Docker centos:7.1.1503

Vulnerabilities

236 via 236 paths

Dependencies

134

Source

Group 6 Copy Created with Sketch. Docker

Target OS

centos:7
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 51
  • 148
  • 37
Status
  • 236
  • 0
  • 0

high severity

RHSA-2020:2894

  • Vulnerable module: dbus-libs
  • Introduced through: dbus-libs@1:1.6.12-11.el7
  • Fixed in: 1:1.10.24-14.el7_8

Detailed paths

  • Introduced through: centos:7.1.1503@* dbus-libs@1:1.6.12-11.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream dbus-libs package. See Remediation section below for Centos:7 relevant versions.

D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix(es): * dbus: denial of service via file descriptor leak (CVE-2020-12049) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 dbus-libs to version 1:1.10.24-14.el7_8 or higher.

References

high severity

RHSA-2021:2147

  • Vulnerable module: glib2
  • Introduced through: glib2@2.40.0-4.el7
  • Fixed in: 0:2.56.1-9.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* glib2@2.40.0-4.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2 package. See Remediation section below for Centos:7 relevant versions.

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 glib2 to version 0:2.56.1-9.el7_9 or higher.

References

high severity

RHSA-2015:2172

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-106.el7_2.1

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents) in certain cases. A local attacker could potentially use this flaw to escalate their privileges. (CVE-2015-5277) This issue was discovered by Sumit Bose and Lukáš Slebodník of Red Hat. All glibc users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-106.el7_2.1 or higher.

high severity

RHSA-2016:0176

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-106.el7_2.4

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module. (CVE-2015-7547) It was discovered that the calloc implementation in glibc could return memory areas which contain non-zero bytes. This could result in unexpected application behavior such as hangs or crashes. (CVE-2015-5229) The CVE-2015-7547 issue was discovered by the Google Security Team and Red Hat. Red Hat would like to thank Jeff Layton for reporting the CVE-2015-5229 issue. This update also fixes the following bugs: * The existing implementation of the "free" function causes all memory pools beyond the first to return freed memory directly to the operating system as quickly as possible. This can result in performance degradation when the rate of free calls is very high. The first memory pool (the main pool) does provide a method to rate limit the returns via M_TRIM_THRESHOLD, but this method is not available to subsequent memory pools. With this update, the M_TRIM_THRESHOLD method is extended to apply to all memory pools, which improves performance for threads with very high amounts of free calls and limits the number of "madvise" system calls. The change also increases the total transient memory usage by processes because the trim threshold must be reached before memory can be freed. To return to the previous behavior, you can either set M_TRIM_THRESHOLD using the "mallopt" function, or set the MALLOC_TRIM_THRESHOLD environment variable to 0. (BZ#1298930) * On the little-endian variant of 64-bit IBM Power Systems (ppc64le), a bug in the dynamic loader could cause applications compiled with profiling enabled to fail to start with the error "monstartup: out of memory". The bug has been corrected and applications compiled for profiling now start correctly. (BZ#1298956) All glibc users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-106.el7_2.4 or higher.

high severity

RHSA-2017:1481

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-157.el7_3.4

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is glibc-side mitigation which blocks processing of LD_LIBRARY_PATH for programs running in secure-execution mode and reduces the number of allocations performed by the processing of LD_AUDIT, LD_PRELOAD, and LD_HWCAP_MASK, making successful exploitation of this issue more difficult. (CVE-2017-1000366) Red Hat would like to thank Qualys Research Labs for reporting this issue.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-157.el7_3.4 or higher.

high severity

RHSA-2015:2172

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-106.el7_2.1

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents) in certain cases. A local attacker could potentially use this flaw to escalate their privileges. (CVE-2015-5277) This issue was discovered by Sumit Bose and Lukáš Slebodník of Red Hat. All glibc users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-106.el7_2.1 or higher.

high severity

RHSA-2016:0176

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-106.el7_2.4

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module. (CVE-2015-7547) It was discovered that the calloc implementation in glibc could return memory areas which contain non-zero bytes. This could result in unexpected application behavior such as hangs or crashes. (CVE-2015-5229) The CVE-2015-7547 issue was discovered by the Google Security Team and Red Hat. Red Hat would like to thank Jeff Layton for reporting the CVE-2015-5229 issue. This update also fixes the following bugs: * The existing implementation of the "free" function causes all memory pools beyond the first to return freed memory directly to the operating system as quickly as possible. This can result in performance degradation when the rate of free calls is very high. The first memory pool (the main pool) does provide a method to rate limit the returns via M_TRIM_THRESHOLD, but this method is not available to subsequent memory pools. With this update, the M_TRIM_THRESHOLD method is extended to apply to all memory pools, which improves performance for threads with very high amounts of free calls and limits the number of "madvise" system calls. The change also increases the total transient memory usage by processes because the trim threshold must be reached before memory can be freed. To return to the previous behavior, you can either set M_TRIM_THRESHOLD using the "mallopt" function, or set the MALLOC_TRIM_THRESHOLD environment variable to 0. (BZ#1298930) * On the little-endian variant of 64-bit IBM Power Systems (ppc64le), a bug in the dynamic loader could cause applications compiled with profiling enabled to fail to start with the error "monstartup: out of memory". The bug has been corrected and applications compiled for profiling now start correctly. (BZ#1298956) All glibc users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-106.el7_2.4 or higher.

