy-1.8.9-8.el7_4.noarch.rpm
groovy-javadoc-1.8.9-8.el7_4.noarch.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

Source:
groovy-1.8.9-8.el7_4.src.rpm

noarch:
groovy-1.8.9-8.el7_4.noarch.rpm
groovy-javadoc-1.8.9-8.el7_4.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2016-6814
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZlQLVXlSAg2UNWIIRArIUAJ9FMmSNHsR5i8T4JBYtYWYlhBnSswCgjDJx
/O4MojSWGQwnIEyjuUKPEMw=
=71zf
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2457-01] Critical: flash-plugin security update

2017-08-10 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: flash-plugin security update
Advisory ID:   RHSA-2017:2457-01
Product:   Red Hat Enterprise Linux Supplementary
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2457
Issue date:2017-08-10
CVE Names: CVE-2017-3085 CVE-2017-3106 
=

1. Summary:

An update for flash-plugin is now available for Red Hat Enterprise Linux 6
Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.

This update upgrades Flash Player to version 26.0.0.151.

Security Fix(es):

* This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities, detailed in the Adobe Security Bulletin listed in the
References section, could allow an attacker to create a specially crafted
SWF file that would cause flash-plugin to crash, execute arbitrary code, or
disclose sensitive information when the victim loaded a page containing the
malicious SWF content. (CVE-2017-3085, CVE-2017-3106)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1479887 - CVE-2017-3106 flash-plugin: Remote Code Execution due to Type 
Confusion issue fixed in APSB17-23
1479888 - CVE-2017-3085 flash-plugin: Information Disclosure via Security 
Bypass issue fixed in APSB17-23

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
flash-plugin-26.0.0.151-1.el6_9.i686.rpm

x86_64:
flash-plugin-26.0.0.151-1.el6_9.i686.rpm

Red Hat Enterprise Linux Server Supplementary (v. 6):

i386:
flash-plugin-26.0.0.151-1.el6_9.i686.rpm

x86_64:
flash-plugin-26.0.0.151-1.el6_9.i686.rpm

Red Hat Enterprise Linux Workstation Supplementary (v. 6):

i386:
flash-plugin-26.0.0.151-1.el6_9.i686.rpm

x86_64:
flash-plugin-26.0.0.151-1.el6_9.i686.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-3085
https://access.redhat.com/security/cve/CVE-2017-3106
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb17-23.html

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZjDiCXlSAg2UNWIIRAgqtAJ9iIVnUE5HymMdzqU0AJCTWi3YL6QCeNxqL
LLLRvoXgWUk7rcTd0FGc2XM=
=jLEB
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1731-01] Critical: flash-plugin security update

2017-07-12 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: flash-plugin security update
Advisory ID:   RHSA-2017:1731-01
Product:   Red Hat Enterprise Linux Supplementary
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1731
Issue date:2017-07-12
CVE Names: CVE-2017-3080 CVE-2017-3099 CVE-2017-3100 
=

1. Summary:

An update for flash-plugin is now available for Red Hat Enterprise Linux 6
Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.

This update upgrades Flash Player to version 26.0.0.137.

Security Fix(es):

* This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities, detailed in the Adobe Security Bulletin listed in the
References section, could allow an attacker to create a specially crafted
SWF file that would cause flash-plugin to crash, execute arbitrary code, or
disclose sensitive information when the victim loaded a page containing the
malicious SWF content. (CVE-2017-3080, CVE-2017-3099, CVE-2017-3100)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1469762 - CVE-2017-3099 flash-plugin: code execution issue fixed in APSB17-21
1469763 - CVE-2017-3080 CVE-2017-3100 flash-plugin: code execution issue fixed 
in APSB17-21

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
flash-plugin-26.0.0.137-1.el6_9.i686.rpm

x86_64:
flash-plugin-26.0.0.137-1.el6_9.i686.rpm

Red Hat Enterprise Linux Server Supplementary (v. 6):

i386:
flash-plugin-26.0.0.137-1.el6_9.i686.rpm

x86_64:
flash-plugin-26.0.0.137-1.el6_9.i686.rpm

Red Hat Enterprise Linux Workstation Supplementary (v. 6):

i386:
flash-plugin-26.0.0.137-1.el6_9.i686.rpm

x86_64:
flash-plugin-26.0.0.137-1.el6_9.i686.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-3080
https://access.redhat.com/security/cve/CVE-2017-3099
https://access.redhat.com/security/cve/CVE-2017-3100
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb17-21.html

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZZeNwXlSAg2UNWIIRAoV0AJ9xN6/tWlXlDji2/AmnD+uFI3LUKwCgg75/
WpLadlpf+E1wIDGr/CSq/1U=
=PRvr
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1723-01] Important: kernel security and bug fix update

2017-07-11 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security and bug fix update
Advisory ID:   RHSA-2017:1723-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1723
Issue date:2017-07-11
CVE Names: CVE-2017-7895 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

Bug Fix(es):

* If several file operations were started after a mounted NFS share had got
idle and its Transmission Control Protocol (TCP) connection had therefore
been terminated, these operations could cause multiple TCP SYN packets
coming from the NFS client instead of one. With this update, the
reconnection logic has been fixed, and only one TCP SYN packet is now sent
in the described situation. (BZ#1450850)

* When the ixgbe driver was loaded for a backplane-connected network card,
a kernel panic could occur, because the ops.setup_fc function pointer was
used before the initialization. With this update, ops.setup_fc is
initialized earlier. As a result, ixgbe no longer panics on load.
(BZ#1457347)

* When setting an Access Control List (ACL) with 190 and more Access
Control Entries (ACEs) on a NFSv4 directory, a kernel crash could
previously occur. This update fixes the nfs4_getfacl() function, and the
kernel no longer crashes under the described circumstances. (BZ#1449096)

* When upgrading to kernel with the fix for stack guard flaw, a crash could
occur in Java Virtual Machine (JVM) environments, which attempted to
implement their own stack guard page. With this update, the underlying
source code has been fixed to consider the PROT_NONE mapping as a part of
the stack, and the crash in JVM no longer occurs under the described
circumstances. (BZ#147)

* When a program receives IPv6 packets using the raw socket, the
ioctl(FIONREAD) and ioctl(SIOCINQ) functions can incorrectly return zero
waiting bytes. This update fixes the ip6_input_finish() function to check
the raw payload size properly. As a result, the ioctl() function now
returns bytes waiting in the raw socket correctly. (BZ#1450870)

* Previously, listing a directory on a non-standard XFS filesystem (with
non-default multi-fsb directory blocks) could lead to a soft lock up due to
array index overrun in the xfs_dir2_leaf_readbuf() function. This update
fixes xfs_dir2_leaf_readbuf(), and the soft lock up no longer occurs under
the described circumstances. (BZ#1445179)

* Previously, aborts from the array after the Storage Area Network (SAN)
fabric back-pressure led to premature reuse of still valid sequence with
the same OX_ID. Consequently, an error message and data corruption could
occur. This update fixes the libfc driver to isolate the timed out OX_IDs,
thus fixing this bug. (BZ#140)

* Previously, a kernel panic occurred when the mcelog daemon executed a
huge page memory offline. This update fixes the HugeTLB feature of the
Linux kernel to check for the Page Table Entry (PTE) NULL pointer in the
page_check_address() function. As a result, the kernel panic no longer
occurs under the described circumstances. (BZ#1444351)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1446103 - CVE-2017-7895

[RHSA-2017:1721-01] Moderate: httpd security and bug fix update

2017-07-11 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: httpd security and bug fix update
Advisory ID:   RHSA-2017:1721-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1721
Issue date:2017-07-11
CVE Names: CVE-2016-8743 
=

1. Summary:

An update for httpd is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient,
and extensible web server.

Security Fix(es):

* It was discovered that the HTTP parser in httpd incorrectly allowed
certain characters not permitted by the HTTP protocol specification to
appear unencoded in HTTP request headers. If httpd was used in conjunction
with a proxy or backend server that interpreted those characters
differently, a remote attacker could possibly use this flaw to inject data
into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)

Note: The fix for the CVE-2016-8743 issue causes httpd to return "400 Bad
Request" error to HTTP clients which do not strictly follow HTTP protocol
specification. A newly introduced configuration directive
"HttpProtocolOptions Unsafe" can be used to re-enable the old less strict
parsing. However, such setting also re-introduces the CVE-2016-8743 issue.

Note: Administrators of Red Hat Satellite 5 and Red Hat Satellite Proxy 5
systems should consult Red Hat Knowledgebase article 3013361 linked to in
the Reference section before installing this update.

Bug Fix(es):

* Previously, httpd was unable to correctly check a boundary of an array,
and in rare cases it attempted to access an element of an array that was
out of bounds. Consequently, httpd terminated unexpectedly with a
segmentation fault at proxy_util.c. With this update, bounds checking has
been fixed, and httpd no longer crashes. (BZ#1463354)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, the httpd daemon will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects
1463354 - segfault in ap_proxy_set_scoreboard_lb

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
httpd-2.2.15-60.el6_9.4.src.rpm

i386:
httpd-2.2.15-60.el6_9.4.i686.rpm
httpd-debuginfo-2.2.15-60.el6_9.4.i686.rpm
httpd-tools-2.2.15-60.el6_9.4.i686.rpm

x86_64:
httpd-2.2.15-60.el6_9.4.x86_64.rpm
httpd-debuginfo-2.2.15-60.el6_9.4.x86_64.rpm
httpd-tools-2.2.15-60.el6_9.4.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386:
httpd-debuginfo-2.2.15-60.el6_9.4.i686.rpm
httpd-devel-2.2.15-60.el6_9.4.i686.rpm
mod_ssl-2.2.15-60.el6_9.4.i686.rpm

noarch:
httpd-manual-2.2.15-60.el6_9.4.noarch.rpm

x86_64:
httpd-debuginfo-2.2.15-60.el6_9.4.i686.rpm
httpd-debuginfo-2.2.15-60.el6_9.4.x86_64.rpm
httpd-devel-2.2.15-60.el6_9.4.i686.rpm
httpd-devel-2.2.15-60.el6_9.4.x86_64.rpm
mod_ssl-2.2.15-60.el6_9.4.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
httpd-2.2.15-60.el6_9.4.src.rpm

x86_64:
httpd-2.2.15-60.el6_9.4.x86_64.rpm
httpd-debuginfo-2.2.15-60.el6_9.4.x86_64.rpm
httpd-tools-2.2.15-60.el6_9.4.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

noarch:
httpd-manual-2.2.15-60.el6_9.4.noarch.rpm

x86_64:
httpd-debuginfo-2.2.15-60.el6_9.4.i686.rpm
httpd-debuginfo-2.2.15-60.el6_9.4.x86_64.rpm
httpd-devel-2.2.15-60.el6_9.4.i686.rpm
httpd-devel-2.2.15-60.el6_9.4.x86_64.rpm
mod_ssl-2.2.15-60.el6_9.4.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
httpd-2.2.15-60.el6_9.4.src.rpm

i386:
httpd-2.2.15-60.el6_9.4.i686.rpm
httpd-debuginfo-2.2.15-60.el6_9.4.i686.rpm
httpd-devel-2.2.15-60.el6_9.4.i686.rpm
httpd-tools-2.2.15-60.el6_9.4.i686.rpm
mod_ssl-2.2.15-60.el6_9.4.i686.rpm

noarch:
httpd-manual-2.2.15-60.el6_9.4.noarch.rpm

ppc64:
httpd-2.2.15-60.el6_9.4.ppc64.rpm
httpd-debuginfo-2.2.15-60.el6_9.4.ppc.rpm
httpd-debuginfo-2.2.15-60.el6_9.4.ppc64.rpm

[RHSA-2017:1712-01] Important: Red Hat 3scale API Management Platform 2.0.0 security update

2017-07-06 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: Red Hat 3scale API Management Platform 2.0.0 
security update
Advisory ID:   RHSA-2017:1712-01
Product:   Red Hat 3scale API Management Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1712
Issue date:2017-07-06
CVE Names: CVE-2017-1000364 CVE-2017-1000366 CVE-2017-7502 
   CVE-2017-7512 
=

1. Summary:

A security update for Red Hat 3scale API Management Platform 2.0.0 is now
available from the Red Hat Container Catalog.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat 3scale API Management Platform 2.0 is a platform for the management
of access and traffic for web-based APIs across a variety of deployment
options. 

Security Fix(es):

* It was found that RH-3scale AMP would permit creation of an access token
without a client secret. An attacker could use this flaw to circumvent
authentication controls and gain access to restricted APIs. (CVE-2017-7512)

The underlying container image was also rebuilt to resolve other security
issues. These were addressed via the following errata:
* https://access.redhat.com/errata/RHSA-2017:1365
* https://access.redhat.com/errata/RHSA-2017:1481
* https://access.redhat.com/errata/RHSA-2017:1484

Red Hat would like to thank Ryan Nauman (TruCode) for reporting the
CVE-2017-7512 issue.

3. Solution:

To apply this security fix, use the updated docker images.

4. Bugs fixed (https://bugzilla.redhat.com/):

1457997 - CVE-2017-7512 3scale AMP: validation bypass in oauth

5. References:

https://access.redhat.com/security/cve/CVE-2017-1000364
https://access.redhat.com/security/cve/CVE-2017-1000366
https://access.redhat.com/security/cve/CVE-2017-7502
https://access.redhat.com/security/cve/CVE-2017-7512
https://access.redhat.com/security/updates/classification/#important

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZXnRrXlSAg2UNWIIRAt8CAJ4z6GgABbXchEezh/jexuz0bTzY/gCbBwX7
C05p9KDlior7f7DTvXKIt4g=
=Iw0h
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1759-01] Important: freeradius security update

2017-07-17 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: freeradius security update
Advisory ID:   RHSA-2017:1759-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1759
Issue date:2017-07-18
CVE Names: CVE-2017-10978 CVE-2017-10979 CVE-2017-10980 
   CVE-2017-10981 CVE-2017-10982 CVE-2017-10983 
=

1. Summary:

An update for freeradius is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

FreeRADIUS is a high-performance and highly configurable free Remote
Authentication Dial In User Service (RADIUS) server, designed to allow
centralized authentication and authorization for a network.

Security Fix(es):

* An out-of-bounds write flaw was found in the way FreeRADIUS server
handled certain attributes in request packets. A remote attacker could use
this flaw to crash the FreeRADIUS server or to execute arbitrary code in
the context of the FreeRADIUS server process by sending a specially crafted
request packet. (CVE-2017-10979)

* An out-of-bounds read and write flaw was found in the way FreeRADIUS
server handled RADIUS packets. A remote attacker could use this flaw to
crash the FreeRADIUS server by sending a specially crafted RADIUS packet.
(CVE-2017-10978)

* Multiple memory leak flaws were found in the way FreeRADIUS server
handled decoding of DHCP packets. A remote attacker could use these flaws
to cause the FreeRADIUS server to consume an increasing amount of memory
resources over time, possibly leading to a crash due to memory exhaustion,
by sending specially crafted DHCP packets. (CVE-2017-10980, CVE-2017-10981)

* Multiple out-of-bounds read flaws were found in the way FreeRADIUS server
handled decoding of DHCP packets. A remote attacker could use these flaws
to crash the FreeRADIUS server by sending a specially crafted DHCP request.
(CVE-2017-10982, CVE-2017-10983)

Red Hat would like to thank the FreeRADIUS project for reporting these
issues. Upstream acknowledges Guido Vranken as the original reporter of
these issues.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1468487 - CVE-2017-10978 freeradius: Out-of-bounds read/write due to improper 
output buffer size check in make_secret()
1468490 - CVE-2017-10979 freeradius: Out-of-bounds write in rad_coalesce()
1468493 - CVE-2017-10980 freeradius: Memory leak in decode_tlv()
1468495 - CVE-2017-10981 freeradius: Memory leak in fr_dhcp_decode()
1468498 - CVE-2017-10982 freeradius: Out-of-bounds read in 
fr_dhcp_decode_options()
1468503 - CVE-2017-10983 freeradius: Out-of-bounds read in fr_dhcp_decode() 
when decoding option 63

6. Package List:

Red Hat Enterprise Linux Server (v. 6):

Source:
freeradius-2.2.6-7.el6_9.src.rpm

i386:
freeradius-2.2.6-7.el6_9.i686.rpm
freeradius-debuginfo-2.2.6-7.el6_9.i686.rpm

ppc64:
freeradius-2.2.6-7.el6_9.ppc64.rpm
freeradius-debuginfo-2.2.6-7.el6_9.ppc64.rpm

s390x:
freeradius-2.2.6-7.el6_9.s390x.rpm
freeradius-debuginfo-2.2.6-7.el6_9.s390x.rpm

x86_64:
freeradius-2.2.6-7.el6_9.x86_64.rpm
freeradius-debuginfo-2.2.6-7.el6_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

i386:
freeradius-debuginfo-2.2.6-7.el6_9.i686.rpm
freeradius-krb5-2.2.6-7.el6_9.i686.rpm
freeradius-ldap-2.2.6-7.el6_9.i686.rpm
freeradius-mysql-2.2.6-7.el6_9.i686.rpm
freeradius-perl-2.2.6-7.el6_9.i686.rpm
freeradius-postgresql-2.2.6-7.el6_9.i686.rpm
freeradius-python-2.2.6-7.el6_9.i686.rpm
freeradius-unixODBC-2.2.6-7.el6_9.i686.rpm
freeradius-utils-2.2.6-7.el6_9.i686.rpm

ppc64:
freeradius-debuginfo-2.2.6-7.el6_9.ppc64.rpm
freeradius-krb5-2.2.6-7.el6_9.ppc64.rpm
freeradius-ldap-2.2.6-7.el6_9.ppc64.rpm
freeradius-mysql-2.2.6-7.el6_9.ppc64.rpm
freeradius-perl-2.2.6-7.el6_9.ppc64.rpm
freeradius-postgresql-2.2.6-7.el6_9.ppc64.rpm
freeradius-python-2.2.6-7.el6_9.ppc64.rpm
freeradius-unixODBC-2.2.6-7.el6_9.ppc64.rpm
freeradius-utils-2.2.6-7.el6_9.ppc64.rpm

s390x:
freeradius-debuginfo-2.2.6-7.el6_9.s390x.rpm
freeradius-krb5-2.2.6-7.el6_9.s390x.rpm
freeradius-ldap-2.2.6-7.el6_9.s390x.rpm

[RHSA-2017:1766-01] Important: kernel security and bug fix update

2017-07-18 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security and bug fix update
Advisory ID:   RHSA-2017:1766-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1766
Issue date:2017-07-18
CVE Names: CVE-2017-7895 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.2
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.2) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.2) - noarch, ppc64, ppc64le, s390x, 
x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.2) - ppc64, ppc64le, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

Bug Fix(es):

* Previously, a race condition between Linux kernel module error handling
and kprobe registration code existed in the Linux kernel. The protection
that was applied during module error handling code could be overridden by
kprobe registration code before the module was deallocated. Consequently,
the mapped page could be freed and become not 'writable'. When this page
was later accessed, a page fault occurred, which led to a kernel panic.
This update fixes the race condition, and the kernel no longer panics due
to this bug. (BZ#1454683)

* Due to a race with another NFS mount, the nfs41_walk_client_list()
function previously established a lease on the nfs_client pointer before
the check for trunking was finished. This update ensures the processes
follow the correct order and the race no longer occurs in this scenario.
(BZ#1447383)

* If a duplicate IPv6 address or an issue setting an address was present in
the net/ipv6/addrconf.c file, a race condition occurred that could cause an
IFP refcount leak. Attempts to unregister a netdevice then produced
"Unregister Netdevice Failed" error messages. The provided patch fixes this
bug, and race conditions no longer occur in this situation. (BZ#1449103)

* Previously, subtracting from vCPU threads could cause a steal_time
overflow on QEMU live migration. This update makes sure steal_time
accumulation to vCPU entry time is moved before copying steal_time data to
QEMU guest, thus fixing this bug. (BZ#1274919)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload 
bounds checking of WRITE requests

6. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.2):

Source:
kernel-3.10.0-327.58.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-327.58.1.el7.noarch.rpm
kernel-doc-3.10.0-327.58.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-327.58.1.el7.x86_64.rpm
kernel-debug-3.10.0-327.58.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-327.58.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-327.58.1.el7.x86_64.rpm
kernel-devel-3.10.0-327.58.1.el7.x86_64.rpm
kernel-headers-3.10.0-327.58.1.el7.x86_64.rpm
kernel-tools-3.10.0-327.58.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-327.58.1.el7.x86_64.rpm
perf-3.10.0-327.58.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm
python-perf-3.10.0-327.58.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2):

x86_64:
kernel-debug-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-327.58.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-327.58.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-327.58.1.el7.x86_64.rpm

[RHSA-2017:1790-01] Critical: java-1.8.0-oracle security update

2017-07-20 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: java-1.8.0-oracle security update
Advisory ID:   RHSA-2017:1790-01
Product:   Oracle Java for Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1790
Issue date:2017-07-20
CVE Names: CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 
   CVE-2017-10078 CVE-2017-10081 CVE-2017-10086 
   CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 
   CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 
   CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 
   CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 
   CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 
   CVE-2017-10118 CVE-2017-10135 CVE-2017-10176 
   CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 
=

1. Summary:

An update for java-1.8.0-oracle is now available for Oracle Java for Red
Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64
Oracle Java for Red Hat Enterprise Linux HPC Node 6 - x86_64
Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64
Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Workstation 6 - i386, x86_64

3. Description:

Oracle Java SE version 8 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.