high severity

RHSA-2017:1481

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-157.el7_3.4

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is glibc-side mitigation which blocks processing of LD_LIBRARY_PATH for programs running in secure-execution mode and reduces the number of allocations performed by the processing of LD_AUDIT, LD_PRELOAD, and LD_HWCAP_MASK, making successful exploitation of this issue more difficult. (CVE-2017-1000366) Red Hat would like to thank Qualys Research Labs for reporting this issue.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-157.el7_3.4 or higher.

high severity

RHSA-2018:2181

  • Vulnerable module: gnupg2
  • Introduced through: gnupg2@2.0.22-3.el7
  • Fixed in: 0:2.0.22-5.el7_5

Detailed paths

  • Introduced through: centos:7.1.1503@* gnupg2@2.0.22-3.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream gnupg2 package. See Remediation section below for Centos:7 relevant versions.

The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix(es): * gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification (CVE-2018-12020) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 gnupg2 to version 0:2.0.22-5.el7_5 or higher.

high severity

RHBA-2015:2161

  • Vulnerable module: libcap-ng
  • Introduced through: libcap-ng@0.7.3-5.el7
  • Fixed in: 0:0.7.5-4.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcap-ng@0.7.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcap-ng package. See Remediation section below for Centos:7 relevant versions.

The libcap-ng library is designed to make programming with POSIX capabilities easier. It is shipped with utilities to analyze the POSIX capabilities of all running applications, as well as tools to set the file system-based capabilities. The libcap-ng packages have been upgraded to upstream version 0.7.5, which provides a number of bug fixes and enhancements over the previous version. (BZ#1185610) Users of libcap-ng are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 libcap-ng to version 0:0.7.5-4.el7 or higher.

References

high severity

RHSA-2019:0679

  • Vulnerable module: libssh2
  • Introduced through: libssh2@1.4.3-8.el7
  • Fixed in: 0:1.4.3-12.el7_6.2

Detailed paths

  • Introduced through: centos:7.1.1503@* libssh2@1.4.3-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Centos:7 relevant versions.

The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es): * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 libssh2 to version 0:1.4.3-12.el7_6.2 or higher.

high severity

RHSA-2015:1483

  • Vulnerable module: libuser
  • Introduced through: libuser@0.60-5.el7
  • Fixed in: 0:0.60-7.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* libuser@0.60-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libuser package. See Remediation section below for Centos:7 relevant versions.

The libuser library implements a standardized interface for manipulating and administering user and group accounts. Sample applications that are modeled after applications from the shadow password suite (shadow-utils) are included in these packages. Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser (for example, userhelper) to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their privileges to root. (CVE-2015-3245, CVE-2015-3246) Red Hat would like to thank Qualys for reporting these issues. All libuser users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Remediation

Upgrade Centos:7 libuser to version 0:0.60-7.el7_1 or higher.

high severity

RHSA-2016:1292

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-5.el7_0.1
  • Fixed in: 0:2.9.1-6.el7_2.3

Detailed paths

  • Introduced through: centos:7.1.1503@* libxml2@2.9.1-5.el7_0.1

NVD Description

Note: Versions mentioned in the description apply to the upstream libxml2 package. See Remediation section below for Centos:7 relevant versions.

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application. (CVE-2016-1834, CVE-2016-1840) Multiple denial of service flaws were found in libxml2. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, could cause that application to crash. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449)

Remediation

Upgrade Centos:7 libxml2 to version 0:2.9.1-6.el7_2.3 or higher.

high severity

RHSA-2015:1981

  • Vulnerable module: nspr
  • Introduced through: nspr@4.10.6-3.el7
  • Fixed in: 0:4.10.8-2.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nspr@4.10.6-3.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nspr package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183) Note: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue. This erratum includes nss and nss-utils packages rebuilt against the fixed nspr version. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter. All nss, nss-util and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 nspr to version 0:4.10.8-2.el7_1 or higher.

high severity

RHSA-2015:1981

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-7.el7_1.2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183) Note: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue. This erratum includes nss and nss-utils packages rebuilt against the fixed nspr version. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter. All nss, nss-util and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 nss to version 0:3.19.1-7.el7_1.2 or higher.

high severity

RHSA-2017:1100

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-1.0.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.28.4), nss-util (3.28.4). Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter.

Remediation

Upgrade Centos:7 nss to version 0:3.28.4-1.0.el7_3 or higher.

high severity

RHSA-2017:1365

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-1.2.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es): * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)

Remediation

Upgrade Centos:7 nss to version 0:3.28.4-1.2.el7_3 or higher.

high severity

RHSA-2017:2832

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-12.el7_4

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Martin Thomson as the original reporter.

Remediation

Upgrade Centos:7 nss to version 0:3.28.4-12.el7_4 or higher.

high severity

RHSA-2019:4190

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.44.0-7.el7_7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 nss to version 0:3.44.0-7.el7_7 or higher.

References

high severity

RHSA-2019:4190

  • Vulnerable module: nss-softokn
  • Introduced through: nss-softokn@3.16.2.3-9.el7
  • Fixed in: 0:3.44.0-8.el7_7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 nss-softokn to version 0:3.44.0-8.el7_7 or higher.

References

high severity

RHSA-2019:4190

  • Vulnerable module: nss-softokn-freebl
  • Introduced through: nss-softokn-freebl@3.16.2.3-9.el7
  • Fixed in: 0:3.44.0-8.el7_7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn-freebl@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn-freebl package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 nss-softokn-freebl to version 0:3.44.0-8.el7_7 or higher.

References

high severity

RHSA-2015:1981

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-7.el7_1.2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183) Note: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue. This erratum includes nss and nss-utils packages rebuilt against the fixed nspr version. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter. All nss, nss-util and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.19.1-7.el7_1.2 or higher.

high severity

RHSA-2017:1100

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-1.0.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.28.4), nss-util (3.28.4). Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.28.4-1.0.el7_3 or higher.

high severity

RHSA-2017:1365

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-1.2.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es): * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.28.4-1.2.el7_3 or higher.

high severity

RHSA-2017:2832

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-12.el7_4

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Martin Thomson as the original reporter.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.28.4-12.el7_4 or higher.

high severity

RHSA-2019:4190

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.44.0-7.el7_7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.44.0-7.el7_7 or higher.

References

high severity

RHSA-2015:1981

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-7.el7_1.2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183) Note: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue. This erratum includes nss and nss-utils packages rebuilt against the fixed nspr version. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter. All nss, nss-util and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.19.1-7.el7_1.2 or higher.

high severity

RHSA-2017:1100

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-1.0.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.28.4), nss-util (3.28.4). Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.28.4-1.0.el7_3 or higher.

high severity

RHSA-2017:1365

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-1.2.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es): * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)

Remediation

Upgrade Centos:7 nss-tools to version 0:3.28.4-1.2.el7_3 or higher.

high severity

RHSA-2017:2832

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.28.4-12.el7_4

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Martin Thomson as the original reporter.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.28.4-12.el7_4 or higher.

high severity

RHSA-2019:4190

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.44.0-7.el7_7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.44.0-7.el7_7 or higher.

References

high severity

RHSA-2015:1981

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.19.1-4.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183) Note: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue. This erratum includes nss and nss-utils packages rebuilt against the fixed nspr version. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Tyson Smith, David Keeler and Ryan Sleevi as the original reporter. All nss, nss-util and nspr users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 nss-util to version 0:3.19.1-4.el7_1 or higher.

high severity

RHSA-2016:0370

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.19.1-9.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util package provides a set of utilities for NSS and the Softoken module. A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2016-1950) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Francis Gabriel as the original reporter. All nss-util users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications linked to the nss and nss-util library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 nss-util to version 0:3.19.1-9.el7_2 or higher.

high severity

RHSA-2017:1100

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.28.4-1.0.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.28.4), nss-util (3.28.4). Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter.

Remediation

Upgrade Centos:7 nss-util to version 0:3.28.4-1.0.el7_3 or higher.

high severity

RHSA-2019:4190

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.44.0-4.el7_7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 nss-util to version 0:3.44.0-4.el7_7 or higher.

References

high severity

RHSA-2015:1840

  • Vulnerable module: openldap
  • Introduced through: openldap@2.4.39-6.el7
  • Fixed in: 0:2.4.39-7.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* openldap@2.4.39-6.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openldap package. See Remediation section below for Centos:7 relevant versions.

OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908) All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Remediation

Upgrade Centos:7 openldap to version 0:2.4.39-7.el7_1 or higher.

high severity

RHSA-2016:0301

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-51.el7_2.4

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN. (CVE-2016-0800) Note: This issue was addressed by disabling the SSLv2 protocol by default when using the 'SSLv23' connection methods, and removing support for weak SSLv2 cipher suites. For more information, refer to the knowledge base article linked to in the References section. A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197) A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to recover RSA private keys. (CVE-2016-0702) A double-free flaw was found in the way OpenSSL parsed certain malformed DSA (Digital Signature Algorithm) private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. (CVE-2016-0705) An integer overflow flaw, leading to a NULL pointer dereference or a heap-based memory corruption, was found in the way some BIGNUM functions of OpenSSL were implemented. Applications that use these functions with large untrusted input could crash or, potentially, execute arbitrary code. (CVE-2016-0797) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original reporters of CVE-2016-0800 and CVE-2015-3197; Adam Langley (Google/BoringSSL) as the original reporter of CVE-2016-0705; Yuval Yarom (University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv University), Nadia Heninger (University of Pennsylvania) as the original reporters of CVE-2016-0702; and Guido Vranken as the original reporter of CVE-2016-0797. All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-51.el7_2.4 or higher.