This update upgrades Oracle Java SE 8 to version 8 Update 141.

Security Fix(es):

* This update fixes multiple vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078,
CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089,
CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102,
CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109,
CVE-2017-10110, CVE-2017-10111, CVE-2017-10114, CVE-2017-10115,
CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176,
CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Oracle Java must be restarted for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1471266 - CVE-2017-10107 OpenJDK: insufficient access control checks in 
ActivationID (RMI, 8173697)
1471270 - CVE-2017-10089 OpenJDK: insufficient access control checks in 
ServiceRegistry (ImageIO, 8172461)
1471517 - CVE-2017-10090 OpenJDK: insufficient access control checks in 
AsynchronousChannelGroupImpl (8172465, Libraries)
1471521 - CVE-2017-10087 OpenJDK: insufficient access control checks in 
ThreadPoolExecutor (Libraries, 8172204)
1471523 - CVE-2017-10110 OpenJDK: insufficient access control checks in 
ImageWatched (AWT, 8174098)
1471526 - CVE-2017-10111 OpenJDK: incorrect range checks in LambdaFormEditor 
(Libraries, 8184185)
1471527 - CVE-2017-10101 OpenJDK: unrestricted access to 
com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)
1471528 - CVE-2017-10096 OpenJDK: insufficient access control checks in XML 
transformations (JAXP, 8172469)
1471534 - CVE-2017-10074 OpenJDK: integer overflows in range check loop 
predicates (Hotspot, 8173770)
1471535 - CVE-2017-10067 OpenJDK: JAR verifier incorrect handling of missing 
digest (Security, 8169392)
1471670 - CVE-2017-10109 OpenJDK: unbounded memory allocation in CodeSource 
deserialization (Serialization, 8174113)
1471711 - CVE-2017-10081 OpenJDK: incorrect bracket processing in function 
signature handling (Hotspot, 8170966)
1471715 - CVE-2017-10193 OpenJDK: incorrect key size constraint check 
(Security, 8179101)
1471738 - CVE-2017-10116 OpenJDK: LDAPCertStore following referrals to non-LDAP 
URLs (Security, 8176067)
1471851 - CVE-2017-10115 OpenJDK: DSA implementation timing attack (JCE, 
8175106)
1471871 - CVE-2017-10135 OpenJDK: PKCS#8 implementation timing attack (JCE, 
8176760)
1471888 - CVE-2017-10108

[RHSA-2017:1789-01] Critical: java-1.8.0-openjdk security update

2017-07-20 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: java-1.8.0-openjdk security update
Advisory ID:   RHSA-2017:1789-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1789
Issue date:2017-07-20
CVE Names: CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 
   CVE-2017-10078 CVE-2017-10081 CVE-2017-10087 
   CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 
   CVE-2017-10101 CVE-2017-10102 CVE-2017-10107 
   CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 
   CVE-2017-10111 CVE-2017-10115 CVE-2017-10116 
   CVE-2017-10135 CVE-2017-10193 CVE-2017-10198 
=

1. Summary:

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise
Linux 6 and Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, 
ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime
Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* It was discovered that the DCG implementation in the RMI component of
OpenJDK failed to correctly handle references. A remote attacker could
possibly use this flaw to execute arbitrary code with the privileges of RMI
registry or a Java RMI application. (CVE-2017-10102)

* Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT,
Hotspot, and Security components in OpenJDK. An untrusted Java application
or applet could use these flaws to completely bypass Java sandbox
restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101,
CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111,
CVE-2017-10110, CVE-2017-10074, CVE-2017-10067)

* It was discovered that the LDAPCertStore class in the Security component
of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted
LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP
servers. (CVE-2017-10116)

* It was discovered that the Nashorn JavaScript engine in the Scripting
component of OpenJDK could allow scripts to access Java APIs even when
access to Java APIs was disabled. An untrusted JavaScript executed by
Nashorn could use this flaw to bypass intended restrictions.
(CVE-2017-10078)

* It was discovered that the Security component of OpenJDK could fail to
properly enforce restrictions defined for processing of X.509 certificate
chains. A remote attacker could possibly use this flaw to make Java accept
certificate using one of the disabled algorithms. (CVE-2017-10198)

* A covert timing channel flaw was found in the DSA implementation in the
JCE component of OpenJDK. A remote attacker able to make a Java application
generate DSA signatures on demand could possibly use this flaw to extract
certain information about the used key via a timing side channel.
(CVE-2017-10115)

* A covert timing channel flaw was found in the PKCS#8 implementation in
the JCE component of OpenJDK. A remote attacker able to make a Java
application repeatedly compare PKCS#8 key against an attacker controlled
value could possibly use this flaw to determine the key via a timing side
channel. (CVE-2017-10135)

* It was discovered that the BasicAttribute and CodeSource classes in
OpenJDK did not limit the amount of memory allocated when creating object
instances from a serialized form. A specially crafted serialized input
stream could cause Java to consume an excessive amount of memory.
(CVE-2017-10108,

[RHSA-2017:1792-01] Critical: java-1.6.0-sun security update

2017-07-20 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: java-1.6.0-sun security update
Advisory ID:   RHSA-2017:1792-01
Product:   Oracle Java for Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1792
Issue date:2017-07-20
CVE Names: CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 
   CVE-2017-10081 CVE-2017-10087 CVE-2017-10089 
   CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 
   CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 
   CVE-2017-10109 CVE-2017-10110 CVE-2017-10115 
   CVE-2017-10116 CVE-2017-10135 CVE-2017-10193 
   CVE-2017-10198 CVE-2017-10243 
=

1. Summary:

An update for java-1.6.0-sun is now available for Oracle Java for Red Hat
Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64
Oracle Java for Red Hat Enterprise Linux HPC Node 6 - i386, x86_64
Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64
Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Workstation 6 - i386, x86_64

3. Description:

Oracle Java SE version 6 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.

This update upgrades Oracle Java SE 6 to version 6 Update 161.

Security Fix(es):

* This update fixes multiple vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081,
CVE-2017-10087, CVE-2017-10089, CVE-2017-10096, CVE-2017-10101,
CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108,
CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116,
CVE-2017-10135, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Oracle Java must be restarted for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1471266 - CVE-2017-10107 OpenJDK: insufficient access control checks in 
ActivationID (RMI, 8173697)
1471270 - CVE-2017-10089 OpenJDK: insufficient access control checks in 
ServiceRegistry (ImageIO, 8172461)
1471521 - CVE-2017-10087 OpenJDK: insufficient access control checks in 
ThreadPoolExecutor (Libraries, 8172204)
1471523 - CVE-2017-10110 OpenJDK: insufficient access control checks in 
ImageWatched (AWT, 8174098)
1471527 - CVE-2017-10101 OpenJDK: unrestricted access to 
com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)
1471528 - CVE-2017-10096 OpenJDK: insufficient access control checks in XML 
transformations (JAXP, 8172469)
1471534 - CVE-2017-10074 OpenJDK: integer overflows in range check loop 
predicates (Hotspot, 8173770)
1471535 - CVE-2017-10067 OpenJDK: JAR verifier incorrect handling of missing 
digest (Security, 8169392)
1471670 - CVE-2017-10109 OpenJDK: unbounded memory allocation in CodeSource 
deserialization (Serialization, 8174113)
1471711 - CVE-2017-10081 OpenJDK: incorrect bracket processing in function 
signature handling (Hotspot, 8170966)
1471715 - CVE-2017-10193 OpenJDK: incorrect key size constraint check 
(Security, 8179101)
1471738 - CVE-2017-10116 OpenJDK: LDAPCertStore following referrals to non-LDAP 
URLs (Security, 8176067)
1471851 - CVE-2017-10115 OpenJDK: DSA implementation timing attack (JCE, 
8175106)
1471871 - CVE-2017-10135 OpenJDK: PKCS#8 implementation timing attack (JCE, 
8176760)
1471888 - CVE-2017-10108 OpenJDK: unbounded memory allocation in BasicAttribute 
deserialization (Serialization, 8174105)
1471889 - CVE-2017-10053 OpenJDK: reading of unprocessed image data in 
JPEGImageReader (2D, 8169209)
1472320 - CVE-2017-10198 OpenJDK: incorrect enforcement of certificate path 
restrictions (Security, 8179998)
1472345 - CVE-2017-10102 OpenJDK: incorrect handling of references in DGC (RMI, 
8163958)
1472666 - CVE-2017-10243 Oracle JDK: unspecified vulnerability fixed in 6u161,

[RHSA-2017:1791-01] Critical: java-1.7.0-oracle security update

2017-07-20 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Critical: java-1.7.0-oracle security update
Advisory ID:   RHSA-2017:1791-01
Product:   Oracle Java for Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1791
Issue date:2017-07-20
CVE Names: CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 
   CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 
   CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 
   CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 
   CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 
   CVE-2017-10110 CVE-2017-10114 CVE-2017-10115 
   CVE-2017-10116 CVE-2017-10118 CVE-2017-10135 
   CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 
   CVE-2017-10243 
=

1. Summary:

An update for java-1.7.0-oracle is now available for Oracle Java for Red
Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64
Oracle Java for Red Hat Enterprise Linux HPC Node 6 - x86_64
Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64
Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Oracle Java for Red Hat Enterprise Linux Workstation 6 - i386, x86_64

3. Description:

Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.

This update upgrades Oracle Java SE 7 to version 7 Update 151.

Security Fix(es):

* This update fixes multiple vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081,
CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090,
CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105,
CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110,
CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118,
CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198,
CVE-2017-10243)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Oracle Java must be restarted for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1471266 - CVE-2017-10107 OpenJDK: insufficient access control checks in 
ActivationID (RMI, 8173697)
1471270 - CVE-2017-10089 OpenJDK: insufficient access control checks in 
ServiceRegistry (ImageIO, 8172461)
1471517 - CVE-2017-10090 OpenJDK: insufficient access control checks in 
AsynchronousChannelGroupImpl (8172465, Libraries)
1471521 - CVE-2017-10087 OpenJDK: insufficient access control checks in 
ThreadPoolExecutor (Libraries, 8172204)
1471523 - CVE-2017-10110 OpenJDK: insufficient access control checks in 
ImageWatched (AWT, 8174098)
1471527 - CVE-2017-10101 OpenJDK: unrestricted access to 
com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)
1471528 - CVE-2017-10096 OpenJDK: insufficient access control checks in XML 
transformations (JAXP, 8172469)
1471534 - CVE-2017-10074 OpenJDK: integer overflows in range check loop 
predicates (Hotspot, 8173770)
1471535 - CVE-2017-10067 OpenJDK: JAR verifier incorrect handling of missing 
digest (Security, 8169392)
1471670 - CVE-2017-10109 OpenJDK: unbounded memory allocation in CodeSource 
deserialization (Serialization, 8174113)
1471711 - CVE-2017-10081 OpenJDK: incorrect bracket processing in function 
signature handling (Hotspot, 8170966)
1471715 - CVE-2017-10193 OpenJDK: incorrect key size constraint check 
(Security, 8179101)
1471738 - CVE-2017-10116 OpenJDK: LDAPCertStore following referrals to non-LDAP 
URLs (Security, 8176067)
1471851 - CVE-2017-10115 OpenJDK: DSA implementation timing attack (JCE, 
8175106)
1471871 - CVE-2017-10135 OpenJDK: PKCS#8 implementation timing attack (JCE, 
8176760)
1471888 - CVE-2017-10108 OpenJDK: unbounded memory allocation in BasicAttribute 
deserialization (Serialization, 8174105)
1471889 - CVE-2017-10053 OpenJDK: reading of unprocessed image data

[RHSA-2017:1793-01] Important: graphite2 security update

2017-07-20 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: graphite2 security update
Advisory ID:   RHSA-2017:1793-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1793
Issue date:2017-07-20
CVE Names: CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 
   CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 
   CVE-2017- CVE-2017-7778 
=

1. Summary:

An update for graphite2 is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Graphite2 is a project within SIL's Non-Roman Script Initiative and
Language Software Development groups to provide rendering capabilities for
complex non-Roman writing systems. Graphite can be used to create "smart
fonts" capable of displaying writing systems with various complex
behaviors. With respect to the Text Encoding Model, Graphite handles the
"Rendering" aspect of writing system implementation.

The following packages have been upgraded to a newer upstream version:
graphite2 (1.3.10).

Security Fix(es):

* Various vulnerabilities have been discovered in Graphite2. An attacker
able to trick an unsuspecting user into opening specially crafted font
files in an application using Graphite2 could exploit these flaws to
disclose potentially sensitive memory, cause an application crash, or,
possibly, execute arbitrary code. (CVE-2017-7771, CVE-2017-7772,
CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-,
CVE-2017-7778)

Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Holger Fuhrmannek and Tyson Smith as the original
reporters of these issues.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1461260 - CVE-2017-7778 Mozilla: Vulnerabilities in the Graphite 2 library 
(MFSA 2017-16)
1472212 - CVE-2017-7771 graphite2: out of bounds read in 
"graphite2::Pass::readPass"
1472213 - CVE-2017-7772 graphite2: heap-buffer-overflow write "lz4::decompress" 
(CVE-2017-7772)
1472215 - CVE-2017-7773 graphite2: heap-buffer-overflow write "lz4::decompress" 
(src/Decompressor)
1472219 - CVE-2017-7774 graphite2: out of bounds read 
"graphite2::Silf::readGraphite"
1472221 - CVE-2017-7775 graphite2: assertion error "size() > n"
1472223 - CVE-2017-7776 graphite2: heap-buffer-overflow read 
"graphite2::Silf::getClassGlyph"
1472225 - CVE-2017- graphite2: use of uninitialized memory 
"graphite2::GlyphCache::Loader::read_glyph"

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
graphite2-1.3.10-1.el7_3.src.rpm

x86_64:
graphite2-1.3.10-1.el7_3.i686.rpm
graphite2-1.3.10-1.el7_3.x86_64.rpm
graphite2-debuginfo-1.3.10-1.el7_3.i686.rpm
graphite2-debuginfo-1.3.10-1.el7_3.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
graphite2-debuginfo-1.3.10-1.el7_3.i686.rpm
graphite2-debuginfo-1.3.10-1.el7_3.x86_64.rpm
graphite2-devel-1.3.10-1.el7_3.i686.rpm
graphite2-devel-1.3.10-1.el7_3.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
graphite2-1.3.10-1.el7_3.src.rpm

x86_64:
graphite2-1.3.10-1.el7_3.i686.rpm
graphite2-1.3.10-1.el7_3.x86_64.rpm
graphite2-debuginfo-1.3.10-1.el7_3.i686.rpm
graphite2-debuginfo-1.3.10-1.el7_3.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
graphite2-debuginfo-1.3.10-1.el7_3.i686.rpm
graphite2-debuginfo-1.3.10-1.el7_3.x86_64.rpm
graphite2-devel-1.3.10-1.el7_3.i686.rpm
graphite2-devel-1.3.10-1.el7_3.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
graphite2-1.3.10-1.el7_3.src.rpm

aarch64:
graphite2-1.3.10-1.el7_3.aarch64.rpm
graphite2-debuginfo-1.3.10-1.el7_3.aarch64.rpm

ppc64:
graphite2-1.3.10-1.el7_3.ppc.rpm
graphite2-1.3.10-1.el7_3.ppc64.rpm
graphite2-debuginfo-1.3.10-1.el7_3.ppc.rpm
graphite2-debuginfo-1.3.10-1.el7_3.ppc64.rpm

ppc64le:

[RHSA-2017:1801-01] Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update

2017-07-25 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 
security update
Advisory ID:   RHSA-2017:1801-01
Product:   Red Hat JBoss Web Server
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1801
Issue date:2017-07-25
CVE Names: CVE-2017-5645 CVE-2017-5647 CVE-2017-5648 
   CVE-2017-5664 
=

1. Summary:

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and
Red Hat JBoss Web Server 3.1 for RHEL 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat JBoss Web Server 3.1 for RHEL 6 - i386, noarch, x86_64
Red Hat JBoss Web Server 3.1 for RHEL 7 - noarch, x86_64

3. Description:

Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.

This release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a
replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which
are documented in the Release Notes document linked to in the References.

Security Fix(es):

* It was found that when using remote logging with log4j socket server the
log4j server would deserialize any log event received via TCP or UDP. An
attacker could use this flaw to send a specially crafted log event that,
during deserialization, would execute arbitrary code in the context of the
logger application. (CVE-2017-5645)

* A vulnerability was discovered in tomcat's handling of pipelined requests
when "Sendfile" was used. If sendfile processing completed quickly, it was
possible for the Processor to be added to the processor cache twice. This
could lead to invalid responses or information disclosure. (CVE-2017-5647)

* A vulnerability was discovered in the error page mechanism in Tomcat's
DefaultServlet implementation. A crafted HTTP request could cause undesired
side effects, possibly including the removal or replacement of the custom
error page. (CVE-2017-5664)

* A vulnerability was discovered in tomcat. When running an untrusted
application under a SecurityManager it was possible, under some
circumstances, for that application to retain references to the request or
response objects and thereby access and/or modify information associated
with another web application. (CVE-2017-5648)

4. Solution:

Before applying the update, back up your existing Red Hat JBoss Web Server
installation (including all applications and configuration files).

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1441205 - CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when 
send file was used
1441223 - CVE-2017-5648 tomcat: Calls to application listeners did not use the 
appropriate facade object
1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability
1459158 - CVE-2017-5664 tomcat: Security constrained bypass in error page 
mechanism

6. JIRA issues fixed (https://issues.jboss.org/):

JWS-657 - tomcat-native installs RHEL apr in addition to jbcs-httpd24-httpd-libs
JWS-667 - Subject incorrectly removed from user session
JWS-695 - tomcat7_t and tomcat8_t domains are in unconfined_domain
JWS-709 - RPM missing selinux-policy dependency
JWS-716 - Backport 60087 for Tomcat 8
JWS-717 - RFC 7230/3986 url requirement that prevents unencoded curly braces 
should be optional, since it breaks existing sites
JWS-721 - CORS filter Vary header missing
JWS-725 - /usr/share/tomcat7 needs world execute permissions to function on 
openshift v2
JWS-741 - Configurations in conf.d are not applied
JWS-760 - [ASF BZ 59961] Provide an option to enable/disable processing of 
Class-Path entry in a jar's manifest file

7. Package List:

Red Hat JBoss Web Server 3.1 for RHEL 6:

Source:
log4j-eap6-1.2.16-12.redhat_3.1.ep6.el6.src.rpm
tomcat-native-1.2.8-10.redhat_10.ep7.el6.src.rpm
tomcat7-7.0.70-22.ep7.el6.src.rpm
tomcat8-8.0.36-24.ep7.el6.src.rpm

i386:
tomcat-native-1.2.8-10.redhat_10.ep7.el6.i686.rpm
tomcat-native-debuginfo-1.2.8-10.redhat_10.ep7.el6.i686.rpm

noarch:
log4j-eap6-1.2.16-12.redhat_3.1.ep6.el6.noarch.rpm
tomcat7-7.0.70-22.ep7.el6.noarch.rpm
tomcat7-admin-webapps-7.0.70-22.ep7.el6.noarch.rpm
tomcat7-docs-webapp-7.0.70-22.ep7.el6.noarch.rpm

[RHSA-2017:1802-01] Important: Red Hat JBoss Web Server Service Pack 1 security update

2017-07-25 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Important: Red Hat JBoss Web Server Service Pack 1 security
update
Advisory ID: RHSA-2017:1802-01
Product: Red Hat JBoss Web Server
Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-1802.html
Issue date:2017-07-25
CVE Names: CVE-2017-5645 CVE-2017-5647 CVE-2017-5648
CVE-2017-5664
=

1. Summary:

An update is now available for Red Hat JBoss Web Server 3.1.

2. Description:

Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.

This release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a
replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which
are documented in the Release Notes document linked to in the References.

Security Fix(es):

* It was found that when using remote logging with log4j socket server the
log4j server would deserialize any log event received via TCP or UDP. An
attacker could use this flaw to send a specially crafted log event that,
during deserialization, would execute arbitrary code in the context of the
logger application. (CVE-2017-5645)

* A vulnerability was discovered in tomcat's handling of pipelined requests
when "Sendfile" was used. If sendfile processing completed quickly, it was
possible for the Processor to be added to the processor cache twice. This
could lead to invalid responses or information disclosure. (CVE-2017-5647)

* A vulnerability was discovered in the error page mechanism in Tomcat's
DefaultServlet implementation. A crafted HTTP request could cause undesired
side effects, possibly including the removal or replacement of the custom
error page. (CVE-2017-5664)

* A vulnerability was discovered in tomcat. When running an untrusted
application under a SecurityManager it was possible, under some
circumstances, for that application to retain references to the request or
response objects and thereby access and/or modify information associated
with another web application. (CVE-2017-5648)

3. Solution:

Before applying the update, back up your existing Red Hat JBoss Web Server
installation (including all applications and configuration files).

The References section of this erratum contains a download link (you must
log in to download the update).