high severity

RHSA-2016:0722

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-51.el7_2.5

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108) * Two integer overflow flaws, leading to buffer overflows, were found in the way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL parsed very large amounts of input data. A remote attacker could use these flaws to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105, CVE-2016-2106) * It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107) * Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application. (CVE-2016-0799, CVE-2016-2842) * A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109) Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-51.el7_2.5 or higher.

high severity

RHSA-2016:1940

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-51.el7_2.7

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304) * It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system. (CVE-2016-2178) * It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. (CVE-2016-2179) * A flaw was found in the Datagram TLS (DTLS) replay protection implementation in OpenSSL. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181) * An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code. (CVE-2016-2182) * A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default. * An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets. (CVE-2016-6302) * Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177) * An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. (CVE-2016-2180) * Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306) Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304 and CVE-2016-6306; and Karthikeyan Bhargavan (Inria) and Gaëtan Leurent (Inria) as the original reporters of CVE-2016-2183.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-51.el7_2.7 or higher.

high severity

RHSA-2020:5566

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.2k-21.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.2k-21.el7_9 or higher.

References

high severity

RHSA-2016:1025

  • Vulnerable module: pcre
  • Introduced through: pcre@8.32-14.el7
  • Fixed in: 0:8.32-15.el7_2.1

Detailed paths

  • Introduced through: centos:7.1.1503@* pcre@8.32-14.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream pcre package. See Remediation section below for Centos:7 relevant versions.

PCRE is a Perl-compatible regular expression library. Security Fix(es): * Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code. (CVE-2015-8385, CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388, CVE-2015-8391, CVE-2015-8386)

Remediation

Upgrade Centos:7 pcre to version 0:8.32-15.el7_2.1 or higher.

high severity

RHSA-2018:1700

  • Vulnerable module: procps-ng
  • Introduced through: procps-ng@3.3.10-3.el7
  • Fixed in: 0:3.3.10-17.el7_5.2

Detailed paths

  • Introduced through: centos:7.1.1503@* procps-ng@3.3.10-3.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream procps-ng package. See Remediation section below for Centos:7 relevant versions.

The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es): * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues.

Remediation

Upgrade Centos:7 procps-ng to version 0:3.3.10-17.el7_5.2 or higher.

high severity

RHSA-2019:0710

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-77.el7_6

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-77.el7_6 or higher.

high severity

RHSA-2019:1587

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-80.el7_6

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc (CVE-2019-10160) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-80.el7_6 or higher.

References

high severity

RHSA-2019:0710

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-77.el7_6

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-77.el7_6 or higher.

high severity

RHSA-2019:1587

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-80.el7_6

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc (CVE-2019-10160) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-80.el7_6 or higher.

References

high severity

RHSA-2020:0227

  • Vulnerable module: sqlite
  • Introduced through: sqlite@3.7.17-4.el7
  • Fixed in: 0:3.7.17-8.el7_7.1

Detailed paths

  • Introduced through: centos:7.1.1503@* sqlite@3.7.17-4.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream sqlite package. See Remediation section below for Centos:7 relevant versions.

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * sqlite: fts3: improve shadow table corruption detection (CVE-2019-13734) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 sqlite to version 0:3.7.17-8.el7_7.1 or higher.

References

high severity

RHSA-2019:0049

  • Vulnerable module: systemd-libs
  • Introduced through: systemd-libs@208-20.el7
  • Fixed in: 0:219-62.el7_6.2

Detailed paths

  • Introduced through: centos:7.1.1503@* systemd-libs@208-20.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd-libs package. See Remediation section below for Centos:7 relevant versions.

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) * systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864) * systemd: stack overflow when receiving many journald entries (CVE-2018-16865) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ubuntu Security Team for reporting CVE-2018-15688 and Qualys Research Labs for reporting CVE-2018-16864 and CVE-2018-16865. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of CVE-2018-15688.

Remediation

Upgrade Centos:7 systemd-libs to version 0:219-62.el7_6.2 or higher.

high severity

RHSA-2019:0368

  • Vulnerable module: systemd-libs
  • Introduced through: systemd-libs@208-20.el7
  • Fixed in: 0:219-62.el7_6.5

Detailed paths

  • Introduced through: centos:7.1.1503@* systemd-libs@208-20.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd-libs package. See Remediation section below for Centos:7 relevant versions.

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 systemd-libs to version 0:219-62.el7_6.5 or higher.

high severity

RHSA-2019:1619

  • Vulnerable module: vim-minimal
  • Introduced through: vim-minimal@2:7.4.160-1.el7
  • Fixed in: 2:7.4.160-6.el7_6

Detailed paths

  • Introduced through: centos:7.1.1503@* vim-minimal@2:7.4.160-1.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream vim-minimal package. See Remediation section below for Centos:7 relevant versions.

Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim/neovim: ':source!' command allows arbitrary command execution via modelines (CVE-2019-12735) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 vim-minimal to version 2:7.4.160-6.el7_6 or higher.