4. Bugs fixed (https://bugzilla.redhat.com/):

1441205 - CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when
send file was used
1441223 - CVE-2017-5648 tomcat: Calls to application listeners did not use the
appropriate facade object
1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability
1459158 - CVE-2017-5664 tomcat: Security constrained bypass in error page
mechanism

5. References:

https://access.redhat.com/security/cve/CVE-2017-5645
https://access.redhat.com/security/cve/CVE-2017-5647
https://access.redhat.com/security/cve/CVE-2017-5648
https://access.redhat.com/security/cve/CVE-2017-5664
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver=securityPatches=3.1
https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.1_Release_Notes/index.html
https://access.redhat.com/security/vulnerabilities/httpoxy
https://access.redhat.com/solutions/2435491

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iD8DBQFZd4TuXlSAg2UNWIIRAsyQAJ4vpBzwSZdS5gI+PGd1qGbvrKGARwCgtWAa
bfq2sLi0n/VBtpl/ytEfWkc=
=ylBv
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1798-01] Important: kernel security update

2017-07-24 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security update
Advisory ID:   RHSA-2017:1798-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1798
Issue date:2017-07-24
CVE Names: CVE-2017-7895 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 6.6
Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended
Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 6.6) - noarch, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64
Red Hat Enterprise Linux Server TUS (v. 6.6) - noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload 
bounds checking of WRITE requests

6. Package List:

Red Hat Enterprise Linux Server AUS (v. 6.6):

Source:
kernel-2.6.32-504.62.1.el6.src.rpm

noarch:
kernel-abi-whitelists-2.6.32-504.62.1.el6.noarch.rpm
kernel-doc-2.6.32-504.62.1.el6.noarch.rpm
kernel-firmware-2.6.32-504.62.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debug-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-504.62.1.el6.x86_64.rpm
kernel-devel-2.6.32-504.62.1.el6.x86_64.rpm
kernel-headers-2.6.32-504.62.1.el6.x86_64.rpm
perf-2.6.32-504.62.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server TUS (v. 6.6):

Source:
kernel-2.6.32-504.62.1.el6.src.rpm

noarch:
kernel-abi-whitelists-2.6.32-504.62.1.el6.noarch.rpm
kernel-doc-2.6.32-504.62.1.el6.noarch.rpm
kernel-firmware-2.6.32-504.62.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debug-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-504.62.1.el6.x86_64.rpm
kernel-devel-2.6.32-504.62.1.el6.x86_64.rpm
kernel-headers-2.6.32-504.62.1.el6.x86_64.rpm
perf-2.6.32-504.62.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 6.6):

x86_64:
kernel-debug-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-504.62.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
python-perf-2.6.32-504.62.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional TUS (v. 6.6):

x86_64:
kernel-debug-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-504.62.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
python-perf-2.6.32-504.62.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7895
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

[RHSA-2017:1787-01] Moderate: collectd security update

2017-07-19 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: collectd security update
Advisory ID:   RHSA-2017:1787-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1787
Issue date:2017-07-19
CVE Names: CVE-2017-7401 
=

1. Summary:

An update for collectd is now available for Red Hat OpenStack Platform 11.0
Operational Tools for RHEL 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 11.0 Operational Tools for RHEL 7 - x86_64

3. Description:

collectd is a small C-language daemon, which reads various system metrics
periodically and updates RRD files (creating them if necessary). Because
the daemon does not start up each time it updates files, it has a low
system footprint.

The following packages have been upgraded to a later upstream version:
collectd (5.7.2). (BZ#1460080)

Security Fix(es):

* collectd contains an infinite loop due to how the parse_packet() and
parse_part_sign_sha256() functions interact. If an instance of collectd is
configured with "SecurityLevel None" and empty "AuthFile" options, an
attacker can send crafted UDP packets that trigger the infinite loop,
causing a denial of service. (CVE-2017-7401)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1439674 - CVE-2017-7401 collectd: Infinite loop due to incorrect interaction of 
parse_packet() and parse_part_sign_sha256() functions

6. Package List:

Red Hat OpenStack Platform 11.0 Operational Tools for RHEL 7:

Source:
collectd-5.7.2-1.1.el7ost.src.rpm

x86_64:
collectd-5.7.2-1.1.el7ost.x86_64.rpm
collectd-apache-5.7.2-1.1.el7ost.x86_64.rpm
collectd-ascent-5.7.2-1.1.el7ost.x86_64.rpm
collectd-bind-5.7.2-1.1.el7ost.x86_64.rpm
collectd-ceph-5.7.2-1.1.el7ost.x86_64.rpm
collectd-curl-5.7.2-1.1.el7ost.x86_64.rpm
collectd-curl_json-5.7.2-1.1.el7ost.x86_64.rpm
collectd-curl_xml-5.7.2-1.1.el7ost.x86_64.rpm
collectd-dbi-5.7.2-1.1.el7ost.x86_64.rpm
collectd-debuginfo-5.7.2-1.1.el7ost.x86_64.rpm
collectd-disk-5.7.2-1.1.el7ost.x86_64.rpm
collectd-dns-5.7.2-1.1.el7ost.x86_64.rpm
collectd-drbd-5.7.2-1.1.el7ost.x86_64.rpm
collectd-email-5.7.2-1.1.el7ost.x86_64.rpm
collectd-generic-jmx-5.7.2-1.1.el7ost.x86_64.rpm
collectd-ipmi-5.7.2-1.1.el7ost.x86_64.rpm
collectd-iptables-5.7.2-1.1.el7ost.x86_64.rpm
collectd-ipvs-5.7.2-1.1.el7ost.x86_64.rpm
collectd-java-5.7.2-1.1.el7ost.x86_64.rpm
collectd-log_logstash-5.7.2-1.1.el7ost.x86_64.rpm
collectd-lvm-5.7.2-1.1.el7ost.x86_64.rpm
collectd-mysql-5.7.2-1.1.el7ost.x86_64.rpm
collectd-netlink-5.7.2-1.1.el7ost.x86_64.rpm
collectd-nginx-5.7.2-1.1.el7ost.x86_64.rpm
collectd-notify_desktop-5.7.2-1.1.el7ost.x86_64.rpm
collectd-notify_email-5.7.2-1.1.el7ost.x86_64.rpm
collectd-openldap-5.7.2-1.1.el7ost.x86_64.rpm
collectd-ping-5.7.2-1.1.el7ost.x86_64.rpm
collectd-postgresql-5.7.2-1.1.el7ost.x86_64.rpm
collectd-rrdcached-5.7.2-1.1.el7ost.x86_64.rpm
collectd-rrdtool-5.7.2-1.1.el7ost.x86_64.rpm
collectd-sensors-5.7.2-1.1.el7ost.x86_64.rpm
collectd-smart-5.7.2-1.1.el7ost.x86_64.rpm
collectd-snmp-5.7.2-1.1.el7ost.x86_64.rpm
collectd-turbostat-5.7.2-1.1.el7ost.x86_64.rpm
collectd-utils-5.7.2-1.1.el7ost.x86_64.rpm
collectd-virt-5.7.2-1.1.el7ost.x86_64.rpm
collectd-web-5.7.2-1.1.el7ost.x86_64.rpm
collectd-write_http-5.7.2-1.1.el7ost.x86_64.rpm
collectd-write_sensu-5.7.2-1.1.el7ost.x86_64.rpm
collectd-write_tsdb-5.7.2-1.1.el7ost.x86_64.rpm
collectd-zookeeper-5.7.2-1.1.el7ost.x86_64.rpm
libcollectdclient-5.7.2-1.1.el7ost.x86_64.rpm
perl-Collectd-5.7.2-1.1.el7ost.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7401
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZb+E0XlSAg2UNWIIRAi0KAJ4rVOYE2+nxTxSSwUDh9u6itK/uGACeMR5t
cdqdU/HrRuD3UdzhIUBoQKc=
=IpV5
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1616-01] Important: kernel-rt security and bug fix update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel-rt security and bug fix update
Advisory ID:   RHSA-2017:1616-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1616
Issue date:2017-06-28
CVE Names: CVE-2017-1000364 CVE-2017-2583 CVE-2017-6214 
   CVE-2017-7477 CVE-2017-7645 CVE-2017-7895 
=

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* A flaw was found in the way memory was being allocated on the stack for
user space binaries. If heap (or different memory region) and stack memory
regions were adjacent to each other, an attacker could use this flaw to
jump over the stack guard gap, cause controlled memory corruption on
process stack or the adjacent memory region, and thus increase their
privileges on the system. This is a kernel-side mitigation which increases
the stack guard gap size from one page to 1 MiB to make successful
exploitation of this issue more difficult. (CVE-2017-1000364, Important)

* A flaw was found in the way Linux kernel allocates heap memory to build
the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in
the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS +
1' parameter and 'NETIF_F_FRAGLIST' feature are both used together. A
remote user or process could use this flaw to potentially escalate their
privilege on a system. (CVE-2017-7477, Important)

* The NFS2/3 RPC client could send long arguments to the NFS server. These
encoded arguments are stored in an array of memory pages, and accessed
using pointer variables. Arbitrarily long arguments could make these
pointers point outside the array and cause an out-of-bounds memory access.
A remote user or program could use this flaw to crash the kernel, resulting
in denial of service. (CVE-2017-7645, Important)

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

* Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM)
support was vulnerable to an incorrect segment selector(SS) value error.
The error could occur while loading values into the SS register in long
mode. A user or process inside a guest could use this flaw to crash the
guest, resulting in DoS or potentially escalate their privileges inside the
guest. (CVE-2017-2583, Moderate)

* A flaw was found in the Linux kernel's handling of packets with the URG
flag. Applications using the splice() and tcp_splice_read() functionality
could allow a remote attacker to force the kernel to enter a condition in
which it could loop indefinitely. (CVE-2017-6214, Moderate)

Red Hat would like to thank Qualys Research Labs for reporting
CVE-2017-1000364; Ari Kauppi for reporting CVE-2017-7895; and Xiaohan Zhang
(Huawei Inc.) for reporting CVE-2017-2583.

Bug Fix(es):

* The kernel-rt packages have been upgraded to the 3.10.0-514.25.2 source
tree, which provides a number of bug fixes over the previous version.
(BZ#1452742)

* Previously, a local lock acquisition around the ip_send_unicast_reply()
function was incorrectly terminated. Consequently, a list corruption
occurred that led to a kernel panic. This update adds locking functions
around calls to ip_send_unicast_reply(). As a result, neither list
corruption nor kernel panic occur under the described circumstances.
(BZ#1455239)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1414735 - CVE-2017-2583 Kernel: Kvm: vmx/svm potential privilege escalation 
inside guest
1426542 - CVE-2017-6214 kernel: ipv4/tcp: Infinite loop in tcp_splice_read()
1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies
1445207 - CVE-2017-7477

[RHSA-2017:1615-01] Important: kernel security and bug fix update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security and bug fix update
Advisory ID:   RHSA-2017:1615-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1615
Issue date:2017-06-28
CVE Names: CVE-2017-2583 CVE-2017-6214 CVE-2017-7477 
   CVE-2017-7645 CVE-2017-7895 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* A flaw was found in the way Linux kernel allocates heap memory to build
the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in
the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS +
1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A
remote user or process could use this flaw to potentially escalate their
privilege on a system. (CVE-2017-7477, Important)

* The NFS2/3 RPC client could send long arguments to the NFS server. These
encoded arguments are stored in an array of memory pages, and accessed
using pointer variables. Arbitrarily long arguments could make these
pointers point outside the array and cause an out-of-bounds memory access.
A remote user or program could use this flaw to crash the kernel (denial of
service). (CVE-2017-7645, Important)

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

* The Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM)
support was vulnerable to an incorrect segment selector(SS) value error.
The error could occur while loading values into the SS register in long
mode. A user or process inside a guest could use this flaw to crash the
guest, resulting in DoS or potentially escalate their privileges inside the
guest. (CVE-2017-2583, Moderate)

* A flaw was found in the Linux kernel's handling of packets with the URG
flag. Applications using the splice() and tcp_splice_read() functionality
could allow a remote attacker to force the kernel to enter a condition in
which it could loop indefinitely. (CVE-2017-6214, Moderate)

Red Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and
Xiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.

Bug Fix(es):

* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger than
the total-pages counter (HugePages_Total) in the /proc/meminfo file, and
HugePages_Rsvd underflowed. With this update, the HugeTLB feature of the
Linux kernel has been fixed, and HugePages_Rsvd underflow no longer occurs.
(BZ#1445184)

* If a directory on a NFS client was modified while being listed, the NFS
client could restart the directory listing multiple times. Consequently,
the performance of listing the directory was sub-optimal. With this update,
the restarting of the directory listing happens less frequently. As a
result, the performance of listing the directory while it is being modified
has improved. (BZ#1450851)

* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed to
reboot. This update fixes the qla2xxx driver, and FCoE adapter now reboots
as expected. (BZ#1446246)

* When a VM with Virtual Function I/O (VFIO) device was rebooted, the QEMU
process occasionally terminated unexpectedly due to a failed VFIO Direct
Memory Access (DMA) map request. This update fixes the vfio driver and QEMU
no longer crashes in the described situation. (BZ#1450855)

* When the operating system was booted with the in-box lpfc driver, a
kernel panic occurred on the little-endian variant of IBM Power Systems.
This update fixes lpfc, and the kernel no longer panics in the described
situation.

[RHSA-2017:1596-01] Moderate: python-django security update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: python-django security update
Advisory ID:   RHSA-2017:1596-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1596
Issue date:2017-06-28
CVE Names: CVE-2017-7233 
=

1. Summary:

An update for python-django is now available for Red Hat OpenStack Platform
10.0 (Newton).

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 10.0 - noarch

3. Description:

Django is a high-level Python Web framework that encourages rapid
development and a clean, pragmatic design. It focuses on automating as much
as possible and adhering to the DRY (Don't Repeat Yourself) principle.

The following packages have been upgraded to a later upstream version:
python-django (1.8.18). (BZ#1437737)

Security Fix(es):

* A redirect flaw, where the is_safe_url() function did not correctly
sanitize numeric-URL user input, was found in python-django. A remote
attacker could exploit this flaw to perform XSS attacks against the
OpenStack dashboard. (CVE-2017-7233)

Red Hat would like to thank the Django project for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1437234 - CVE-2017-7233 python-django: Open redirect and possible XSS attack 
via user-supplied numeric redirect URLs

6. Package List:

Red Hat OpenStack Platform 10.0:

Source:
python-django-1.8.18-1.el7ost.src.rpm

noarch:
python-django-1.8.18-1.el7ost.noarch.rpm
python-django-bash-completion-1.8.18-1.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7233
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZVBGlXlSAg2UNWIIRAsCjAKCcqX2kMw0BZppbW0dcZdc5g+UNbACgi6cX
FDPipX4JEG4cP9HE5LLV08w=
=NBzP
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1659-01] Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Important: Red Hat JBoss Enterprise Application Platform
6.4.16 natives update
Advisory ID: RHSA-2017:1659-01
Product: Red Hat JBoss Enterprise Application Platform
Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-1659.html
Issue date:2017-06-28
CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-6304
CVE-2016-8610
=

1. Summary:

An update is now available for Red Hat JBoss Enterprise Application
Platform.

2. Description:

Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.

This release includes bug fixes as well as a new release of OpenSSL that
addresses a number of outstanding security flaws. For further information,
see the knowledge base article linked to in the References section. All
users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat
Enterprise Linux 6 are advised to upgrade to these updated packages.

Security Fix(es):

* A memory leak flaw was found in the way OpenSSL handled TLS status
request extension data during session renegotiation. A remote attacker
could cause a TLS server using OpenSSL to consume an excessive amount of
memory and, possibly, exit unexpectedly after exhausting all available
memory, if it enabled OCSP stapling support. (CVE-2016-6304)

* It was discovered that OpenSSL did not always use constant time
operations when computing Digital Signature Algorithm (DSA) signatures. A
local attacker could possibly use this flaw to obtain a private DSA key
belonging to another user or service running on the same system.
(CVE-2016-2178)

* A denial of service flaw was found in the way the TLS/SSL protocol
defined processing of ALERT packets during a connection handshake. A remote
attacker could use this flaw to make a TLS/SSL server consume an excessive
amount of CPU and fail to accept connections form other clients.
(CVE-2016-8610)

* Multiple integer overflow flaws were found in the way OpenSSL performed
pointer arithmetic. A remote attacker could possibly use these flaws to
cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)

Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304
and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610.
Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original
reporter of CVE-2016-6304.

3. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

The References section of this erratum contains a download link (you must
log in to download the update).

4. Bugs fixed (https://bugzilla.redhat.com/):

1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in
codebase
1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for
certain operations in DSA implementation
1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory
growth
1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause
remote DoS

5. References:

https://access.redhat.com/security/cve/CVE-2016-2177
https://access.redhat.com/security/cve/CVE-2016-2178
https://access.redhat.com/security/cve/CVE-2016-6304
https://access.redhat.com/security/cve/CVE-2016-8610
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/articles/2688611
https://access.redhat.com/solutions/222023
https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform=securityPatches=6.4

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iD8DBQFZVBGYXlSAg2UNWIIRAitCAKDDU2+TU+bWZazGsgLqhlm+UBIRiwCcDtsi
Gl49Bhw33ykXLLVNLwr3eow=
=+SCQ
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1658-01] Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: Red Hat JBoss Enterprise Application Platform 
6.4.16 natives update
Advisory ID:   RHSA-2017:1658-01
Product:   Red Hat JBoss Enterprise Application Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1658
Issue date:2017-06-28
CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-6304 
   CVE-2016-8610 
=

1. Summary:

An update is now available for Red Hat JBoss Enterprise Application
Platform 6.4 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise
Application Platform 6.4 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server - i386, 
ppc64, x86_64
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server - ppc64, 
x86_64

3. Description:

Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.

This release includes bug fixes as well as a new release of OpenSSL. For
further information, see the knowledge base article linked to in the
References section. All users of Red Hat JBoss Enterprise Application
Platform 6.4 on Red Hat Enterprise Linux 7 are advised to upgrade to these
updated packages. The JBoss server process must be restarted for the update
to take effect.

Security Fix(es):

* A memory leak flaw was found in the way OpenSSL handled TLS status
request extension data during session renegotiation. A remote attacker
could cause a TLS server using OpenSSL to consume an excessive amount of
memory and, possibly, exit unexpectedly after exhausting all available
memory, if it enabled OCSP stapling support. (CVE-2016-6304)

* It was discovered that OpenSSL did not always use constant time
operations when computing Digital Signature Algorithm (DSA) signatures. A
local attacker could possibly use this flaw to obtain a private DSA key
belonging to another user or service running on the same system.
(CVE-2016-2178)

* A denial of service flaw was found in the way the TLS/SSL protocol
defined processing of ALERT packets during a connection handshake. A remote
attacker could use this flaw to make a TLS/SSL server consume an excessive
amount of CPU and fail to accept connections form other clients.
(CVE-2016-8610)

* Multiple integer overflow flaws were found in the way OpenSSL performed
pointer arithmetic. A remote attacker could possibly use these flaws to
cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)

Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304
and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610.
Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original
reporter of CVE-2016-6304.

4. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted. After installing the updated
packages, the httpd daemon will be restarted automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in 
codebase
1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for 
certain operations in DSA implementation
1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory 
growth
1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause 
remote DoS

6. Package List:

Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server:

Source:
jbcs-httpd24-openssl-1.0.2h-13.jbcs.el6.src.rpm

i386:
jbcs-httpd24-openssl-1.0.2h-13.jbcs.el6.i686.rpm
jbcs-httpd24-openssl-debuginfo-1.0.2h-13.jbcs.el6.i686.rpm
jbcs-httpd24-openssl-devel-1.0.2h-13.jbcs.el6.i686.rpm
jbcs-httpd24-openssl-libs-1.0.2h-13.jbcs.el6.i686.rpm
jbcs-httpd24-openssl-perl-1.0.2h-13.jbcs.el6.i686.rpm
jbcs-httpd24-openssl-static-1.0.2h-13.jbcs.el6.i686.rpm

ppc64:
jbcs-httpd24-openssl-1.0.2h-13.jbcs.el6.ppc64.rpm
jbcs-httpd24-openssl-debuginfo-1.0.2h-13.jbcs.el6.ppc64.rpm
jbcs-httpd24-openssl-devel-1.0.2h-13.jbcs.el6.ppc64.rpm
jbcs-httpd24-openssl-libs-1.0.2h-13.jbcs.el6.ppc64.rpm
jbcs-httpd24-openssl-perl-1.0.2h-13.jbcs.el6.ppc64.rpm

[RHSA-2017:1647-01] Important: kernel-rt security and bug fix update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel-rt security and bug fix update
Advisory ID:   RHSA-2017:1647-01
Product:   Red Hat Enterprise MRG for RHEL-6
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1647
Issue date:2017-06-28
CVE Names: CVE-2017-1000364 CVE-2017-6214 CVE-2017-7645 
   CVE-2017-7895 
=

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* A flaw was found in the way memory was being allocated on the stack for
user space binaries. If heap (or different memory region) and stack memory
regions were adjacent to each other, an attacker could use this flaw to
jump over the stack guard gap, cause controlled memory corruption on
process stack or the adjacent memory region, and thus increase their
privileges on the system. This is a kernel-side mitigation which increases
the stack guard gap size from one page to 1 MiB to make successful
exploitation of this issue more difficult. (CVE-2017-1000364, Important)

* The NFS2/3 RPC client could send long arguments to the NFS server. These
encoded arguments are stored in an array of memory pages, and accessed
using pointer variables. Arbitrarily long arguments could make these
pointers point outside the array and cause an out-of-bounds memory access.
A remote user or program could use this flaw to crash the kernel, resulting
in denial of service. (CVE-2017-7645, Important)

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

* A flaw was found in the Linux kernel's handling of packets with the URG
flag. Applications using the splice() and tcp_splice_read() functionality
could allow a remote attacker to force the kernel to enter a condition in
which it could loop indefinitely. (CVE-2017-6214, Moderate)

Red Hat would like to thank Qualys Research Labs for reporting
CVE-2017-1000364 and Ari Kauppi for reporting CVE-2017-7895.