References

high severity

RHSA-2018:2285

  • Vulnerable module: yum-plugin-fastestmirror
  • Introduced through: yum-plugin-fastestmirror@1.1.31-29.el7
  • Fixed in: 0:1.1.31-46.el7_5

Detailed paths

  • Introduced through: centos:7.1.1503@* yum-plugin-fastestmirror@1.1.31-29.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream yum-plugin-fastestmirror package. See Remediation section below for Centos:7 relevant versions.

The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es): * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.

Remediation

Upgrade Centos:7 yum-plugin-fastestmirror to version 0:1.1.31-46.el7_5 or higher.

medium severity

RHSA-2017:1931

  • Vulnerable module: bash
  • Introduced through: bash@4.2.46-12.el7
  • Fixed in: 0:4.2.46-28.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* bash@4.2.46-12.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream bash package. See Remediation section below for Centos:7 relevant versions.

The bash packages provide Bash (Bourne-again shell), which is the default shell for Red Hat Enterprise Linux. Security Fix(es): * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. (CVE-2016-0634) * An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances. (CVE-2016-7543) * A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session. (CVE-2016-9401) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 bash to version 0:4.2.46-28.el7 or higher.

medium severity

RHSA-2020:1113

  • Vulnerable module: bash
  • Introduced through: bash@4.2.46-12.el7
  • Fixed in: 0:4.2.46-34.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* bash@4.2.46-12.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream bash package. See Remediation section below for Centos:7 relevant versions.

The bash packages provide Bash (Bourne-again shell), which is the default shell for Red Hat Enterprise Linux. Security Fix(es): * bash: BASH_CMD is writable in restricted bash shells (CVE-2019-9924) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 bash to version 0:4.2.46-34.el7 or higher.

References

medium severity

RHSA-2015:2079

  • Vulnerable module: binutils
  • Introduced through: binutils@2.23.52.0.1-30.el7
  • Fixed in: 0:2.23.52.0.1-55.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* binutils@2.23.52.0.1-30.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package. See Remediation section below for Centos:7 relevant versions.

The binutils packages provide a set of binary utilities. Multiple buffer overflow flaws were found in the libbdf library used by various binutils utilities. If a user were tricked into processing a specially crafted file with an application using the libbdf library, it could cause the application to crash or, potentially, execute arbitrary code. (CVE-2014-8485, CVE-2014-8501, CVE-2014-8502, CVE-2014-8503, CVE-2014-8504, CVE-2014-8738) An integer overflow flaw was found in the libbdf library used by various binutils utilities. If a user were tricked into processing a specially crafted file with an application using the libbdf library, it could cause the application to crash. (CVE-2014-8484) A directory traversal flaw was found in the strip and objcopy utilities. A specially crafted file could cause strip or objdump to overwrite an arbitrary file writable by the user running either of these utilities. (CVE-2014-8737) This update fixes the following bugs: * Binary files started by the system loader could lack the Relocation Read-Only (RELRO) protection even though it was explicitly requested when the application was built. This bug has been fixed on multiple architectures. Applications and all dependent object files, archives, and libraries built with an alpha or beta version of binutils should be rebuilt to correct this defect. (BZ#1200138, BZ#1175624) * The ld linker on 64-bit PowerPC now correctly checks the output format when asked to produce a binary in another format than PowerPC. (BZ#1226864) * An important variable that holds the symbol table for the binary being debugged has been made persistent, and the objdump utility on 64-bit PowerPC is now able to access the needed information without reading an invalid memory region. (BZ#1172766) * Undesirable runtime relocations described in RHBA-2015:0974. (BZ#872148) The update adds these enhancements: * New hardware instructions of the IBM z Systems z13 are now supported by assembler, disassembler, and linker, as well as Single Instruction, Multiple Data (SIMD) instructions. (BZ#1182153) * Expressions of the form: "FUNC@localentry" to refer to the local entry point for the FUNC function (if defined) are now supported by the PowerPC assembler. These are required by the ELFv2 ABI on the little-endian variant of IBM Power Systems. (BZ#1194164) All binutils users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

Remediation

Upgrade Centos:7 binutils to version 0:2.23.52.0.1-55.el7 or higher.

medium severity

RHSA-2019:2075

  • Vulnerable module: binutils
  • Introduced through: binutils@2.23.52.0.1-30.el7
  • Fixed in: 0:2.27-41.base.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* binutils@2.23.52.0.1-30.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package. See Remediation section below for Centos:7 relevant versions.

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fix(es): * binutils: integer overflow leads to heap-based buffer overflow in objdump (CVE-2018-1000876) * binutils: Stack Exhaustion in the demangling functions provided by libiberty (CVE-2018-12641) * binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. (CVE-2018-12697) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 binutils to version 0:2.27-41.base.el7 or higher.

References

medium severity

RHSA-2015:2108

  • Vulnerable module: cpio
  • Introduced through: cpio@2.11-22.el7
  • Fixed in: 0:2.11-24.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* cpio@2.11-22.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream cpio package. See Remediation section below for Centos:7 relevant versions.

The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. A heap-based buffer overflow flaw was found in cpio's list_file() function. An attacker could provide a specially crafted archive that, when processed by cpio, would crash cpio, or potentially lead to arbitrary code execution. (CVE-2014-9112) This update fixes the following bugs: * Previously, during archive creation, cpio internals did not detect a read() system call failure. Based on the premise that the call succeeded, cpio terminated unexpectedly with a segmentation fault without processing further files. The underlying source code has been patched, and an archive is now created successfully. (BZ#1138148) * Previously, running the cpio command without parameters on Red Hat Enterprise Linux 7 with Russian as the default language resulted in an error message that was not accurate in Russian due to an error in spelling. This has been corrected and the Russian error message is spelled correctly. (BZ#1075513) All cpio users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 cpio to version 0:2.11-24.el7 or higher.

medium severity

RHSA-2020:3908

  • Vulnerable module: cpio
  • Introduced through: cpio@2.11-22.el7
  • Fixed in: 0:2.11-28.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* cpio@2.11-22.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream cpio package. See Remediation section below for Centos:7 relevant versions.

The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fix(es): * cpio: improper input validation when writing tar header fields leads to unexpect tar generation (CVE-2019-14866) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 cpio to version 0:2.11-28.el7 or higher.

References

medium severity

RHSA-2015:2159

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-25.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613) A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707) It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150) It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate-authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148) Red Hat would like to thank the cURL project for reporting these issues. Bug fixes: * An out-of-protocol fallback to SSL 3.0 was available with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSL 3.0 through the libcurl API. (BZ#1154060) * TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can explicitly disable them through the libcurl API. (BZ#1170339) * FTP operations such as downloading files took a significantly long time to complete. Now, the FTP implementation in libcurl correctly sets blocking direction and estimated timeout for connections, resulting in faster FTP transfers. (BZ#1218272) Enhancements: * With the updated packages, it is possible to explicitly enable or disable new Advanced Encryption Standard (AES) cipher suites to be used for the TLS protocol. (BZ#1066065) * The libcurl library did not implement a non-blocking SSL handshake, which negatively affected performance of applications based on the libcurl multi API. The non-blocking SSL handshake has been implemented in libcurl, and the libcurl multi API now immediately returns the control back to the application whenever it cannot read or write data from or to the underlying network socket. (BZ#1091429) * The libcurl library used an unnecessarily long blocking delay for actions with no active file descriptors, even for short operations. Some actions, such as resolving a host name using /etc/hosts, took a long time to complete. The blocking code in libcurl has been modified so that the initial delay is short and gradually increases until an event occurs. (BZ#1130239) All curl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-25.el7 or higher.

medium severity

RHSA-2016:2575

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-35.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * It was found that the libcurl library did not prevent TLS session resumption when the client certificate had changed. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. (CVE-2016-5419) * It was found that the libcurl library did not check the client certificate when choosing the TLS connection to reuse. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. (CVE-2016-5420) * It was found that the libcurl library using the NSS (Network Security Services) library as TLS/SSL backend incorrectly re-used client certificates for subsequent TLS connections in certain cases. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. (CVE-2016-7141) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-35.el7 or higher.

medium severity

RHSA-2017:2016

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-42.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by sending a specially crafted input to the affected libcurl functions. (CVE-2016-7167) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-42.el7 or higher.

medium severity

RHSA-2017:3263

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-42.el7_4.1

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application. (CVE-2017-1000257) Red Hat would like to thank the Curl project for reporting this issue. Upstream acknowledges Brian Carpenter and the OSS-Fuzz project as the original reporters.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-42.el7_4.1 or higher.

medium severity

RHSA-2018:3157

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-51.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. The nss-pem package provides the PEM file reader for Network Security Services (NSS) implemented as a PKCS#11 module. Security Fix(es): * curl: HTTP authentication leak in redirects (CVE-2018-1000007) * curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120) * curl: RTSP RTP buffer over-read (CVE-2018-1000122) * curl: Out-of-bounds heap read when missing RTSP headers allows information leak of denial of service (CVE-2018-1000301) * curl: LDAP NULL pointer dereference (CVE-2018-1000121) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Curl project for reporting these issues. Upstream acknowledges Craig de Stigter as the original reporter of CVE-2018-1000007; Duy Phan Thanh as the original reporter of CVE-2018-1000120; Max Dymond as the original reporter of CVE-2018-1000122; the OSS-fuzz project as the original reporter of CVE-2018-1000301; and Dario Weisser as the original reporter of CVE-2018-1000121. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-51.el7 or higher.

medium severity

RHSA-2020:3916

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-59.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-59.el7 or higher.

References

medium severity

RHSA-2020:5002

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-59.el7_9.1

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-59.el7_9.1 or higher.

References

medium severity

RHSA-2020:4032

  • Vulnerable module: dbus-libs
  • Introduced through: dbus-libs@1:1.6.12-11.el7
  • Fixed in: 1:1.10.24-15.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* dbus-libs@1:1.6.12-11.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream dbus-libs package. See Remediation section below for Centos:7 relevant versions.