Bug Fix(es):

* kernel-rt packages have been upgraded to the 3.10.0-514 source tree,
which provides a number of bug fixes over the previous version.
(BZ#1452745)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1426542 - CVE-2017-6214 kernel: ipv4/tcp: Infinite loop in tcp_splice_read()
1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies
1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload 
bounds checking of WRITE requests
1452745 - update the MRG 2.5.z 3.10 kernel-rt sources
1452769 - HPE iLO remote console video goes blank after updating to 
kernel-rt-3.10.0-514.rt56.210.el6rt
1461333 - CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack 
allocations

6. Package List:

MRG Realtime for RHEL 6 Server v.2:

Source:
kernel-rt-3.10.0-514.rt56.228.el6rt.src.rpm

noarch:
kernel-rt-doc-3.10.0-514.rt56.228.el6rt.noarch.rpm
kernel-rt-firmware-3.10.0-514.rt56.228.el6rt.noarch.rpm

x86_64:
kernel-rt-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-debug-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-debug-devel-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-debuginfo-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-devel-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-trace-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-trace-devel-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-vanilla-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-vanilla-debuginfo-3.10.0-514.rt56.228.el6rt.x86_64.rpm
kernel-rt-vanilla-devel-3.10.0-514.rt56.228.el6rt.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature

[RHSA-2017:1597-01] Important: openstack-keystone security, bug fix, and enhancement update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: openstack-keystone security, bug fix, and 
enhancement update
Advisory ID:   RHSA-2017:1597-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1597
Issue date:2017-06-28
CVE Names: CVE-2017-2673 
=

1. Summary:

An update for openstack-keystone is now available for Red Hat OpenStack
Platform 10.0 (Newton).

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 10.0 - noarch

3. Description:

The OpenStack Identity service (keystone) authenticates and authorizes
OpenStack users by keeping track of users and their permitted activities.
The Identity service supports multiple forms of authentication, including
user name and password credentials, token-based systems, and AWS-style
logins.

The following packages have been upgraded to a later upstream version:
openstack-keystone (10.0.1). (BZ#1431715)

Security Fix(es):

* An authorization-check flaw was discovered in federation configurations
of the OpenStack Identity service (keystone). An authenticated federated
user could request permissions to a project and unintentionally be granted
all related roles including administrative roles. (CVE-2017-2673)

Red Hat would like to thank the Openstack project for reporting this issue.
Upstream acknowledges Boris Bobrov (Mail.Ru) as the original reporter.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1431715 - Rebase openstack-keystone to stable/newton hash 5eba745
1439586 - CVE-2017-2673 openstack-keystone: Incorrect role assignment with 
federated Keystone

6. Package List:

Red Hat OpenStack Platform 10.0:

Source:
openstack-keystone-10.0.1-3.el7ost.src.rpm

noarch:
openstack-keystone-10.0.1-3.el7ost.noarch.rpm
python-keystone-10.0.1-3.el7ost.noarch.rpm
python-keystone-tests-10.0.1-3.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-2673
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZVBGtXlSAg2UNWIIRAh/zAKCUqlT25iOB1f4A52h//S3jjBpWxACghwnO
TQegxajev7nmpk4a4M7yUIc=
=e67B
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1598-01] Low: python-django-horizon security, bug fix, and enhancement update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Low: python-django-horizon security, bug fix, and 
enhancement update
Advisory ID:   RHSA-2017:1598-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1598
Issue date:2017-06-28
CVE Names: CVE-2017-7400 
=

1. Summary:

An update for python-django-horizon is now available for Red Hat OpenStack
Platform 10.0 (Newton).

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 10.0 - noarch

3. Description:

OpenStack Dashboard (horizon) provides administrators and users with a
graphical interface to access, provision, and automate cloud-based
resources.

The following packages have been upgraded to a later upstream version:
python-django-horizon (10.0.3). (BZ#1432289, BZ#1454330)

Security Fix(es):

* A cross-site scripting flaw was discovered in the OpenStack dashboard
(horizon) which allowed remote authenticated administrators to conduct XSS
attacks using a crafted federation mapping rule. For this flaw to be
exploited, federation mapping must be enabled in the dashboard.
(CVE-2017-7400)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1408777 - Default admin user from default domain does not have Domains tab in 
Horizon Web Interface.
1414997 - modifying any quota in horizon triggers cinder to update gigabytes = 
null. Results in horizon error.
1427328 - System info tab in horiozon does not display correct version.
1432036 - Password revealing icon (eyeball) is in the wrong place
1432245 - Cannot create volume from image if cinder v1 service deleted
1432289 - Rebase python-django-horizon to 10.0.3
1439626 - CVE-2017-7400 python-django-horizon: XSS in federation mappings UI
1454330 - Rebase python-django-horizon to 9dda5a

6. Package List:

Red Hat OpenStack Platform 10.0:

Source:
python-django-horizon-10.0.3-6.el7ost.src.rpm

noarch:
openstack-dashboard-10.0.3-6.el7ost.noarch.rpm
openstack-dashboard-theme-10.0.3-6.el7ost.noarch.rpm
python-django-horizon-10.0.3-6.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7400
https://access.redhat.com/security/updates/classification/#low

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZVBG6XlSAg2UNWIIRAqXpAJ4i5DYk4s6EqVcTXLYPnaH9ORfYgACfdx43
/Yd3SgF/XczsuU9JNzOGIAM=
=5o3S
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1595-01] Moderate: openstack-nova and python-novaclient security, bug fix, and enhancement update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: openstack-nova and python-novaclient security, bug 
fix, and enhancement update
Advisory ID:   RHSA-2017:1595-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1595
Issue date:2017-06-28
CVE Names: CVE-2017-7214 
=

1. Summary:

An update for openstack-nova and python-novaclient is now available for Red
Hat OpenStack Platform 10.0 (Newton).

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

OpenStack 10.0 Tools for RHEL 7 - noarch
Red Hat OpenStack Platform 10.0 - noarch

3. Description:

OpenStack Compute (nova) launches and schedules large networks of virtual
machines, creating a redundant and scalable cloud computing platform.
Compute provides the software, control panels, and APIs required to
orchestrate a cloud, including running virtual machine instances and
controlling access through users and projects.

python-novaclient is the python client for the OpenStack Nova API. The
client's Python API (the novaclient module) and command-line script (nova)
both implement 100% of the OpenStack Nova API.

The following packages have been upgraded to a later upstream version:
python-novaclient (6.0.0), openstack-nova (14.0.6). (BZ#1421265,
BZ#1431802, BZ#1429924, BZ#1454629, BZ#1454630)

Security Fix(es):

* An information exposure issue was discovered in OpenStack Compute's
exception_wrapper.py. Legacy notification exception contexts appearing in
ERROR-level logs could include sensitive information such as account
passwords and authorization tokens. (CVE-2017-7214)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1420880 - libvirt overwrites externally set vlan tags in macvtap passthrough 
VFs since 2.x so Nova needs to craft the XML to include vlan tag
1421265 - nova-manage db sync broke between RHOSP 9 => RHOSP 10 update
1429924 - Rebase openstack-nova to 14.0.4
1431802 - Rebase openstack-nova to upstream/stable/newton hash b8f209
1434844 - CVE-2017-7214 openstack-nova: Sensitive information included in 
legacy notification exception contexts
1436266 - Microversion 2.37 break 2.32 usage
1448002 - LibvirtError happens when put instance from pause to active status
1454629 - Rebase openstack-nova to 14.0.5
1454630 - Rebase openstack-nova to 14.0.6

6. Package List:

OpenStack 10.0 Tools for RHEL 7:

Source:
python-novaclient-6.0.0-3.el7ost.src.rpm

noarch:
python-novaclient-6.0.0-3.el7ost.noarch.rpm

Red Hat OpenStack Platform 10.0:

Source:
openstack-nova-14.0.6-2.el7ost.src.rpm
python-novaclient-6.0.0-3.el7ost.src.rpm

noarch:
openstack-nova-14.0.6-2.el7ost.noarch.rpm
openstack-nova-api-14.0.6-2.el7ost.noarch.rpm
openstack-nova-cells-14.0.6-2.el7ost.noarch.rpm
openstack-nova-cert-14.0.6-2.el7ost.noarch.rpm
openstack-nova-common-14.0.6-2.el7ost.noarch.rpm
openstack-nova-compute-14.0.6-2.el7ost.noarch.rpm
openstack-nova-conductor-14.0.6-2.el7ost.noarch.rpm
openstack-nova-console-14.0.6-2.el7ost.noarch.rpm
openstack-nova-migration-14.0.6-2.el7ost.noarch.rpm
openstack-nova-network-14.0.6-2.el7ost.noarch.rpm
openstack-nova-novncproxy-14.0.6-2.el7ost.noarch.rpm
openstack-nova-placement-api-14.0.6-2.el7ost.noarch.rpm
openstack-nova-scheduler-14.0.6-2.el7ost.noarch.rpm
openstack-nova-serialproxy-14.0.6-2.el7ost.noarch.rpm
openstack-nova-spicehtml5proxy-14.0.6-2.el7ost.noarch.rpm
python-nova-14.0.6-2.el7ost.noarch.rpm
python-nova-tests-14.0.6-2.el7ost.noarch.rpm
python-novaclient-6.0.0-3.el7ost.noarch.rpm

OpenStack 10.0 Tools for RHEL 7:

Source:
python-novaclient-6.0.0-3.el7ost.src.rpm

noarch:
python-novaclient-6.0.0-3.el7ost.noarch.rpm

OpenStack 10.0 Tools for RHEL 7:

Source:
python-novaclient-6.0.0-3.el7ost.src.rpm

noarch:
python-novaclient-6.0.0-3.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7214
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

[RHSA-2017:1664-01] Low: Red Hat Enterprise Linux 6.2 Advanced Mission Critical 6-Month Notice

2017-06-29 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Low: Red Hat Enterprise Linux 6.2 Advanced Mission Critical 
6-Month Notice
Advisory ID:   RHSA-2017:1664-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1664
Issue date:2017-06-29
=

1. Summary:

This is the six-month notification for the retirement of Red Hat Enterprise
Linux 6.2 Advanced Mission Critical (AMC). This notification applies only
to those customers subscribed to the Advanced Mission Critical (AMC)
channel for Red Hat Enterprise Linux 6.2.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64

3. Description:

In accordance with the Red Hat Enterprise Linux Errata Support Policy,
Advanced Mission Critical for Red Hat Enterprise Linux 6.2 will be retired
as of December 31, 2017, and active support will no longer be provided.
Accordingly, Red Hat will no longer provide updated packages, including
Critical Impact security patches or Urgent Priority bug fixes, for Red Hat
Enterprise Linux 6.2 AMC after December 31, 2017. In addition, on-going
technical support through Red Hat's Customer Experience and Engagement will
be limited as described under "non-current minor releases" in the Knowledge
Base article located here https://access.redhat.com/articles/64664 after
this date.

We encourage customers to migrate from Red Hat Enterprise Linux 6.2 to a
more recent version of Red Hat Enterprise Linux. As a benefit of the Red
Hat subscription model, customers can use their active subscriptions to
entitle any system on any currently supported Red Hat Enterprise Linux
release.

Details of the Red Hat Enterprise Linux life cycle can be found here:
https://access.redhat.com/support/policy/updates/errata/

4. Solution:

This erratum contains an updated redhat-release package that provides a
copy of this retirement notice in the "/usr/share/doc/" directory.

5. Package List:

Red Hat Enterprise Linux Server AUS (v. 6.2):

Source:
redhat-release-server-6Server-6.2.0.8.el6_2.src.rpm

x86_64:
redhat-release-server-6Server-6.2.0.8.el6_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

6. References:

https://access.redhat.com/security/updates/classification/#low

7. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZVRlbXlSAg2UNWIIRAnbdAKCadHfVQzpXtC1wm3pEovD8kf2cZQCePO3e
DlsgS029JvE2o4+GxhZizn8=
=Z+mB
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1676-01] Moderate: Red Hat JBoss BRMS security update

2017-07-04 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Moderate: Red Hat JBoss BRMS security update
Advisory ID: RHSA-2017:1676-01
Product: Red Hat JBoss BRMS
Advisory URL: https://access.redhat.com/errata/RHSA-2017:1676
Issue date:2017-07-04
CVE Names: CVE-2016-6346 CVE-2016-9606 CVE-2017-5929
=

1. Summary:

An update is now available for Red Hat JBoss BRMS.

2. Description:

Red Hat JBoss BRMS is a business rules management system for the
management, storage, creation, modification, and deployment of JBoss Rules.

This release of Red Hat JBoss BRMS 6.4.4 serves as a replacement for Red
Hat JBoss BRMS 6.4.3, and includes bug fixes and enhancements, which are
documented in the Release Notes document linked to in the References.

Security Fix(es):

* It was found that GZIPInterceptor is enabled when not necessarily
required in RESTEasy. An attacker could use this flaw to launch a Denial of
Service attack. (CVE-2016-6346)

* It was discovered that under certain conditions RESTEasy could be forced
to parse a request with YamlProvider, resulting in unmarshalling of
potentially untrusted data. An attacker could possibly use this flaw
execute arbitrary code with the permissions of the application using
RESTEasy. (CVE-2016-9606)

* It was found that logback is vulnerable to a deserialization issue.
Logback can be configured to allow remote logging through
SocketServer/ServerSocketReceiver interfaces that can accept untrusted
serialized data. Authenticated attackers on the adjacent network can
leverage this vulnerability to execute arbitrary code through
deserialization of custom gadget chains. (CVE-2017-5929)

Red Hat would like to thank Mikhail Egorov (Odin) for reporting
CVE-2016-6346 and Moritz Bechler (AgNO3 GmbH & Co. KG) for reporting
CVE-2016-9606.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

It is recommended to halt the server by stopping the JBoss Application
Server process before installing this update; after installing the update,
restart the server by starting the JBoss Application Server process.

The References section of this erratum contains a download link (you must
log in to download the update).

4. Bugs fixed (https://bugzilla.redhat.com/):

1372120 - CVE-2016-6346 RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead
to denial of service attack
1400644 - CVE-2016-9606 Resteasy: Yaml unmarshalling vulnerable to RCE
1432858 - CVE-2017-5929 logback: Serialization vulnerability in SocketServer
and ServerSocketReceiver

5. References:

https://access.redhat.com/security/cve/CVE-2016-6346
https://access.redhat.com/security/cve/CVE-2016-9606
https://access.redhat.com/security/cve/CVE-2017-5929
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=brms=securityPatches=6.4

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iD8DBQFZW9iTXlSAg2UNWIIRAkbRAJ95DW4HJ15H9bHa4QApN/xCXa43bACfUotk
p95+a2C20HpY01RWm/JoZfA=
=YV1H
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1675-01] Moderate: Red Hat JBoss BPM Suite security update

2017-07-04 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
Red Hat Security Advisory

Synopsis: Moderate: Red Hat JBoss BPM Suite security update
Advisory ID: RHSA-2017:1675-01
Product: Red Hat JBoss BPM Suite
Advisory URL: https://access.redhat.com/errata/RHSA-2017:1675
Issue date:2017-07-04
CVE Names: CVE-2016-6346 CVE-2016-9606 CVE-2017-5929
=

1. Summary:

An update is now available for Red Hat JBoss BPM Suite.

2. Description:

Red Hat JBoss BPM Suite is a business rules and processes management system
for the management, storage, creation, modification, and deployment of
JBoss rules and BPMN2-compliant business processes.

This release of Red Hat JBoss BPM Suite 6.4.4 serves as a replacement for
Red Hat JBoss BPM Suite 6.4.3, and includes bug fixes and enhancements,
which are documented in the Release Notes document linked to in the
References.

Security Fix(es):

* It was found that GZIPInterceptor is enabled when not necessarily
required in RESTEasy. An attacker could use this flaw to launch a Denial of
Service attack. (CVE-2016-6346)

Red Hat would like to thank Mikhail Egorov (Odin) for reporting
CVE-2016-6346 and Moritz Bechler (AgNO3 GmbH & Co. KG) for reporting
CVE-2016-9606.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

The References section of this erratum contains a download link (you must
log in to download the update).

4. Bugs fixed (https://bugzilla.redhat.com/):

5. References:

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iD8DBQFZW9iIXlSAg2UNWIIRAmSbAJwPHL02TQDQzcfEYMEN4IGi65Ox5QCfVc8M
LeTvX1KTJxJ2BWveiuOJbZs=
=TmO3
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1678-01] Moderate: rh-postgresql94-postgresql security update

2017-07-05 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: rh-postgresql94-postgresql security update
Advisory ID:   RHSA-2017:1678-01
Product:   Red Hat Software Collections
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1678
Issue date:2017-07-05
CVE Names: CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 
=

1. Summary:

An update for rh-postgresql94-postgresql is now available for Red Hat
Software Collections.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - 
x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - 
x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - 
x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - 
x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
rh-postgresql94-postgresql (9.4.12). (BZ#1449705)

Security Fix(es):

* It was found that some selectivity estimation functions did not check
user privileges before providing information from pg_statistic, possibly
leaking information. A non-administrative database user could use this flaw
to steal some information from tables they are otherwise not allowed to
access. (CVE-2017-7484)

* It was discovered that the PostgreSQL client library (libpq) did not
enforce the use of TLS/SSL for a connection to a PostgreSQL server when the
PGREQUIRESSL environment variable was set. An man-in-the-middle attacker
could use this flaw to strip the SSL/TLS protection from a connection
between a client and a server. (CVE-2017-7485)

* It was found that the pg_user_mappings view could disclose information
about user mappings to a foreign database to non-administrative database
users. A database user with USAGE privilege for this mapping could, when
querying the view, obtain user mapping data, such as the username and
password used to connect to the foreign database. (CVE-2017-7486)

Red Hat would like to thank the PostgreSQL project for reporting these
issues. Upstream acknowledges Robert Haas as the original reporter of
CVE-2017-7484; Daniel Gustafsson as the original reporter of CVE-2017-7485;
and Andrew Wheelwright as the original reporter of CVE-2017-7486.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1448078 - CVE-2017-7484 postgresql: Selectivity estimators bypass SELECT 
privilege checks
1448086 - CVE-2017-7485 postgresql: libpq ignores PGREQUIRESSL environment 
variable
1448089 - CVE-2017-7486 postgresql: pg_user_mappings view discloses foreign 
server passwords

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):

Source:
rh-postgresql94-postgresql-9.4.12-1.el6.src.rpm

x86_64:
rh-postgresql94-postgresql-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-contrib-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-debuginfo-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-devel-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-docs-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-libs-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-plperl-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-plpython-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-pltcl-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-server-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-static-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-test-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-upgrade-9.4.12-1.el6.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):

Source:
rh-postgresql94-postgresql-9.4.12-1.el6.src.rpm

x86_64:
rh-postgresql94-postgresql-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-contrib-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-debuginfo-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-devel-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-docs-9.4.12-1.el6.x86_64.rpm
rh-postgresql94-postgresql-libs-9.4.12-1.el6.x86_64.rpm

[RHSA-2017:1677-01] Moderate: rh-postgresql95-postgresql security update

2017-07-05 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: rh-postgresql95-postgresql security update
Advisory ID:   RHSA-2017:1677-01
Product:   Red Hat Software Collections
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1677
Issue date:2017-07-05
CVE Names: CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 
=

1. Summary:

An update for rh-postgresql95-postgresql is now available for Red Hat
Software Collections.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - 
x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - 
x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - 
x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - 
x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
rh-postgresql95-postgresql (9.5.7). (BZ#1449701)

Security Fix(es):

* It was found that some selectivity estimation functions did not check
user privileges before providing information from pg_statistic, possibly
leaking information. A non-administrative database user could use this flaw
to steal some information from tables they are otherwise not allowed to
access. (CVE-2017-7484)

* It was discovered that the PostgreSQL client library (libpq) did not
enforce the use of TLS/SSL for a connection to a PostgreSQL server when the
PGREQUIRESSL environment variable was set. An man-in-the-middle attacker
could use this flaw to strip the SSL/TLS protection from a connection
between a client and a server. (CVE-2017-7485)

* It was found that the pg_user_mappings view could disclose information
about user mappings to a foreign database to non-administrative database
users. A database user with USAGE privilege for this mapping could, when
querying the view, obtain user mapping data, such as the username and
password used to connect to the foreign database. (CVE-2017-7486)

Red Hat would like to thank the PostgreSQL project for reporting these
issues. Upstream acknowledges Robert Haas as the original reporter of
CVE-2017-7484; Daniel Gustafsson as the original reporter of CVE-2017-7485;
and Andrew Wheelwright as the original reporter of CVE-2017-7486.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1448078 - CVE-2017-7484 postgresql: Selectivity estimators bypass SELECT 
privilege checks
1448086 - CVE-2017-7485 postgresql: libpq ignores PGREQUIRESSL environment 
variable
1448089 - CVE-2017-7486 postgresql: pg_user_mappings view discloses foreign 
server passwords
1452734 - Broken upgrade 'postgresql-setup --upgrade 
--upgrade-from=postgresql92-postgresql'

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):

Source:
rh-postgresql95-postgresql-9.5.7-2.el6.src.rpm

x86_64:
rh-postgresql95-postgresql-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-contrib-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-debuginfo-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-devel-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-docs-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-libs-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-plperl-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-plpython-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-pltcl-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-server-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-static-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-test-9.5.7-2.el6.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):

Source:
rh-postgresql95-postgresql-9.5.7-2.el6.src.rpm

x86_64:
rh-postgresql95-postgresql-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-contrib-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-debuginfo-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-devel-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-docs-9.5.7-2.el6.x86_64.rpm
rh-postgresql95-postgresql-libs-9.5.7-2.el6.x86_64.rpm

[RHSA-2017:1680-01] Important: bind security and bug fix update

2017-07-05 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: bind security and bug fix update
Advisory ID:   RHSA-2017:1680-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1680
Issue date:2017-07-05
CVE Names: CVE-2017-3142 CVE-2017-3143 
=

1. Summary:

An update for bind is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

Security Fix(es):

* A flaw was found in the way BIND handled TSIG authentication for dynamic
updates. A remote attacker able to communicate with an authoritative BIND
server could use this flaw to manipulate the contents of a zone, by forging
a valid TSIG or SIG(0) signature for a dynamic update request.
(CVE-2017-3143)

* A flaw was found in the way BIND handled TSIG authentication of AXFR
requests. A remote attacker, able to communicate with an authoritative BIND
server, could use this flaw to view the entire contents of a zone by
sending a specially constructed request packet. (CVE-2017-3142)

Red Hat would like to thank Internet Systems Consortium for reporting these
issues. Upstream acknowledges Clement Berthaux (Synacktiv) as the original
reporter of these issues.