D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix(es): * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass (CVE-2019-12749) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 dbus-libs to version 1:1.10.24-15.el7 or higher.

References

medium severity

RHSA-2016:2824

  • Vulnerable module: expat
  • Introduced through: expat@2.1.0-8.el7
  • Fixed in: 0:2.1.0-10.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* expat@2.1.0-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream expat package. See Remediation section below for Centos:7 relevant versions.

Expat is a C library for parsing XML documents. Security Fix(es): * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-0718) Red Hat would like to thank Gustavo Grieco for reporting this issue.

Remediation

Upgrade Centos:7 expat to version 0:2.1.0-10.el7_3 or higher.

medium severity

RHSA-2020:1011

  • Vulnerable module: expat
  • Introduced through: expat@2.1.0-8.el7
  • Fixed in: 0:2.1.0-11.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* expat@2.1.0-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream expat package. See Remediation section below for Centos:7 relevant versions.

Expat is a C library for parsing XML documents. Security Fix(es): * expat: Integer overflow leading to buffer overflow in XML_GetBuffer() (CVE-2015-2716) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 expat to version 0:2.1.0-11.el7 or higher.

References

medium severity

RHSA-2020:3952

  • Vulnerable module: expat
  • Introduced through: expat@2.1.0-8.el7
  • Fixed in: 0:2.1.0-12.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* expat@2.1.0-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream expat package. See Remediation section below for Centos:7 relevant versions.

Expat is a C library for parsing XML documents. Security Fix(es): * expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 expat to version 0:2.1.0-12.el7 or higher.

References

medium severity

RHSA-2015:2155

  • Vulnerable module: file
  • Introduced through: file@5.11-21.el7
  • Fixed in: 0:5.11-31.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* file@5.11-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream file package. See Remediation section below for Centos:7 relevant versions.

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587) Two flaws were found in the way file processed certain Pascal strings. A remote attacker could cause file to crash if it was used to identify the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652) Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch of Intra2net AG for reporting the CVE-2014-8116 and CVE-2014-8117 issues. The CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3710 issues were discovered by Francisco Alonso of Red Hat Product Security; the CVE-2014-3538 issue was discovered by Jan Kaluža of the Red Hat Web Stack Team The file packages have been updated to ensure correct operation on Power little endian and ARM 64-bit hardware architectures. (BZ#1224667, BZ#1224668, BZ#1157850, BZ#1067688). All file users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 file to version 0:5.11-31.el7 or higher.

medium severity

RHSA-2015:2155

  • Vulnerable module: file-libs
  • Introduced through: file-libs@5.11-21.el7
  • Fixed in: 0:5.11-31.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* file-libs@5.11-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream file-libs package. See Remediation section below for Centos:7 relevant versions.

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587) Two flaws were found in the way file processed certain Pascal strings. A remote attacker could cause file to crash if it was used to identify the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652) Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch of Intra2net AG for reporting the CVE-2014-8116 and CVE-2014-8117 issues. The CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3710 issues were discovered by Francisco Alonso of Red Hat Product Security; the CVE-2014-3538 issue was discovered by Jan Kaluža of the Red Hat Web Stack Team The file packages have been updated to ensure correct operation on Power little endian and ARM 64-bit hardware architectures. (BZ#1224667, BZ#1224668, BZ#1157850, BZ#1067688). All file users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 file-libs to version 0:5.11-31.el7 or higher.

medium severity

RHBA-2015:2116

  • Vulnerable module: glib2
  • Introduced through: glib2@2.40.0-4.el7
  • Fixed in: 0:2.42.2-5.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glib2@2.40.0-4.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2 package. See Remediation section below for Centos:7 relevant versions.