Bug Fix(es):

* ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK)
rollover during October 2017. Maintaining an up-to-date KSK, by adding the
new root zone KSK, is essential for ensuring that validating DNS resolvers
continue to function following the rollover. (BZ#1459649)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1466189 - CVE-2017-3142 bind: An error in TSIG authentication can permit 
unauthorized zone transfers
1466193 - CVE-2017-3143 bind: An error in TSIG authentication can permit 
unauthorized dynamic updates

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
bind-9.9.4-50.el7_3.1.src.rpm

noarch:
bind-license-9.9.4-50.el7_3.1.noarch.rpm

x86_64:
bind-debuginfo-9.9.4-50.el7_3.1.i686.rpm
bind-debuginfo-9.9.4-50.el7_3.1.x86_64.rpm
bind-libs-9.9.4-50.el7_3.1.i686.rpm
bind-libs-9.9.4-50.el7_3.1.x86_64.rpm
bind-libs-lite-9.9.4-50.el7_3.1.i686.rpm
bind-libs-lite-9.9.4-50.el7_3.1.x86_64.rpm
bind-utils-9.9.4-50.el7_3.1.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
bind-9.9.4-50.el7_3.1.x86_64.rpm
bind-chroot-9.9.4-50.el7_3.1.x86_64.rpm
bind-debuginfo-9.9.4-50.el7_3.1.i686.rpm
bind-debuginfo-9.9.4-50.el7_3.1.x86_64.rpm
bind-devel-9.9.4-50.el7_3.1.i686.rpm
bind-devel-9.9.4-50.el7_3.1.x86_64.rpm
bind-lite-devel-9.9.4-50.el7_3.1.i686.rpm
bind-lite-devel-9.9.4-50.el7_3.1.x86_64.rpm
bind-pkcs11-9.9.4-50.el7_3.1.x86_64.rpm
bind-pkcs11-devel-9.9.4-50.el7_3.1.i686.rpm
bind-pkcs11-devel-9.9.4-50.el7_3.1.x86_64.rpm
bind-pkcs11-libs-9.9.4-50.el7_3.1.i686.rpm
bind-pkcs11-libs-9.9.4-50.el7_3.1.x86_64.rpm
bind-pkcs11-utils-9.9.4-50.el7_3.1.x86_64.rpm
bind-sdb-9.9.4-50.el7_3.1.x86_64.rpm
bind-sdb-chroot-9.9.4-50.el7_3.1.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
bind-9.9.4-50.el7_3.1.src.rpm

noarch:
bind-license-9.9.4-50.el7_3.1.noarch.rpm

x86_64:
bind-debuginfo-9.9.4-50.el7_3.1.i686.rpm
bind-debuginfo-9.9.4-50.el7_3.1.x86_64.rpm
bind-libs-9.9.4-50.el7_3.1.i686.rpm
bind-libs-9.9.4-50.el7_3.1.x86_64.rpm
bind-libs-lite-9.9.4-50.el7_3.1.i686.rpm
bind-libs-lite-9.9.4-50.el7_3.1.x86_64.rpm
bind-utils-9.9.4-50.el7_3.1.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:

[RHSA-2017:1679-01] Important: bind security and bug fix update

2017-07-05 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: bind security and bug fix update
Advisory ID:   RHSA-2017:1679-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1679
Issue date:2017-07-05
CVE Names: CVE-2017-3142 CVE-2017-3143 
=

1. Summary:

An update for bind is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

Security Fix(es):

* A flaw was found in the way BIND handled TSIG authentication for dynamic
updates. A remote attacker able to communicate with an authoritative BIND
server could use this flaw to manipulate the contents of a zone, by forging
a valid TSIG or SIG(0) signature for a dynamic update request.
(CVE-2017-3143)

* A flaw was found in the way BIND handled TSIG authentication of AXFR
requests. A remote attacker, able to communicate with an authoritative BIND
server, could use this flaw to view the entire contents of a zone by
sending a specially constructed request packet. (CVE-2017-3142)

Red Hat would like to thank Internet Systems Consortium for reporting these
issues. Upstream acknowledges Clement Berthaux (Synacktiv) as the original
reporter of these issues.

Bug Fix(es):

* ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK)
rollover during October 2017. Maintaining an up-to-date KSK, by adding the
new root zone KSK, is essential for ensuring that validating DNS resolvers
continue to function following the rollover. (BZ#1458234)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1466189 - CVE-2017-3142 bind: An error in TSIG authentication can permit 
unauthorized zone transfers
1466193 - CVE-2017-3143 bind: An error in TSIG authentication can permit 
unauthorized dynamic updates

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
bind-9.8.2-0.62.rc1.el6_9.4.src.rpm

i386:
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-libs-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-utils-9.8.2-0.62.rc1.el6_9.4.i686.rpm

x86_64:
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-libs-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-libs-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386:
bind-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-chroot-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-devel-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-sdb-9.8.2-0.62.rc1.el6_9.4.i686.rpm

x86_64:
bind-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-chroot-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-devel-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-devel-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-sdb-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
bind-9.8.2-0.62.rc1.el6_9.4.src.rpm

x86_64:
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-libs-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-libs-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

x86_64:
bind-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-chroot-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bind-debuginfo-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bind-devel-9.8.2-0.62.rc1.el6_9.4.i686.rpm

[RHSA-2017:1682-01] Important: qemu-kvm-rhev security and bug fix update

2017-07-05 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: qemu-kvm-rhev security and bug fix update
Advisory ID:   RHSA-2017:1682-01
Product:   Red Hat Virtualization
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1682
Issue date:2017-07-05
CVE Names: CVE-2017-9524 
=

1. Summary:

An update for qemu-kvm-rhev is now available for RHEV 3.X Hypervisor and
Agents for RHEL-7 and RHEV 4.X RHEV-H and Agents for RHEL-7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Managment Agent for RHEL 7 Hosts - ppc64le, x86_64
RHEV-H and VDSM for 7 Hosts - ppc64le, x86_64

3. Description:

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm-rhev packages provide the
user-space component for running virtual machines that use KVM in
environments managed by Red Hat products.

Security Fix(es):

* Quick Emulator (QEMU) built with Network Block Device (NBD) Server
support was vulnerable to a null-pointer dereference issue. The flaw could
occur when releasing a client, which was not initialized due to failed
negotiation. A remote user or process could exploit this flaw to crash the
qemu-nbd server (denial of service). (CVE-2017-9524)

Bug Fix(es):

* Previously, when the data plane was in use, changing the target image of
a virtual SCSI CD device caused the guest to terminate unexpectedly with a
core dump. With this update, the virtio-scsi bus rejects SCSI CDs when the
data plane is active, which prevents the crash from occurring. Note that
this is a temporary solution, and a full fix to make the data plane and
SCSI CD compatible will be provided in the future. (BZ#1461837)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1460170 - CVE-2017-9524 Qemu: nbd: segmentation fault due to client 
non-negotiation
1461837 - Core dump when use "data-plane" and execute change cd

6. Package List:

Managment Agent for RHEL 7 Hosts:

Source:
qemu-kvm-rhev-2.6.0-28.el7_3.12.src.rpm

ppc64le:
qemu-img-rhev-2.6.0-28.el7_3.12.ppc64le.rpm
qemu-kvm-common-rhev-2.6.0-28.el7_3.12.ppc64le.rpm
qemu-kvm-rhev-2.6.0-28.el7_3.12.ppc64le.rpm
qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.12.ppc64le.rpm
qemu-kvm-tools-rhev-2.6.0-28.el7_3.12.ppc64le.rpm

x86_64:
qemu-img-rhev-2.6.0-28.el7_3.12.x86_64.rpm
qemu-kvm-common-rhev-2.6.0-28.el7_3.12.x86_64.rpm
qemu-kvm-rhev-2.6.0-28.el7_3.12.x86_64.rpm
qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.12.x86_64.rpm
qemu-kvm-tools-rhev-2.6.0-28.el7_3.12.x86_64.rpm

RHEV-H and VDSM for 7 Hosts:

Source:
qemu-kvm-rhev-2.6.0-28.el7_3.12.src.rpm

ppc64le:
qemu-img-rhev-2.6.0-28.el7_3.12.ppc64le.rpm
qemu-kvm-common-rhev-2.6.0-28.el7_3.12.ppc64le.rpm
qemu-kvm-rhev-2.6.0-28.el7_3.12.ppc64le.rpm
qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.12.ppc64le.rpm
qemu-kvm-tools-rhev-2.6.0-28.el7_3.12.ppc64le.rpm

x86_64:
qemu-img-rhev-2.6.0-28.el7_3.12.x86_64.rpm
qemu-kvm-common-rhev-2.6.0-28.el7_3.12.x86_64.rpm
qemu-kvm-rhev-2.6.0-28.el7_3.12.x86_64.rpm
qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.12.x86_64.rpm
qemu-kvm-tools-rhev-2.6.0-28.el7_3.12.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-9524
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZXMh+XlSAg2UNWIIRAkYDAKChxVWK6GK9T6b9up61ksd8p3Tz/ACfTlgA
o+QSOB8MxHhFvYLQjK2auko=
=HkKC
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1681-01] Important: qemu-kvm security update

2017-07-05 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: qemu-kvm security update
Advisory ID:   RHSA-2017:1681-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1681
Issue date:2017-07-05
CVE Names: CVE-2017-9524 
=

1. Summary:

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

Kernel-based Virtual Machine (KVM) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm package provides the
user-space component for running virtual machines that use KVM.

Security Fix(es):

* Quick Emulator (QEMU) built with Network Block Device (NBD) Server
support was vulnerable to a null-pointer dereference issue. The flaw could
occur when releasing a client, which was not initialized due to failed
negotiation. A remote user or process could exploit this flaw to crash the
qemu-nbd server (denial of service). (CVE-2017-9524)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1460170 - CVE-2017-9524 Qemu: nbd: segmentation fault due to client 
non-negotiation

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
qemu-kvm-1.5.3-126.el7_3.10.src.rpm

x86_64:
qemu-img-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-common-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-tools-1.5.3-126.el7_3.10.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
qemu-kvm-1.5.3-126.el7_3.10.src.rpm

x86_64:
qemu-img-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-common-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-tools-1.5.3-126.el7_3.10.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
qemu-kvm-1.5.3-126.el7_3.10.src.rpm

ppc64:
qemu-img-1.5.3-126.el7_3.10.ppc64.rpm
qemu-kvm-debuginfo-1.5.3-126.el7_3.10.ppc64.rpm

ppc64le:
qemu-img-1.5.3-126.el7_3.10.ppc64le.rpm
qemu-kvm-debuginfo-1.5.3-126.el7_3.10.ppc64le.rpm

x86_64:
qemu-img-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-common-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-tools-1.5.3-126.el7_3.10.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
qemu-kvm-1.5.3-126.el7_3.10.src.rpm

x86_64:
qemu-img-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-common-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-126.el7_3.10.x86_64.rpm
qemu-kvm-tools-1.5.3-126.el7_3.10.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-9524
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZXMhWXlSAg2UNWIIRAvdcAJ4urVUBx0tkyHKe+zLAzuM8I7fD0ACcDAlN
1aD0i9ZEUbI21Q8ihTuWhSA=
=TE+9
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1685-01] Important: ansible security, bug fix, and enhancement update

2017-07-06 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: ansible security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:1685-01
Product:   Red Hat Virtualization
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1685
Issue date:2017-07-06
CVE Names: CVE-2016-8647 CVE-2016-9587 CVE-2017-7466 
=

1. Summary:

An update for ansible is now available for RHEV Engine version 4.1.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

RHV-M 4.1 - noarch

3. Description:

Ansible is a simple model-driven configuration management, multi-node
deployment, and remote-task execution system. Ansible works over SSH and
does not require any software or daemons to be installed on remote nodes.
Extension modules can be written in any language and are transferred to
managed machines automatically.

The following packages have been upgraded to a later upstream version:
ansible (2.3.0.0). (BZ#1446527)

Security Fix(es):

* An input validation vulnerability was found in Ansible's handling of data
sent from client systems. An attacker with control over a client system
being managed by Ansible and the ability to send facts back to the Ansible
server could use this flaw to execute arbitrary code on the Ansible server
using the Ansible server privileges. (CVE-2016-9587)

* An input validation vulnerability was found in Ansible's handling of data
sent from client systems. An attacker with control over a client system
being managed by Ansible, and the ability to send facts back to the Ansible
server, could use this flaw to execute arbitrary code on the Ansible server
using the Ansible server privileges. (CVE-2017-7466)

* An input validation vulnerability was found in Ansible's mysql_user
module which may fail to correctly change a password in certain
circumstances. Thus the previous password would still be active when it
should have been changed. (CVE-2016-8647)

The CVE-2017-7466 issue was discovered by Evgeni Golov (Red Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/2974891

5. Bugs fixed (https://bugzilla.redhat.com/):

1396174 - CVE-2016-8647 Ansible: in some circumstances the mysql_user module 
may fail to correctly change a password
1404378 - CVE-2016-9587 Ansible: Compromised remote hosts can lead to running 
commands on the Ansible controller
1439212 - CVE-2017-7466 ansible: Arbitrary code execution on control node 
(incomplete fix for CVE-2016-9587)
1446527 - Upgrade ansible to version 2.3.0.0

6. Package List:

RHV-M 4.1:

Source:
ansible-2.3.0.0-4.el7.src.rpm

noarch:
ansible-2.3.0.0-4.el7.noarch.rpm
ansible-doc-2.3.0.0-4.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2016-8647
https://access.redhat.com/security/cve/CVE-2016-9587
https://access.redhat.com/security/cve/CVE-2017-7466
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZXlRHXlSAg2UNWIIRAm4UAJ9kEPm4r+UklFLlOtUCUMeBCxq9jgCgj7aT
hJgsqWfXfDHBsCbJGzF1r6g=
=jCPL
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1583-01] Important: bind security and bug fix update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: bind security and bug fix update
Advisory ID:   RHSA-2017:1583-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1583
Issue date:2017-06-28
CVE Names: CVE-2016-8864 CVE-2016-9131 CVE-2016-9147 
   CVE-2016-9444 CVE-2017-3137 
=

1. Summary:

An update for bind is now available for Red Hat Enterprise Linux 7.2
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.2) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.2) - noarch, ppc64, ppc64le, s390x, 
x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.2) - ppc64, ppc64le, s390x, 
x86_64

3. Description:

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

Security Fix(es):

* A denial of service flaw was found in the way BIND handled responses
containing a DNAME answer. A remote attacker could use this flaw to make
named exit unexpectedly with an assertion failure via a specially crafted
DNS response. (CVE-2016-8864)

* A denial of service flaw was found in the way BIND processed a response
to an ANY query. A remote attacker could use this flaw to make named exit
unexpectedly with an assertion failure via a specially crafted DNS
response. (CVE-2016-9131)

* A denial of service flaw was found in the way BIND handled a query
response containing inconsistent DNSSEC information. A remote attacker
could use this flaw to make named exit unexpectedly with an assertion
failure via a specially crafted DNS response. (CVE-2016-9147)

* A denial of service flaw was found in the way BIND handled an
unusually-formed DS record response. A remote attacker could use this flaw
to make named exit unexpectedly with an assertion failure via a specially
crafted DNS response. (CVE-2016-9444)

* A denial of service flaw was found in the way BIND handled a query
response containing CNAME or DNAME resource records in an unusual order. A
remote attacker could use this flaw to make named exit unexpectedly with an
assertion failure via a specially crafted DNS response. (CVE-2017-3137)

Red Hat would like to thank ISC for reporting these issues. Upstream
acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN
Labs) as the original reporters of CVE-2016-8864.

Bug Fix(es):

* ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK)
rollover during October 2017. Maintaining an up-to-date KSK is essential
for ensuring that validating DNS resolvers continue to function following
the rollover. (BZ#1459648)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1389652 - CVE-2016-8864 bind: assertion failure while handling responses 
containing a DNAME answer
1411348 - CVE-2016-9131 bind: assertion failure while processing response to an 
ANY query
1411367 - CVE-2016-9147 bind: assertion failure while handling a query response 
containing inconsistent DNSSEC information
1411377 - CVE-2016-9444 bind: assertion failure while handling an 
unusually-formed DS record response
1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME 
with unusual order can crash resolver

6. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.2):

Source:
bind-9.9.4-29.el7_2.6.src.rpm

noarch:
bind-license-9.9.4-29.el7_2.6.noarch.rpm

x86_64:
bind-debuginfo-9.9.4-29.el7_2.6.i686.rpm
bind-debuginfo-9.9.4-29.el7_2.6.x86_64.rpm
bind-libs-9.9.4-29.el7_2.6.i686.rpm
bind-libs-9.9.4-29.el7_2.6.x86_64.rpm
bind-libs-lite-9.9.4-29.el7_2.6.i686.rpm
bind-libs-lite-9.9.4-29.el7_2.6.x86_64.rpm
bind-utils-9.9.4-29.el7_2.6.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2):

x86_64:
bind-9.9.4-29.el7_2.6.x86_64.rpm
bind-chroot-9.9.4-29.el7_2.6.x86_64.rpm
bind-debuginfo-9.9.4-29.el7_2.6.i686.rpm
bind-debuginfo-9.9.4-29.el7_2.6.x86_64.rpm
bind-devel-9.9.4-29.el7_2.6.i686.rpm
bind-devel-9.9.4-29.el7_2.6.x86_64.rpm

[RHSA-2017:1582-01] Important: bind security and bug fix update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: bind security and bug fix update
Advisory ID:   RHSA-2017:1582-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1582
Issue date:2017-06-28
CVE Names: CVE-2017-3137 CVE-2017-3139 
=

1. Summary:

An update for bind is now available for Red Hat Enterprise Linux 6.2
Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update
Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat
Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise
Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco
Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update
Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64
Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64
Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64
Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64
Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64
Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64
Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, 
x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64
Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64
Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64

3. Description:

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

Security Fix(es):

* A denial of service flaw was found in the way BIND handled a query
response containing CNAME or DNAME resource records in an unusual order. A
remote attacker could use this flaw to make named exit unexpectedly with an
assertion failure via a specially crafted DNS response. (CVE-2017-3137)

* A denial of service flaw was found in the way BIND handled DNSSEC
validation. A remote attacker could use this flaw to make named exit
unexpectedly with an assertion failure via a specially crafted DNS
response. (CVE-2017-3139)

Red Hat would like to thank ISC for reporting CVE-2017-3137.

Bug Fix(es):

* ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK)
rollover during October 2017. Maintaining an up-to-date KSK, by adding the
new root zone KSK, is essential for ensuring that validating DNS resolvers
continue to function following the rollover. (BZ#1458229, BZ#1458230,
BZ#1458231, BZ#1458232, BZ#1458233)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME 
with unusual order can crash resolver
1447743 - CVE-2017-3139 bind: assertion failure in DNSSEC validation

6. Package List:

Red Hat Enterprise Linux HPC Node EUS (v. 6.7):

Source:
bind-9.8.2-0.37.rc1.el6_7.11.src.rpm

x86_64:
bind-debuginfo-9.8.2-0.37.rc1.el6_7.11.i686.rpm
bind-debuginfo-9.8.2-0.37.rc1.el6_7.11.x86_64.rpm
bind-libs-9.8.2-0.37.rc1.el6_7.11.i686.rpm
bind-libs-9.8.2-0.37.rc1.el6_7.11.x86_64.rpm
bind-utils-9.8.2-0.37.rc1.el6_7.11.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):

x86_64:
bind-9.8.2-0.37.rc1.el6_7.11.x86_64.rpm
bind-chroot-9.8.2-0.37.rc1.el6_7.11.x86_64.rpm
bind-debuginfo-9.8.2-0.37.rc1.el6_7.11.i686.rpm
bind-debuginfo-9.8.2-0.37.rc1.el6_7.11.x86_64.rpm
bind-devel-9.8.2-0.37.rc1.el6_7.11.i686.rpm
bind-devel-9.8.2-0.37.rc1.el6_7.11.x86_64.rpm
bind-sdb-9.8.2-0.37.rc1.el6_7.11.x86_64.rpm

Red Hat Enterprise Linux Server AUS (v. 6.2):

Source:
bind-9.7.3-8.P3.el6_2.9.src.rpm

x86_64:
bind-9.7.3-8.P3.el6_2.9.x86_64.rpm
bind-chroot-9.7.3-8.P3.el6_2.9.x86_64.rpm
bind-debuginfo-9.7.3-8.P3.el6_2.9.i686.rpm

[RHSA-2017:1581-01] Important: freeradius security update

2017-06-27 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: freeradius security update
Advisory ID:   RHSA-2017:1581-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1581
Issue date:2017-06-28
CVE Names: CVE-2017-9148 
=

1. Summary:

An update for freeradius is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

FreeRADIUS is a high-performance and highly configurable free Remote
Authentication Dial In User Service (RADIUS) server, designed to allow
centralized authentication and authorization for a network.

Security Fix(es):

* An authentication bypass flaw was found in the way the EAP module in
FreeRADIUS handled TLS session resumption. A remote unauthenticated
attacker could potentially use this flaw to bypass the inner authentication
check in FreeRADIUS by resuming an older unauthenticated TLS session.
(CVE-2017-9148)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1456697 - CVE-2017-9148 freeradius: TLS resumption authentication bypass

6. Package List:

Red Hat Enterprise Linux Server (v. 7):

Source:
freeradius-3.0.4-8.el7_3.src.rpm

aarch64:
freeradius-3.0.4-8.el7_3.aarch64.rpm
freeradius-debuginfo-3.0.4-8.el7_3.aarch64.rpm

ppc64:
freeradius-3.0.4-8.el7_3.ppc64.rpm
freeradius-debuginfo-3.0.4-8.el7_3.ppc64.rpm

ppc64le:
freeradius-3.0.4-8.el7_3.ppc64le.rpm
freeradius-debuginfo-3.0.4-8.el7_3.ppc64le.rpm

s390x:
freeradius-3.0.4-8.el7_3.s390x.rpm
freeradius-debuginfo-3.0.4-8.el7_3.s390x.rpm

x86_64:
freeradius-3.0.4-8.el7_3.x86_64.rpm
freeradius-debuginfo-3.0.4-8.el7_3.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

aarch64:
freeradius-debuginfo-3.0.4-8.el7_3.aarch64.rpm
freeradius-devel-3.0.4-8.el7_3.aarch64.rpm
freeradius-doc-3.0.4-8.el7_3.aarch64.rpm
freeradius-krb5-3.0.4-8.el7_3.aarch64.rpm
freeradius-ldap-3.0.4-8.el7_3.aarch64.rpm
freeradius-mysql-3.0.4-8.el7_3.aarch64.rpm
freeradius-perl-3.0.4-8.el7_3.aarch64.rpm
freeradius-postgresql-3.0.4-8.el7_3.aarch64.rpm
freeradius-python-3.0.4-8.el7_3.aarch64.rpm
freeradius-sqlite-3.0.4-8.el7_3.aarch64.rpm
freeradius-unixODBC-3.0.4-8.el7_3.aarch64.rpm
freeradius-utils-3.0.4-8.el7_3.aarch64.rpm

ppc64:
freeradius-debuginfo-3.0.4-8.el7_3.ppc.rpm
freeradius-debuginfo-3.0.4-8.el7_3.ppc64.rpm
freeradius-devel-3.0.4-8.el7_3.ppc.rpm
freeradius-devel-3.0.4-8.el7_3.ppc64.rpm
freeradius-doc-3.0.4-8.el7_3.ppc64.rpm
freeradius-krb5-3.0.4-8.el7_3.ppc64.rpm
freeradius-ldap-3.0.4-8.el7_3.ppc64.rpm
freeradius-mysql-3.0.4-8.el7_3.ppc64.rpm
freeradius-perl-3.0.4-8.el7_3.ppc64.rpm
freeradius-postgresql-3.0.4-8.el7_3.ppc64.rpm
freeradius-python-3.0.4-8.el7_3.ppc64.rpm
freeradius-sqlite-3.0.4-8.el7_3.ppc64.rpm
freeradius-unixODBC-3.0.4-8.el7_3.ppc64.rpm
freeradius-utils-3.0.4-8.el7_3.ppc64.rpm

ppc64le:
freeradius-debuginfo-3.0.4-8.el7_3.ppc64le.rpm
freeradius-devel-3.0.4-8.el7_3.ppc64le.rpm
freeradius-doc-3.0.4-8.el7_3.ppc64le.rpm
freeradius-krb5-3.0.4-8.el7_3.ppc64le.rpm
freeradius-ldap-3.0.4-8.el7_3.ppc64le.rpm
freeradius-mysql-3.0.4-8.el7_3.ppc64le.rpm
freeradius-perl-3.0.4-8.el7_3.ppc64le.rpm
freeradius-postgresql-3.0.4-8.el7_3.ppc64le.rpm
freeradius-python-3.0.4-8.el7_3.ppc64le.rpm
freeradius-sqlite-3.0.4-8.el7_3.ppc64le.rpm
freeradius-unixODBC-3.0.4-8.el7_3.ppc64le.rpm
freeradius-utils-3.0.4-8.el7_3.ppc64le.rpm

s390x:
freeradius-debuginfo-3.0.4-8.el7_3.s390.rpm
freeradius-debuginfo-3.0.4-8.el7_3.s390x.rpm
freeradius-devel-3.0.4-8.el7_3.s390.rpm
freeradius-devel-3.0.4-8.el7_3.s390x.rpm
freeradius-doc-3.0.4-8.el7_3.s390x.rpm
freeradius-krb5-3.0.4-8.el7_3.s390x.rpm
freeradius-ldap-3.0.4-8.el7_3.s390x.rpm
freeradius-mysql-3.0.4-8.el7_3.s390x.rpm
freeradius-perl-3.0.4-8.el7_3.s390x.rpm
freeradius-postgresql-3.0.4-8.el7_3.s390x.rpm
freeradius-python-3.0.4-8.el7_3.s390x.rpm
freeradius-sqlite-3.0.4-8.el7_3.s390x.rpm
freeradius-unixODBC-3.0.4-8.el7_3.s390x.rpm
freeradius-utils-3.0.4-8.el7_3.s390x.rpm

x86_64:
freeradius-debuginfo-3.0.4-8.el7_3.i686.rpm
freeradius-debuginfo-3.0.4-8.el7_3.x86_64.rpm

[RHSA-2017:1601-01] Important: CFME 5.7.3 security, bug fix and enhancement update

2017-06-28 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: CFME 5.7.3 security, bug fix and enhancement 
update
Advisory ID:   RHSA-2017:1601-01
Product:   Red Hat CloudForms
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1601
Issue date:2017-06-28
Cross references:  RHSA-2017:0898
CVE Names: CVE-2016-4457 CVE-2016-7047 CVE-2017-7497 
=

1. Summary:

Updates for cfme, cfme-appliance, cfme-gemset, 
rh-ruby23-rubygem-nokogiri, and rh-ruby23-rubygem-ovirt-engine-sdk4 are now
available for CloudForms Management Engine 5.7.
   
Red Hat Product Security has rated this update as having a security impact 
of Important. A Common Vulnerability Scoring System (CVSS) base score, 
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

CloudForms Management Engine 5.7 - noarch, x86_64

3. Description:

Red Hat CloudForms Management Engine delivers the insight, control, and
automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails, a
model-view-controller (MVC) framework for web application development.
Action Pack implements the controller and the view components.

rh-ruby23-rubygem-nokogiri provides Nokogiri, which is an HTML, XML, SAX,  
and Reader parser.  Among Nokogiri's many features is the ability to search
documents using XPath or CSS3 selectors.   
   
rh-ruby23-rubygem-ovirt-engine-sdk4 provides the ruby SDK for the oVirt
Engine API. 

The following packages have been upgraded to a later upstream version: cfme
(5.7.3.2), cfme-gemset (5.7.3.2), rh-ruby23-rubygem-nokogiri (1.7.2),
cfme-appliance (5.7.3.2), rh-ruby23-rubygem-ovirt-engine-sdk4 (4.1.5).
(BZ#1442774, BZ#1459319)

This update also fixes several bugs and adds various enhancements.
Documentation for these changes is available from the Technical Notes
document linked to in the References section.

Security Fix(es):

* CloudForms includes a default SSL/TLS certificate for the web server.
This certificate is replaced at install time. However if an attacker were
able to man-in-the-middle an administrator while installing the new
certificate, the attacker could get a copy of the uploaded private key
allowing for future attacks. (CVE-2016-4457)

* The dialog for creating cloud volumes (cinder provider) in CloudForms
does not filter cloud tenants by user. An attacker with the ability to
create storage volumes could use this to create storage volumes for any
other tenant. (CVE-2017-7497)

* A flaw was found in the CloudForms API. A user with permissions to use
the MiqReportResults capability within the API could potentially view data
from other tenants or groups to which they should not have access.
(CVE-2016-7047)

The CVE-2016-4457 and CVE-2016-7047 issues were discovered by Simon Lukasik
(Red Hat) and the CVE-2017-7497 issue was discovered by Gellert Kis (Red
Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1322396 - [RFE] Allow for deletion of group when users belong to another group
1341308 - CVE-2016-4457 CFME: default certificate used across all installs
1350340 - Downloading the job templates of Anisble tower displays wrong data
1402992 - VM snapshot: revert option is enabled, for Active VM
1403358 - Add Provider->Type "RHEVM" should change to "RHV"
1414869 - VMRC is not working if IE compatibility mode is disabled
1419604 - [AnsibleTowerClient::ConnectionError]: Your license does not allow 
adding surveys
1428944 - Vulnerable JQuery Version
1430468 - Parent tenant displayed in list view when allowed by RBAC
1434152 - [RFE] Support for custom Amazon Regions in Provider
1434952 - delete action in /api/orchestration_templates results in error
1436074 - Back/Cancel buttton is missing on host drift comparison page
1436222 - The option of VM migration to the same host it is already running on 
is possible
1436226 - Persistent volume relationship link broken
1436228 - When the same action is used twice for a policy, action icons are 
inconsistent
1436232 - WebUI - Web Console button is enabled for archived vm's
1436233 - Container Provider - Capacity & Utilization: The page you were 
looking for doesn't exist
1436236 - Can't add provider specific catalog items to global region
1436237 - Event filter For Openstack::InfraManager
1436756 -

[RHSA-2017:2451-01] Important: openstack-neutron security update

2017-08-08 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: openstack-neutron security update
Advisory ID:   RHSA-2017:2451-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2451
Issue date:2017-08-08
CVE Names: CVE-2017-7543 
=

1. Summary:

An update for openstack-neutron is now available for Red Hat OpenStack
Platform 8.0 (Liberty).

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 8.0 (Liberty) - noarch

3. Description:

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines.

Security Fix(es):

* A race-condition flaw was discovered in openstack-neutron where,
following a minor overcloud update, neutron security groups were disabled.
Specifically, the following were reset to 0:
net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables.
The race was only triggered by an update, at which point an attacker could
access exposed tenant VMs and network resources. (CVE-2017-7543)

This issue was discovered by Paul Needle (Red Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1473792 - CVE-2017-7543 openstack-neutron: iptables not active after update

6. Package List:

Red Hat OpenStack Platform 8.0 (Liberty):

Source:
openstack-neutron-7.2.0-12.1.el7ost.src.rpm

noarch:
openstack-neutron-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-bigswitch-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-brocade-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-cisco-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-common-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-dev-server-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-embrane-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-linuxbridge-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-mellanox-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-metering-agent-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-ml2-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-nuage-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-ofagent-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-oneconvergence-nvsd-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-opencontrail-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-openvswitch-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-ovsvapp-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-rpc-server-7.2.0-12.1.el7ost.noarch.rpm
openstack-neutron-sriov-nic-agent-7.2.0-12.1.el7ost.noarch.rpm
python-neutron-7.2.0-12.1.el7ost.noarch.rpm
python-neutron-tests-7.2.0-12.1.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7543
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZijz5XlSAg2UNWIIRAvKyAJ0W/Sohb8Vf/kKtyvv2sw9C3buAAACdFtgq
NF2iAst1GD6HWbsG+sc01UM=
=NEgn
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2449-01] Important: openstack-neutron security update

2017-08-08 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: openstack-neutron security update
Advisory ID:   RHSA-2017:2449-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2449
Issue date:2017-08-08
CVE Names: CVE-2017-7543 
=

1. Summary:

An update for openstack-neutron is now available for Red Hat OpenStack
Platform 11.0 (Ocata).

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 11.0 - noarch

3. Description:

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines.

Security Fix(es):

* A race-condition flaw was discovered in openstack-neutron where,
following a minor overcloud update, neutron security groups were disabled.
Specifically, the following were reset to 0:
net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables.
The race was only triggered by an update, at which point an attacker could
access exposed tenant VMs and network resources. (CVE-2017-7543)

This issue was discovered by Paul Needle (Red Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1473792 - CVE-2017-7543 openstack-neutron: iptables not active after update

6. Package List:

Red Hat OpenStack Platform 11.0:

Source:
openstack-neutron-10.0.2-1.1.el7ost.src.rpm

noarch:
openstack-neutron-10.0.2-1.1.el7ost.noarch.rpm
openstack-neutron-common-10.0.2-1.1.el7ost.noarch.rpm
openstack-neutron-linuxbridge-10.0.2-1.1.el7ost.noarch.rpm
openstack-neutron-macvtap-agent-10.0.2-1.1.el7ost.noarch.rpm
openstack-neutron-metering-agent-10.0.2-1.1.el7ost.noarch.rpm
openstack-neutron-ml2-10.0.2-1.1.el7ost.noarch.rpm
openstack-neutron-openvswitch-10.0.2-1.1.el7ost.noarch.rpm
openstack-neutron-rpc-server-10.0.2-1.1.el7ost.noarch.rpm
openstack-neutron-sriov-nic-agent-10.0.2-1.1.el7ost.noarch.rpm
python-neutron-10.0.2-1.1.el7ost.noarch.rpm
python-neutron-tests-10.0.2-1.1.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7543
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZij0eXlSAg2UNWIIRAne5AKC9MI2aQ3b/w1+PLMZqAdMs8b3jkQCeMfk2
Gpey/NCmEoC3HbkbkEBzmHE=
=B61h
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2447-01] Important: openstack-neutron security update

2017-08-08 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: openstack-neutron security update
Advisory ID:   RHSA-2017:2447-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2447
Issue date:2017-08-08
CVE Names: CVE-2017-7543 
=

1. Summary:

An update for openstack-neutron is now available for Red Hat OpenStack
Platform 9.0 (Mitaka).

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 9.0 - noarch

3. Description:

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines.

Security Fix(es):

* A race-condition flaw was discovered in openstack-neutron where,
following a minor overcloud update, neutron security groups were disabled.
Specifically, the following were reset to 0:
net.bridge.bridge-nf-call-arptables, net.bridge.bridge-nf-call-ip6tables,
and net.bridge.bridge-nf-call-iptables. The race was only triggered by an
update, at which point an attacker could access exposed tenant VMs and
network resources. (CVE-2017-7543)

This issue was discovered by Paul Needle (Red Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1473792 - CVE-2017-7543 openstack-neutron: iptables not active after update

6. Package List:

Red Hat OpenStack Platform 9.0:

Source:
openstack-neutron-8.3.0-11.1.el7ost.src.rpm

noarch:
openstack-neutron-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-bgp-dragent-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-common-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-linuxbridge-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-macvtap-agent-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-metering-agent-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-ml2-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-openvswitch-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-rpc-server-8.3.0-11.1.el7ost.noarch.rpm
openstack-neutron-sriov-nic-agent-8.3.0-11.1.el7ost.noarch.rpm
python-neutron-8.3.0-11.1.el7ost.noarch.rpm
python-neutron-tests-8.3.0-11.1.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7543
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD8DBQFZij1PXlSAg2UNWIIRAhVUAKCiyH+qCt/BBU9b5LcLebkBurSzcwCcDUmi
i1ZVbLDhOBDJ9fiHAIwUkEw=
=WIhr
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:2452-01] Important: openstack-neutron security update

2017-08-08 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: openstack-neutron security update
Advisory ID:   RHSA-2017:2452-01
Product:   Red Hat Enterprise Linux OpenStack Platform
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2452
Issue date:2017-08-08
CVE Names: CVE-2017-7543 
=

1. Summary:

An update for openstack-neutron is now available for Red Hat Enterprise
Linux OpenStack Platform 6.0 (Juno) for RHEL 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 - noarch

3. Description:

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines.

Security Fix(es):

* A race-condition flaw was discovered in openstack-neutron where,
following a minor overcloud update, neutron security groups were disabled.
Specifically, the following were reset to 0:
net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables.
The race was only triggered by an update, at which point an attacker could
access exposed tenant VMs and network resources. (CVE-2017-7543)

This issue was discovered by Paul Needle (Red Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1473792 - CVE-2017-7543 openstack-neutron: iptables not active after update

6. Package List:

Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7:

Source:
openstack-neutron-2014.2.3-42.el7ost.src.rpm

noarch:
openstack-neutron-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-bigswitch-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-brocade-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-cisco-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-common-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-embrane-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-hyperv-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-ibm-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-linuxbridge-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-mellanox-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-metaplugin-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-metering-agent-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-midonet-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-ml2-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-nec-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-nuage-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-ofagent-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-oneconvergence-nvsd-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-opencontrail-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-openvswitch-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-plumgrid-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-ryu-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-sriov-nic-agent-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-vmware-2014.2.3-42.el7ost.noarch.rpm
openstack-neutron-vpn-agent-2014.2.3-42.el7ost.noarch.rpm
python-neutron-2014.2.3-42.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7543
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iD4DBQFZikGFXlSAg2UNWIIRAku3AJjrV0ojwndzQIwo8h/FkN4+DKKDAKCjjh4R
SSvOIcnnPYnSuD5YrGMMCQ==
=Ctu7
-END PGP SIGNATURE-

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

[RHSA-2017:1871-01] Moderate: tcpdump security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: tcpdump security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:1871-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1871
Issue date:2017-08-01
CVE Names: CVE-2015-0261 CVE-2015-2153 CVE-2015-2154 
   CVE-2015-2155 CVE-2016-7922 CVE-2016-7923 
   CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 
   CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 
   CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 
   CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 
   CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 
   CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 
   CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 
   CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 
   CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 
   CVE-2016-8575 CVE-2017-5202 CVE-2017-5203 
   CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 
   CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 
   CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 
=

1. Summary:

An update for tcpdump is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

The tcpdump packages contain the tcpdump utility for monitoring network
traffic. The tcpdump utility can capture and display the packet headers on
a particular network interface or on all interfaces.

The following packages have been upgraded to a later upstream version:
tcpdump (4.9.0). (BZ#1422473)

Security Fix(es):

* Multiple out of bounds read and integer overflow vulnerabilities were
found in tcpdump affecting the decoding of various protocols. An attacker
could create a crafted pcap file or send specially crafted packets to the
network segment where tcpdump is running in live capture mode (without -w)
which could cause it to display incorrect data, crash or enter an infinite
loop. (CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155,
CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926,
CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931,
CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936,
CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973,
CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985,
CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575,
CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341,
CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485,
CVE-2017-5486)

Red Hat would like to thank the Tcpdump project for reporting
CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926,
CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931,
CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936,
CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973,
CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985,
CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575,
CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341,
CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485,
and CVE-2017-5486.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1201792 - CVE-2015-0261 tcpdump: IPv6 mobility printer mobility_opt_print() 
typecastimg/signedness error
1201795 - CVE-2015-2153 tcpdump: tcp printer rpki_rtr_pdu_print() missing 
length check
1201797 - CVE-2015-2154 tcpdump: ethernet printer osi_print_cksum() missing 
sanity checks out-of-bounds read
1201798 - CVE-2015-2155 tcpdump: force printer vulnerability
1292056 - Use -Q instead of -P to set capture direction
1296230 - Run upstream tests during build process
1297812 - Tcpdump segfaults with

[RHSA-2017:1975-01] Moderate: libreoffice security and bug fix update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: libreoffice security and bug fix update
Advisory ID:   RHSA-2017:1975-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1975
Issue date:2017-08-01
CVE Names: CVE-2017-7870 
=

1. Summary:

An update for libreoffice is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64le, 
x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

LibreOffice is an open source, community-developed office productivity
suite. It includes key desktop applications, such as a word processor, a
spreadsheet, a presentation manager, a formula editor, and a drawing
program. LibreOffice replaces OpenOffice and provides a similar but
enhanced and extended office suite.

Security Fix(es):

* An out-of-bounds write flaw was found in the way Libreoffice rendered
certain documents containing Polygon images. By tricking a user into
opening a specially crafted LibreOffice file, an attacker could possibly
use this flaw to execute arbitrary code with the privileges of the user
opening the file. (CVE-2017-7870)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of LibreOffice applications must be restarted for
this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1397992 - [fix available] Crash in calc after closing dialog box with a11y 
enabled
1411327 - [fix available] Password Protected (Encrypted) files opening as plain 
text after cancelling password dialog
1421726 - [fix available] redraw issues in libreoffice calc when 300 or more 
cells are populated
1431539 - gnome-documents requires libreofficekit which is not provided
1444061 - CVE-2017-7870 libreoffice: Heap-buffer-overflow in 
tools::Polygon::Insert
1454598 - [fix available] LibreOffice Writer crashes when selecting a bullet or 
numbering type from toolbar
1454693 - Segmentation fault after clicking gnome-documents back button while 
presentation is being slowly loaded

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
libreoffice-5.0.6.2-14.el7.src.rpm

noarch:
autocorr-af-5.0.6.2-14.el7.noarch.rpm
autocorr-bg-5.0.6.2-14.el7.noarch.rpm
autocorr-ca-5.0.6.2-14.el7.noarch.rpm
autocorr-cs-5.0.6.2-14.el7.noarch.rpm
autocorr-da-5.0.6.2-14.el7.noarch.rpm
autocorr-de-5.0.6.2-14.el7.noarch.rpm
autocorr-en-5.0.6.2-14.el7.noarch.rpm
autocorr-es-5.0.6.2-14.el7.noarch.rpm
autocorr-fa-5.0.6.2-14.el7.noarch.rpm
autocorr-fi-5.0.6.2-14.el7.noarch.rpm
autocorr-fr-5.0.6.2-14.el7.noarch.rpm
autocorr-ga-5.0.6.2-14.el7.noarch.rpm
autocorr-hr-5.0.6.2-14.el7.noarch.rpm
autocorr-hu-5.0.6.2-14.el7.noarch.rpm
autocorr-is-5.0.6.2-14.el7.noarch.rpm
autocorr-it-5.0.6.2-14.el7.noarch.rpm
autocorr-ja-5.0.6.2-14.el7.noarch.rpm
autocorr-ko-5.0.6.2-14.el7.noarch.rpm
autocorr-lb-5.0.6.2-14.el7.noarch.rpm
autocorr-lt-5.0.6.2-14.el7.noarch.rpm
autocorr-mn-5.0.6.2-14.el7.noarch.rpm
autocorr-nl-5.0.6.2-14.el7.noarch.rpm
autocorr-pl-5.0.6.2-14.el7.noarch.rpm
autocorr-pt-5.0.6.2-14.el7.noarch.rpm
autocorr-ro-5.0.6.2-14.el7.noarch.rpm
autocorr-ru-5.0.6.2-14.el7.noarch.rpm
autocorr-sk-5.0.6.2-14.el7.noarch.rpm
autocorr-sl-5.0.6.2-14.el7.noarch.rpm
autocorr-sr-5.0.6.2-14.el7.noarch.rpm
autocorr-sv-5.0.6.2-14.el7.noarch.rpm
autocorr-tr-5.0.6.2-14.el7.noarch.rpm
autocorr-vi-5.0.6.2-14.el7.noarch.rpm
autocorr-zh-5.0.6.2-14.el7.noarch.rpm
libreoffice-opensymbol-fonts-5.0.6.2-14.el7.noarch.rpm

x86_64:
libreoffice-base-5.0.6.2-14.el7.x86_64.rpm
libreoffice-calc-5.0.6.2-14.el7.x86_64.rpm
libreoffice-core-5.0.6.2-14.el7.x86_64.rpm
libreoffice-debuginfo-5.0.6.2-14.el7.x86_64.rpm
libreoffice-draw-5.0.6.2-14.el7.x86_64.rpm
libreoffice-emailmerge-5.0.6.2-14.el7.x86_64.rpm
libreoffice-graphicfilter-5.0.6.2-14.el7.x86_64.rpm
libreoffice-impress-5.0.6.2-14.el7.x86_64.rpm
libreoffice-langpack-af-5.0.6.2-14.el7.x86_64.rpm
libreoffice-langpack-ar-5.0.6.2-14.el7.x86_64.rpm

[RHSA-2017:2335-01] Moderate: pki-core security update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: pki-core security update
Advisory ID:   RHSA-2017:2335-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2335
Issue date:2017-08-01
CVE Names: CVE-2017-7537 
=

1. Summary:

An update for pki-core is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64le, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch

3. Description:

Red Hat Certificate System is an enterprise software system designed to
manage enterprise public key infrastructure (PKI) deployments. PKI Core
contains fundamental packages required by Red Hat Certificate System, which
comprise the Certificate Authority (CA) subsystem.

Security Fix(es):

* It was found that a mock CMC authentication plugin with a hardcoded
secret was accidentally enabled by default in the pki-core package. An
attacker could potentially use this flaw to bypass the regular
authentication process and trick the CA server into issuing certificates.
(CVE-2017-7537)

This issue was discovered by Christina Fu (Red Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1469432 - CMC plugin default change
1470817 - CVE-2017-7537 pki-core: mock CMC authentication plugin with hardcoded 
secret enabled by default

6. Package List:

Red Hat Enterprise Linux Client Optional (v. 7):

Source:
pki-core-10.4.1-11.el7.src.rpm

noarch:
pki-base-10.4.1-11.el7.noarch.rpm
pki-base-java-10.4.1-11.el7.noarch.rpm
pki-ca-10.4.1-11.el7.noarch.rpm
pki-javadoc-10.4.1-11.el7.noarch.rpm
pki-kra-10.4.1-11.el7.noarch.rpm
pki-server-10.4.1-11.el7.noarch.rpm

x86_64:
pki-core-debuginfo-10.4.1-11.el7.x86_64.rpm
pki-symkey-10.4.1-11.el7.x86_64.rpm
pki-tools-10.4.1-11.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
pki-core-10.4.1-11.el7.src.rpm

noarch:
pki-base-10.4.1-11.el7.noarch.rpm
pki-base-java-10.4.1-11.el7.noarch.rpm
pki-ca-10.4.1-11.el7.noarch.rpm
pki-javadoc-10.4.1-11.el7.noarch.rpm
pki-kra-10.4.1-11.el7.noarch.rpm
pki-server-10.4.1-11.el7.noarch.rpm

x86_64:
pki-core-debuginfo-10.4.1-11.el7.x86_64.rpm
pki-symkey-10.4.1-11.el7.x86_64.rpm
pki-tools-10.4.1-11.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
pki-core-10.4.1-11.el7.src.rpm

aarch64:
pki-core-debuginfo-10.4.1-11.el7.aarch64.rpm
pki-symkey-10.4.1-11.el7.aarch64.rpm
pki-tools-10.4.1-11.el7.aarch64.rpm

noarch:
pki-base-10.4.1-11.el7.noarch.rpm
pki-base-java-10.4.1-11.el7.noarch.rpm
pki-ca-10.4.1-11.el7.noarch.rpm
pki-kra-10.4.1-11.el7.noarch.rpm
pki-server-10.4.1-11.el7.noarch.rpm

ppc64le:
pki-core-debuginfo-10.4.1-11.el7.ppc64le.rpm
pki-tools-10.4.1-11.el7.ppc64le.rpm

x86_64:
pki-core-debuginfo-10.4.1-11.el7.x86_64.rpm
pki-symkey-10.4.1-11.el7.x86_64.rpm
pki-tools-10.4.1-11.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

Source:
pki-core-10.4.1-11.el7.src.rpm

noarch:
pki-base-10.4.1-11.el7.noarch.rpm
pki-base-java-10.4.1-11.el7.noarch.rpm
pki-ca-10.4.1-11.el7.noarch.rpm
pki-javadoc-10.4.1-11.el7.noarch.rpm
pki-kra-10.4.1-11.el7.noarch.rpm
pki-server-10.4.1-11.el7.noarch.rpm

ppc64:
pki-core-debuginfo-10.4.1-11.el7.ppc64.rpm
pki-symkey-10.4.1-11.el7.ppc64.rpm
pki-tools-10.4.1-11.el7.ppc64.rpm

ppc64le:
pki-core-debuginfo-10.4.1-11.el7.ppc64le.rpm
pki-symkey-10.4.1-11.el7.ppc64le.rpm

s390x:
pki-core-debuginfo-10.4.1-11.el7.s390x.rpm
pki-symkey-10.4.1-11.el7.s390x.rpm
pki-tools-10.4.1-11.el7.s390x.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
pki-core-10.4.1-11.el7.src.rpm

noarch:
pki-base-10.4.1-11.el7.noarch.rpm
pki-base-java-10.4.1-11.el7.noarch.rpm
pki-ca-10.4.1-11.el7.noarch.rpm
pki-kra-10.4.1-11.el7.noarch.rpm
pki-server-10.4.1-11.el7.noarch.rpm

x86_64:
pki-core-debuginfo-10.4.1-11.el7.x86_64.rpm
pki-symkey-10.4.1-11.el7.x86_64.rpm
pki-tools-10.4.1-11.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

noarch:
pki-javadoc-10.4.1-11.el7.noarch.rpm

These packages are GPG signed by Red Hat for

[RHSA-2017:2016-01] Moderate: curl security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: curl security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:2016-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2016
Issue date:2017-08-01
CVE Names: CVE-2016-7167 
=

1. Summary:

An update for curl is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

The curl packages provide the libcurl library and the curl utility for
downloading files from servers using various protocols, including HTTP,
FTP, and LDAP.

Security Fix(es):

* Multiple integer overflow flaws leading to heap-based buffer overflows
were found in the way curl handled escaping and unescaping of data. An
attacker could potentially use these flaws to crash an application using
libcurl by sending a specially crafted input to the affected libcurl
functions. (CVE-2016-7167)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1341503 - Curl request for HTTP GET with Cookie to an IPV6 address does not 
send the cookie
1374740 - libcurl does not accept use of ciphers *-SHA384
1375906 - CVE-2016-7167 curl: escape and unescape integer overflows
1388162 - HTTPS request hangs when HTTP proxy responds too soon
1404815 - SEC_ERROR_NO_TOKEN error when using SSL and multiple threads
1420327 - CURL 7.29 cannot connect to FTPS using proxytunnel

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
curl-7.29.0-42.el7.src.rpm

x86_64:
curl-7.29.0-42.el7.x86_64.rpm
curl-debuginfo-7.29.0-42.el7.i686.rpm
curl-debuginfo-7.29.0-42.el7.x86_64.rpm
libcurl-7.29.0-42.el7.i686.rpm
libcurl-7.29.0-42.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
curl-debuginfo-7.29.0-42.el7.i686.rpm
curl-debuginfo-7.29.0-42.el7.x86_64.rpm
libcurl-devel-7.29.0-42.el7.i686.rpm
libcurl-devel-7.29.0-42.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
curl-7.29.0-42.el7.src.rpm

x86_64:
curl-7.29.0-42.el7.x86_64.rpm
curl-debuginfo-7.29.0-42.el7.i686.rpm
curl-debuginfo-7.29.0-42.el7.x86_64.rpm
libcurl-7.29.0-42.el7.i686.rpm
libcurl-7.29.0-42.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
curl-debuginfo-7.29.0-42.el7.i686.rpm
curl-debuginfo-7.29.0-42.el7.x86_64.rpm
libcurl-devel-7.29.0-42.el7.i686.rpm
libcurl-devel-7.29.0-42.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
curl-7.29.0-42.el7.src.rpm

aarch64:
curl-7.29.0-42.el7.aarch64.rpm
curl-debuginfo-7.29.0-42.el7.aarch64.rpm
libcurl-7.29.0-42.el7.aarch64.rpm
libcurl-devel-7.29.0-42.el7.aarch64.rpm

ppc64:
curl-7.29.0-42.el7.ppc64.rpm
curl-debuginfo-7.29.0-42.el7.ppc.rpm
curl-debuginfo-7.29.0-42.el7.ppc64.rpm
libcurl-7.29.0-42.el7.ppc.rpm
libcurl-7.29.0-42.el7.ppc64.rpm
libcurl-devel-7.29.0-42.el7.ppc.rpm
libcurl-devel-7.29.0-42.el7.ppc64.rpm

ppc64le:
curl-7.29.0-42.el7.ppc64le.rpm
curl-debuginfo-7.29.0-42.el7.ppc64le.rpm
libcurl-7.29.0-42.el7.ppc64le.rpm
libcurl-devel-7.29.0-42.el7.ppc64le.rpm

s390x:
curl-7.29.0-42.el7.s390x.rpm
curl-debuginfo-7.29.0-42.el7.s390.rpm
curl-debuginfo-7.29.0-42.el7.s390x.rpm
libcurl-7.29.0-42.el7.s390.rpm
libcurl-7.29.0-42.el7.s390x.rpm
libcurl-devel-7.29.0-42.el7.s390.rpm
libcurl-devel-7.29.0-42.el7.s390x.rpm

x86_64:
curl-7.29.0-42.el7.x86_64.rpm
curl-debuginfo-7.29.0-42.el7.i686.rpm
curl-debuginfo-7.29.0-42.el7.x86_64.rpm
libcurl-7.29.0-42.el7.i686.rpm
libcurl-7.29.0-42.el7.x86_64.rpm
libcurl-devel-7.29.0-42.el7.i686.rpm
libcurl-devel-7.29.0-42.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
curl-7.29.0-42.el7.src.rpm

x86_64:
curl-7.29.0-42.el7.x86_64.rpm
curl-debuginfo-7.29.0-42.el7.i686.rpm
curl-debuginfo-7.29.0-42.el7.x86_64.rpm
libcurl-7.29.0-42.el7.i686.rpm
libcurl-7.29.0-42.el7.x86_64.rpm
libcurl-devel-7.29.0-42.el7.i686.rpm

[RHSA-2017:1865-01] Moderate: X.org X11 libraries security, bug fix and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: X.org X11 libraries security, bug fix and 
enhancement update
Advisory ID:   RHSA-2017:1865-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1865
Issue date:2017-08-01
CVE Names: CVE-2016-10164 CVE-2017-2625 CVE-2017-2626 
=

1. Summary:

An update is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, 
ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

The X11 (Xorg) libraries provide library routines that are used within all
X Window applications.

The following packages have been upgraded to a later upstream version:
libX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3),
libXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1),
libXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11),
libXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy (1.3.1),
libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1), libwacom (0.24),
libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1), mesa-private-llvm
(3.9.1), xcb-proto (1.12), xkeyboard-config (2.20), xorg-x11-proto-devel
(7.7). (BZ#1401667, BZ#1401668, BZ#1401669, BZ#1401670, BZ#1401671,
BZ#1401672, BZ#1401673, BZ#1401675, BZ#1401676, BZ#1401677, BZ#1401678,
BZ#1401679, BZ#1401680, BZ#1401681, BZ#1401682, BZ#1401683, BZ#1401685,
BZ#1401690, BZ#1401752, BZ#1401753, BZ#1401754, BZ#1402560, BZ#1410477,
BZ#1411390, BZ#1411392, BZ#1411393, BZ#1411452, BZ#1420224)

Security Fix(es):

* An integer overflow flaw leading to a heap-based buffer overflow was
found in libXpm. An attacker could use this flaw to crash an application
using libXpm via a specially crafted XPM file. (CVE-2016-10164)

* It was discovered that libXdmcp used weak entropy to generate session
keys. On a multi-user system using xdmcp, a local attacker could
potentially use information available from the process list to brute force
the key, allowing them to hijack other users' sessions. (CVE-2017-2625)

* It was discovered that libICE used a weak entropy to generate keys. A
local attacker could potentially use this flaw for session hijacking using
the information available from the process list. (CVE-2017-2626)

Red Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for reporting
CVE-2017-2625 and CVE-2017-2626.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1268849 - Installed (but unpackaged) file(s) found for ppc64 qnd ppc64le
1272117 - [libICE] Installed (but unpackaged) file(s) found
1272129 - [libXaw] error: Installed (but unpackaged) file(s) found
1273281 - libXi - wrong release string
1297276 - mesa vdpau drivers are missing
1378864 - DRI3/Present OGL application hang
1388458 - RHEL7 libXcursor default cursor theme is dmz-aa, but 
dmz-cursor-themes no longer supplied
1401667 - Rebase libX11 in RHEL 7.4
1401668 - Rebase libXaw in RHEL 7.4
1401669 - Rebase libXdmcp in RHEL 7.4
1401670 - Rebase libXfixes in RHEL 7.4
1401671 - Rebase libXfont in RHEL 7.4
1401672 - Rebase libXi in RHEL 7.4
1401673 - Rebase libXrandr in RHEL 7.4
1401675 - Rebase libXrender in RHEL 7.4
1401676 - Rebase libXt in RHEL 7.4
1401677 - Rebase libXtst in RHEL 7.4
1401678 - Rebase libXv in RHEL 7.4
1401679 - Rebase libXvMC in RHEL 7.4
1401680 - Rebase libXxf86vm in RHEL 7.4
1401681 - Rebase libdrm in RHEL 7.4
1401682 - Rebase mesa in RHEL 7.4
1401683 - Rebase mesa-private-llvm in RHEL 7.4
1401685 - Rebase xorg-x11-proto-devel in RHEL 7.4
1401690 - Rebase libepoxy in RHEL 7.4
1401752 - Rebase libwacom in RHEL 7.4
1401753 - Rebase xkeyboard-config in RHEL 7.4
1401754 - Rebase libevdev in RHEL 7.4
1402560 -

[RHSA-2017:1916-01] Moderate: glibc security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: glibc security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:1916-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1916
Issue date:2017-08-01
CVE Names: CVE-2014-9761 CVE-2015-8776 CVE-2015-8777 
   CVE-2015-8778 CVE-2015-8779 
=

1. Summary:

An update for glibc is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The glibc packages provide the standard C libraries (libc), POSIX thread
libraries (libpthread), standard math libraries (libm), and the name
service cache daemon (nscd) used by multiple programs on the system.
Without these libraries, the Linux system cannot function correctly.

Security Fix(es):

* A stack overflow vulnerability was found in nan* functions that could
cause applications, which process long strings with the nan function, to
crash or, potentially, execute arbitrary code. (CVE-2014-9761)

* It was found that out-of-range time values passed to the strftime()
function could result in an out-of-bounds memory access. This could lead to
application crash or, potentially, information disclosure. (CVE-2015-8776)

* An integer overflow vulnerability was found in hcreate() and hcreate_r()
functions which could result in an out-of-bounds memory access. This could
lead to application crash or, potentially, arbitrary code execution.
(CVE-2015-8778)

* A stack based buffer overflow vulnerability was found in the catopen()
function. An excessively long string passed to the function could cause it
to crash or, potentially, execute arbitrary code. (CVE-2015-8779)

* It was found that the dynamic loader did not sanitize the
LD_POINTER_GUARD environment variable. An attacker could use this flaw to
bypass the pointer guarding protection on set-user-ID or set-group-ID
programs to execute arbitrary code with the permissions of the user running
the application. (CVE-2015-8777)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the glibc library
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

906468 - Deadlock in glibc between fork and malloc
1213603 - glibc: nss_db: get*ent crashes without preceding set*ent
1260581 - CVE-2015-8777 glibc: LD_POINTER_GUARD in the environment is not 
sanitized
1298975 - [RFE] Backport the groups merging feature
1300299 - CVE-2015-8776 glibc: Segmentation fault caused by passing 
out-of-range data to strftime()
1300303 - CVE-2015-8778 glibc: Integer overflow in hcreate and hcreate_r
1300310 - CVE-2014-9761 glibc: Unbounded stack allocation in nan* functions
1300312 - CVE-2015-8779 glibc: Unbounded stack allocation in catopen function
1318877 - Per C11 and C++11,  should not look at __STDC_LIMIT_MACROS 
or __STDC_CONSTANT_MACROS
1318890 - glibc: nss_db: long group entries are skipped
1322544 - Segmentation violation can occur within glibc if fork() is used in a 
multi-threaded application
1324568 - glibc: getent returns dud entry  when nscd enabled
1325138 - glibc: Corrupted aux-cache causes ldconfig to segfault
1330705 - open() and openat() ignore 'mode' with O_TMPFILE on newer kernels
1338672 - glibc: GCC 6 enablement for struct sockaddr_storage
1366569 - glibc: default nsswitch.conf should not set initgroups
1370630 - glibc: nss_db: Endless loop in services database processing
1387874 - MSG_FASTOPEN definition missing
1392540 - glibc: default nsswitch.conf does not list sss for the automount 
service
1404435 - "yum update" on fresh installation of RHEL 7.0 or 7.1 PPC64 (updating 
to 7.3) results in various yum errors
1417205 -

[RHSA-2017:1856-01] Moderate: qemu-kvm security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: qemu-kvm security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:1856-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1856
Issue date:2017-08-01
CVE Names: CVE-2016-4020 CVE-2017-2633 CVE-2017-5898 
=

1. Summary:

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

Kernel-based Virtual Machine (KVM) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm package provides the
user-space component for running virtual machines that use KVM.

Security Fix(es):

* An out-of-bounds memory access issue was found in Quick Emulator (QEMU)
in the VNC display driver. This flaw could occur while refreshing the VNC
display surface area in the 'vnc_refresh_server_surface'. A user inside a
guest could use this flaw to crash the QEMU process. (CVE-2017-2633)

* An integer overflow flaw was found in Quick Emulator (QEMU) in the CCID
Card device support. The flaw could occur while passing messages via
command/response packets to and from the host. A privileged user inside a
guest could use this flaw to crash the QEMU process. (CVE-2017-5898)

* An information exposure flaw was found in Quick Emulator (QEMU) in Task
Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw
could occur while accessing TPR. A privileged user inside a guest could use
this issue to read portions of the host memory. (CVE-2016-4020)

Red Hat would like to thank Li Qiang (360.cn Inc.) for reporting
CVE-2017-5898 and Donghai Zdh (Alibaba Inc.) for reporting CVE-2016-4020.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1151859 - [RFE] Allow the libgfapi logging level to be controlled.
1299875 - system_reset should clear pending request for error (IDE)
1313686 - CVE-2016-4020 Qemu: i386: leakage of stack memory to guest in 
kvmvapic.c
1342489 - Flickering Fedora 24 Login Screen on RHEL 7
1361488 - system_reset should clear pending request for error (virtio-blk)
1375507 - "threads" option is overwritten if both "sockets" and "cores" is set 
on -smp
1377087 - shutdown rhel 5.11 guest failed and stop at "system halted"
1377977 - qemu-kvm coredump in vnc_raw_send_framebuffer_update [rhel-7.4]
1378541 - QEMU: update package summary and description
1419699 - CVE-2017-5898 Qemu: usb: integer overflow in emulated_apdu_from_guest
1419898 - Documentation inaccurate for __com.redhat_qxl_screendump and 
__com.redhat_drive_add
1425939 - CVE-2017-2633 Qemu: VNC: memory corruption due to unchecked 
resolution limit
1427176 - test cases of qemu-iotests failed
1430606 - Can't build qemu-kvm with newer spice packages
1433920 - Switch from librdmacm-devel to rdma-core-devel
1436280 - sample images  for qemu-iotests are missing in the SRPM
1440987 - Remove texi2html build dependancy from RPM
1441778 - Stop building qemu-img for 32bit architectures.
1451470 - RHEL 7.2 based VM (Virtual Machine) hung for several hours apparently 
waiting for lock held by main_loop
1452067 - migration can confuse serial port user
1456983 - Character device regression due to missing patch

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
qemu-kvm-1.5.3-141.el7.src.rpm

x86_64:
qemu-img-1.5.3-141.el7.x86_64.rpm
qemu-kvm-1.5.3-141.el7.x86_64.rpm
qemu-kvm-common-1.5.3-141.el7.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-141.el7.x86_64.rpm
qemu-kvm-tools-1.5.3-141.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
qemu-kvm-1.5.3-141.el7.src.rpm

x86_64:
qemu-img-1.5.3-141.el7.x86_64.rpm
qemu-kvm-1.5.3-141.el7.x86_64.rpm
qemu-kvm-common-1.5.3-141.el7.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-141.el7.x86_64.rpm

[RHSA-2017:1950-01] Low: samba security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Low: samba security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:1950-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1950
Issue date:2017-08-01
CVE Names: CVE-2017-9461 
=

1. Summary:

An update for samba is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, 
ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Resilient Storage (v. 7) - x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

Samba is an open-source implementation of the Server Message Block (SMB)
protocol and the related Common Internet File System (CIFS) protocol, which
allow PC-compatible machines to share files, printers, and various
information.

The following packages have been upgraded to a later upstream version:
samba (4.6.2). (BZ#1391954)

Security Fix(es):

* A flaw was found in the way Samba handled dangling symlinks. An
authenticated malicious Samba client could use this flaw to cause the smbd
daemon to enter an infinite loop and use an excessive amount of CPU and
memory. (CVE-2017-9461)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1218926 - Samba ignores default_keytab_name in krb5.conf
1327810 - Option "printcap cache time = 1" doesn't have any impact
1356932 - the "ldap ssl" description for smb.conf is incorrectly defined
1377690 - libnss_wins.so.2 doesn't link against libreplace with rpath
1377729 - nss_wins has incorrect function definitions for gethostbyname*
1377751 - BADLOCK regression: smbclient fails to connect to Azure or Apple 
share; spnego fails with no mechListMIC
1389786 - [RFE] Samba add 'net ads dns unregister' command from Samba 4.5.0
1397871 - The krb5.conf created by net and winbind does not include the system 
/etc/krb5.conf
1397891 - SetPrinter info level 2 marshalling fails
1397895 - spoolss_AddPrinterDriver does not support APD_COPY_FROM_DIRECTORY
1401505 - idmap_hash failes to map SID to UID
1403242 - Samba can not access trusted domains through transitive trusts
1403975 - Trusted domains not working with Samba-Winbind 4.4
1416746 - Fix division by zero error in 05.system event script - ctdb
1420130 - samba_krb5_wrapper does not list devices when called with no arguments
1430755 - net ads join can't create keytab when 'kerberos method' is set to use 
a keytab
1430759 - use GSSAPI gss_acquire_cred_from call for gssproxy support
1431986 - expand_dfs plugin read_target_host() parameters
1448544 - Uploading 32-bit drivers to a Samba 4.6 print server fail
1459179 - Smbclient doesn't list Domain, OS and Server information
1459464 - CVE-2017-9461 samba: fd_open_atomic infinite loop due to wrong 
handling of dangling symlinks
1460937 - Winbind name normalization doesn't work for users
1461336 - Smbclient not working properly with winbind separator '+'

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
samba-4.6.2-8.el7.src.rpm

noarch:
samba-common-4.6.2-8.el7.noarch.rpm

x86_64:
libsmbclient-4.6.2-8.el7.i686.rpm
libsmbclient-4.6.2-8.el7.x86_64.rpm
libwbclient-4.6.2-8.el7.i686.rpm
libwbclient-4.6.2-8.el7.x86_64.rpm
samba-client-4.6.2-8.el7.x86_64.rpm
samba-client-libs-4.6.2-8.el7.i686.rpm
samba-client-libs-4.6.2-8.el7.x86_64.rpm
samba-common-libs-4.6.2-8.el7.x86_64.rpm
samba-common-tools-4.6.2-8.el7.x86_64.rpm
samba-debuginfo-4.6.2-8.el7.i686.rpm
samba-debuginfo-4.6.2-8.el7.x86_64.rpm
samba-krb5-printing-4.6.2-8.el7.x86_64.rpm
samba-libs-4.6.2-8.el7.i686.rpm
samba-libs-4.6.2-8.el7.x86_64.rpm
samba-winbind-4.6.2-8.el7.x86_64.rpm

[RHSA-2017:1758-01] Important: Red Hat CloudForms security, bug fix, and enhancement update

2017-08-02 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: Red Hat CloudForms security, bug fix, and 
enhancement update
Advisory ID:   RHSA-2017:1758-01
Product:   Red Hat CloudForms
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:1758
Issue date:2017-08-02
Cross references:  RHSA-2017:1367
CVE Names: CVE-2016-7047 CVE-2017-2664 CVE-2017-7497 
   CVE-2017-7530 
=

1. Summary:

An update is now available for CloudForms Management Engine 5.8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

CloudForms Management Engine 5.8 - noarch, x86_64

3. Description:

Ansible is a simple model-driven configuration management, multi-node
deployment, and remote-task execution system. Ansible works over SSH and
does not require any software or daemons to be installed on remote nodes.
Extension modules can be written in any language and are transferred to
managed machines automatically.

Red Hat CloudForms Management Engine delivers the insight, control, and
automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails, a
model-view-controller (MVC) framework for web application development.
Action Pack implements the controller and the view components.

The following packages have been upgraded to a later upstream version:
ansible (2.3.0.0), ansible-tower (3.1.3), cfme (5.8.1.5), cfme-appliance
(5.8.1.5), cfme-gemset (5.8.1.5), rh-ruby23-rubygem-nokogiri (1.7.2).
(BZ#1456017, BZ#1459318)

Security Fix(es):

* CloudForms lacks RBAC controls on certain methods in the rails
application portion of CloudForms. An attacker with access could use a
variety of methods within the rails applications portion of CloudForms to
escalate privileges. (CVE-2017-2664)

* It was found that privilege check is missing when invoking arbitrary
methods via filtering on VMs that MiqExpression will execute that is
triggerable by API users. An attacker could use this to execute actions
they should not be allowed to (e.g. destroying VMs). (CVE-2017-7530)

* The dialog for creating cloud volumes (cinder provider) in CloudForms
does not filter cloud tenants by user. An attacker with the ability to
create storage volumes could use this to create storage volumes for any
other tenant. (CVE-2017-7497)

* A flaw was found in the CloudForms API. A user with permissions to use
the MiqReportResults capability within the API could potentially view data
from other tenants or groups to which they should not have access.
(CVE-2016-7047)

The CVE-2017-2664 issue was discovered by Libor Pichler (Red Hat) and
Martin Povolny (Red Hat); the CVE-2017-7530 issue was discovered by Tim
Wade (Red Hat); the CVE-2017-7497 issue was discovered by Gellert Kis (Red
Hat); and the CVE-2016-7047 issue was discovered by Simon Lukasik (Red
Hat).

Additional Changes:

This update also fixes several bugs and adds various enhancements.
Documentation for these changes is available from the Release Notes
document linked to in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1374215 - CVE-2016-7047 cfme: API leaks any MiqReportResult
1435393 - CVE-2017-2664 CloudForms: lack of RBAC on various methods in web UI
1438562 - [RFE] External Auth - AD - samba-common-tools and deps missing from 
appliance.
1439309 - Not able to see orders when not enough permission to see catalogs
1441321 - Access (Cockpit and HTML5) are inconsistent between Service and OPS UI
1444505 - "Collect" button is absent on slave server log collection page
1449273 - VM Hostname not displaying when RHV has FQDN
1450082 - Failed to remove interface from router - HA env.
1450087 - Cloud Router Summary does not show subnets which connected it - HA 
env.
1450150 - CFME: Dialog for creating cloud volumes does not filter cloud tenants 
CVE-2017-7497
1450502 - [RFE] Custom Button must be supported at VM level in Service UI
1450518 - Openstack services missing on node page
1454445 - Containers with empty "imageID" field points to wrong images
1455685 - Azure provision still  needs First/Last name
1456017 - [RFE] Install latest stable version of Ansible Core on the appliance.
1458333 - Containers - old archived container entities are not purged
1458337 - In my settings page at login Configuration management shouldn't be in 
Infrastructure
1458339 - It is impossible to

[RHSA-2017:2029-01] Moderate: openssh security, bug fix, and enhancement update

2017-08-01 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Moderate: openssh security, bug fix, and enhancement update
Advisory ID:   RHSA-2017:2029-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2029
Issue date:2017-08-01
CVE Names: CVE-2016-10009 CVE-2016-10011 CVE-2016-10012 
   CVE-2016-6210 CVE-2016-6515 
=

1. Summary:

An update for openssh is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, 
s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

OpenSSH is an SSH protocol implementation supported by a number of Linux,
UNIX, and similar operating systems. It includes the core files necessary
for both the OpenSSH client and server.

The following packages have been upgraded to a later upstream version:
openssh (7.4p1). (BZ#1341754)

Security Fix(es):

* A covert timing channel flaw was found in the way OpenSSH handled
authentication of non-existent users. A remote unauthenticated attacker
could possibly use this flaw to determine valid user names by measuring the
timing of server responses. (CVE-2016-6210)

* It was found that OpenSSH did not limit password lengths for password
authentication. A remote unauthenticated attacker could use this flaw to
temporarily trigger high CPU consumption in sshd by sending long passwords.
(CVE-2016-6515)

* It was found that ssh-agent could load PKCS#11 modules from arbitrary
paths. An attacker having control of the forwarded agent-socket on the
server, and the ability to write to the filesystem of the client host,
could use this flaw to execute arbitrary code with the privileges of the
user running ssh-agent. (CVE-2016-10009)

* It was found that the host private key material could possibly leak to
the privilege-separated child processes via re-allocated memory. An
attacker able to compromise the privilege-separated process could therefore
obtain the leaked key information. (CVE-2016-10011)

* It was found that the boundary checks in the code implementing support
for pre-authentication compression could have been optimized out by certain
compilers. An attacker able to compromise the privilege-separated process
could possibly use this flaw for further attacks against the privileged
monitor process. (CVE-2016-10012)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the OpenSSH server daemon (sshd) will be
restarted automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1357442 - CVE-2016-6210 openssh: User enumeration via covert timing channel
1360973 - Support of HostKeyAlgorithms  for sshd
1364935 - CVE-2016-6515 openssh: Denial of service via very long passwords
1366400 - openssh-server doesn't support unix socket forwarding
1373835 - Ciphers and MACs enabled by default differ from upstream OpenSSH 6.7 
with security implications.
1375179 - [RFE] RC4 and CBC ciphers shipped with openssh and openssh-server 
should be removed
1381997 - Systemctl reload sshd caused inactive service even if the service is 
running
1396400 - The ssh to RHEL7 ignores echo setting
1398569 - sftp/ssh ignores group permissions
1402424 - infinite loop, at 100% cpu in ssh if ^Z is pressed at password prompt
1406269 - CVE-2016-10009 openssh: loading of untrusted PKCS#11 modules in 
ssh-agent
1406286 - CVE-2016-10011 openssh: Leak of host private key material to 
privilege-separated child process via realloc()
1406293 - CVE-2016-10012 openssh: Bounds check can be evaded in the shared 
memory manager used by pre-authentication compression support
1418062 - openssh package openssh-6.6.1p1-33.el7_3 does not resolve chroot 
permission denied status.
1420910 - OpenSSH ciphers in practice do not meet the stated Common 
Criteria/FIPS approvals.

[RHSA-2017:2444-01] Important: kernel-rt security and bug fix update

2017-08-08 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel-rt security and bug fix update
Advisory ID:   RHSA-2017:2444-01
Product:   Red Hat Enterprise MRG for RHEL-6
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2444
Issue date:2017-08-08
CVE Names: CVE-2015-8970 CVE-2016-10200 CVE-2017-2647 
=

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* A use-after-free flaw was found in the Linux kernel which enables a race
condition in the L2TPv3 IP Encapsulation feature. A local user could use
this flaw to escalate their privileges or crash the system.
(CVE-2016-10200, Important)

* A flaw was found that can be triggered in keyring_search_iterator in
keyring.c if type->match is NULL. A local user could use this flaw to crash
the system or, potentially, escalate their privileges. (CVE-2017-2647,
Important)

* The lrw_crypt() function in 'crypto/lrw.c' in the Linux kernel before 4.5
allows local users to cause a system crash and a denial of service by the
NULL pointer dereference via accept(2) system call for AF_ALG socket
without calling setkey() first to set a cipher key. (CVE-2015-8970,
Moderate)

Red Hat would like to thank Igor Redko (Virtuozzo) and Andrey Ryabinin
(Virtuozzo) for reporting CVE-2017-2647 and Igor Redko (Virtuozzo) and
Vasily Averin (Virtuozzo) for reporting CVE-2015-8970.

Bug Fix(es):

* Writing model-specific register (MSR) registers during intel_idle
initialization could previously cause exceptions. Consequently, a kernel
panic occurred during this initialization. The function call to write to
the MSR with
exception handling was modified to use wrmsrl_safe() instead of wrmsrl().
In this scenario, the kernel no longer panics. (BZ#1447438)

* The ixgbe driver was using incorrect bitwise operations on received PTP
flags. Consequently, systems that were using the ixgbe driver could not
synchronize time using PTP. The provided patch corrected the bitwise
operations on received PTP flags allowing these system to correctly
synchronize time using PTP. (BZ#1469795) (BZ#1451821)

The kernel-rt packages have been upgraded to version 3.10.0-514.rt56.230,
which provides a number of security and bug fixes over the previous
version. (BZ#1463427)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1386286 - CVE-2015-8970 kernel: crypto: GPF in lrw_crypt caused by null-deref
1428353 - CVE-2017-2647 kernel: Null pointer dereference in search_keyring
1430347 - CVE-2016-10200 kernel: l2tp: Race condition in the L2TPv3 IP 
encapsulation feature
1437675 - ftrace: pull upstream commits for correct selftest operation
1463427 - update the MRG 2.5.z 3.10 kernel-rt sources

6. Package List:

MRG Realtime for RHEL 6 Server v.2:

Source:
kernel-rt-3.10.0-514.rt56.231.el6rt.src.rpm

noarch:
kernel-rt-doc-3.10.0-514.rt56.231.el6rt.noarch.rpm
kernel-rt-firmware-3.10.0-514.rt56.231.el6rt.noarch.rpm

x86_64:
kernel-rt-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-debug-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-debug-devel-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-debuginfo-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-devel-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-trace-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-trace-devel-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-vanilla-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-vanilla-debuginfo-3.10.0-514.rt56.231.el6rt.x86_64.rpm
kernel-rt-vanilla-devel-3.10.0-514.rt56.231.el6rt.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2015-8970
https://access.redhat.com/security/cve/CVE-2016-10200

[RHSA-2017:2429-01] Important: kernel security and bug fix update

2017-08-08 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security and bug fix update
Advisory ID:   RHSA-2017:2429-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2429
Issue date:2017-08-08
CVE Names: CVE-2017-7895 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 6.7
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64
Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, noarch, ppc64, s390x, 
x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, 
x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

Bug Fix(es):

* If a VFC port became unmapped in the VIOS, it sometimes did not respond
with a CRQ init complete following the H_REG_CRQ() call. As a consequence,
scsi_block_requests were called until the init complete occurred. If not,
I/O requests were hung. The provided patch ensures the host action stays
set to IBMVFC_HOST_ACTION_TGT_DEL so that all rports are moved into devloss
state unless an init complete is received. (BZ#1460210)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload 
bounds checking of WRITE requests

6. Package List:

Red Hat Enterprise Linux HPC Node EUS (v. 6.7):

Source:
kernel-2.6.32-573.45.1.el6.src.rpm

noarch:
kernel-abi-whitelists-2.6.32-573.45.1.el6.noarch.rpm
kernel-doc-2.6.32-573.45.1.el6.noarch.rpm
kernel-firmware-2.6.32-573.45.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-573.45.1.el6.x86_64.rpm
kernel-debug-2.6.32-573.45.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-573.45.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-573.45.1.el6.i686.rpm
kernel-debug-devel-2.6.32-573.45.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-573.45.1.el6.i686.rpm
kernel-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-573.45.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-573.45.1.el6.x86_64.rpm
kernel-devel-2.6.32-573.45.1.el6.x86_64.rpm
kernel-headers-2.6.32-573.45.1.el6.x86_64.rpm
perf-2.6.32-573.45.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-573.45.1.el6.i686.rpm
perf-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-573.45.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):

x86_64:
kernel-debug-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-573.45.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm
python-perf-2.6.32-573.45.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server EUS (v. 6.7):

Source:
kernel-2.6.32-573.45.1.el6.src.rpm

i386:
kernel-2.6.32-573.45.1.el6.i686.rpm
kernel-debug-2.6.32-573.45.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-573.45.1.el6.i686.rpm
kernel-debug-devel-2.6.32-573.45.1.el6.i686.rpm
kernel-debuginfo-2.6.32-573.45.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-573.45.1.el6.i686.rpm
kernel-devel-2.6.32-573.45.1.el6.i686.rpm
kernel-headers-2.6.32-573.45.1.el6.i686.rpm
perf-2.6.32-573.45.1.el6.i686.rpm
perf-debuginfo-2.6.32-573.45.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-573.45.1.el6.i686.rpm

noarch:
kernel-abi-whitelists-2.6.32-573.45.1.el6.noarch.rpm
kernel-doc-2.6.32-573.45.1.el6.noarch.rpm
kernel-firmware-2.6.32-573.45.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-573.45.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-573.45.1.el6.ppc64.rpm
kernel-debug-2.6.32-573.45.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-573.45.1.el6.ppc64.rpm

[RHSA-2017:2428-01] Important: kernel security update

2017-08-08 Thread Security announcements for all Red Hat products and services.

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

=
   Red Hat Security Advisory

Synopsis:  Important: kernel security update
Advisory ID:   RHSA-2017:2428-01
Product:   Red Hat Enterprise Linux
Advisory URL:  https://access.redhat.com/errata/RHSA-2017:2428
Issue date:2017-08-08
CVE Names: CVE-2017-7895 
=

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 6.5
Advanced Update Support and Red Hat Enterprise Linux 6.5 Telco Extended
Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 6.5) - noarch, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64
Red Hat Enterprise Linux Server TUS (v. 6.5) - noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lacked certain checks for the end of a buffer. A remote attacker
could trigger a pointer-arithmetic error or possibly cause other
unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload 
bounds checking of WRITE requests

6. Package List:

Red Hat Enterprise Linux Server AUS (v. 6.5):

Source:
kernel-2.6.32-431.82.1.el6.src.rpm

noarch:
kernel-abi-whitelists-2.6.32-431.82.1.el6.noarch.rpm
kernel-doc-2.6.32-431.82.1.el6.noarch.rpm
kernel-firmware-2.6.32-431.82.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debug-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.82.1.el6.x86_64.rpm
kernel-devel-2.6.32-431.82.1.el6.x86_64.rpm
kernel-headers-2.6.32-431.82.1.el6.x86_64.rpm
perf-2.6.32-431.82.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server TUS (v. 6.5):

Source:
kernel-2.6.32-431.82.1.el6.src.rpm

noarch:
kernel-abi-whitelists-2.6.32-431.82.1.el6.noarch.rpm
kernel-doc-2.6.32-431.82.1.el6.noarch.rpm
kernel-firmware-2.6.32-431.82.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debug-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.82.1.el6.x86_64.rpm
kernel-devel-2.6.32-431.82.1.el6.x86_64.rpm
kernel-headers-2.6.32-431.82.1.el6.x86_64.rpm
perf-2.6.32-431.82.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 6.5):

Source:
kernel-2.6.32-431.82.1.el6.src.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.82.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
python-perf-2.6.32-431.82.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional TUS (v. 6.5):

Source:
kernel-2.6.32-431.82.1.el6.src.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.82.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm
python-perf-2.6.32-431.82.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.82.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-7895
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017

1 2 3 4 5 6 7 8 9 10 >

1 - 100 of 7822 matches

Mail list logo