The GTK+ packages contain the GIMP ToolKit (GTK+), a library for creating graphical user interfaces for the X Window System. This update contains a number of rebases to the latest upstream stable versions, which provides a number of bug fixes and enhancements over the previous versions. For more information on the changes, see the GNOME release notes and Red Hat Enterprise Linux 7.2 Release Notes. The orc packages have been upgraded to version 0.4.22. (BZ#1174391) The atk packages have been upgraded to version 2.14.0. (BZ#1174433) The cairo packages have been upgraded to version 1.14.2. (BZ#1174435) The pango packages have been upgraded to version 1.36.8. (BZ#1174436) The gdk-pixbuf2 packages have been upgraded to version 2.31.1. (BZ#1174438) The gobject-introspection packages have been upgraded to version 1.42.0. (BZ#1174439) The glib-networking packages have been upgraded to version 2.42.2. (BZ#1174447) The dconf packages have been upgraded to version 0.22.0. (BZ#1174448) The gtksourceview3 packages have been upgraded to version 3.14.2. (BZ#1174500) The json-glib packages have been upgraded to version 1.0.2. (BZ#1174501) The webkitgtk3 packages have been upgraded to version 2.4.9. (BZ#1174556) The glibmm24 packages have been upgraded to version 2.42.0. (BZ#1174565) The harfbuzz packages have been upgraded to version 0.9.36. (BZ#1201148) The libxklavier packages have been upgraded to version 5.4. (BZ#1202874) The glib2 packages have been upgraded to version 2.42.2. (BZ#1203755) The gtk2 packages have been upgraded to version 2.24.28. (BZ#1221171) This update also fixes the following bugs: * Previously, GTK+ was treating frame times from _NET_WM_FRAME_DRAWN and _NET_WM_FRAME_TIMINGS as local monotonic times, but they are actually extended-precision versions of the server time. This was causing rendering stalls when using GTK+ applications remotely. With this update, frame times are converted to monotonic times when the X server and client are not running on the same system, and GTK+ applications can be used remotely without rendering stalls. (BZ#1243646) * Previously, the glib2 packages were rebased to a version that deprecated the g_memmove() function. As a consequence, libgsf failed to build from source. This update replaces g_memmove() with memmove(), thus fixing this bug. (BZ#1132679) * Prior to this update, the Python plug-in for GDB did not work with the version of GDB in Red Hat Enterprise Linux 7.1. As a consequence, GDB returned error messages when debugging glib2 applications. This update applies an upstream fix to use newer GDB APIs, and the Python GDB debugging aid for glib2 applications now works as expected. (BZ#1055733) * The glib2 utility previously returned confusing warning messages when programs added GObject properties after the class was initialized. The functionality of adding a property after the class was initialized has been added back due to backward compatibility concerns, and error messages on properties thus no longer appear. (BZ#1168600) * When selecting a file in the "Add attachment" window, Evolution previously terminated unexpectedly with a segmentation fault. This update fixes the gtk_tree_row_ref_deleted() function causing this bug, and attaching a file no longer leads to a crash. (BZ#1175941) * Previously, the CUPS back end checked an incorrect port to connect to remote printers. Consequently, fetching printer information failed and the "Print" button became insensitive. This update makes sure CUPS checks the correct port, thus fixing this bug. (BZ#1221157, BZ#1154038) Users of GTK+ are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 glib2 to version 0:2.42.2-5.el7 or higher.

References

medium severity

RHBA-2017:2100

  • Vulnerable module: glib2
  • Introduced through: glib2@2.40.0-4.el7
  • Fixed in: 0:2.50.3-3.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glib2@2.40.0-4.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2 package. See Remediation section below for Centos:7 relevant versions.

The GTK+ packages contain the GIMP ToolKit (GTK+), a library for creating graphical user interfaces for the X Window System. For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. Users of GTK+ are advised to upgrade to these updated packages.

Remediation

Upgrade Centos:7 glib2 to version 0:2.50.3-3.el7 or higher.

References

medium severity

RHSA-2018:3140

  • Vulnerable module: glib2
  • Introduced through: glib2@2.40.0-4.el7
  • Fixed in: 0:2.56.1-2.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glib2@2.40.0-4.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2 package. See Remediation section below for Centos:7 relevant versions.

GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix(es): * libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames (CVE-2018-12910) * poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service (CVE-2017-18267) * libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c (CVE-2018-10733) * libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c (CVE-2018-10767) * poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF (CVE-2018-10768) * poppler: out of bounds read in pdfunite (CVE-2018-13988) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank chenyuan (NESA Lab) for reporting CVE-2018-10733 and CVE-2018-10767 and Hosein Askari for reporting CVE-2018-13988. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glib2 to version 0:2.56.1-2.el7 or higher.

medium severity

RHSA-2020:3978

  • Vulnerable module: glib2
  • Introduced through: glib2@2.40.0-4.el7
  • Fixed in: 0:2.56.1-7.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glib2@2.40.0-4.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2 package. See Remediation section below for Centos:7 relevant versions.

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The Intelligent Input Bus (IBus) is an input method framework for multilingual input in Unix-like operating systems. Security Fix(es): * glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress (CVE-2019-12450) * ibus: missing authorization allows local attacker to access the input bus of another user (CVE-2019-14822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glib2 to version 0:2.56.1-7.el7 or higher.

References

medium severity

RHSA-2015:2199

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-105.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data. (CVE-2013-7423) A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. (CVE-2015-1781) A heap-based buffer overflow flaw and a stack overflow flaw were found in glibc's swscanf() function. An attacker able to make an application call the swscanf() function could use these flaws to crash that application or, potentially, execute arbitrary code with the permissions of the user running the application. (CVE-2015-1472, CVE-2015-1473) An integer overflow flaw, leading to a heap-based buffer overflow, was found in glibc's _IO_wstr_overflow() function. An attacker able to make an application call this function could use this flaw to crash that application or, potentially, execute arbitrary code with the permissions of the user running the application. (BZ#1195762) A flaw was found in the way glibc's fnmatch() function processed certain malformed patterns. An attacker able to make an application call this function could use this flaw to crash that application. (BZ#1197730) The CVE-2015-1781 issue was discovered by Arjun Shankar of Red Hat. These updated glibc packages also include numerous bug fixes and one enhancement. Space precludes documenting all of these changes in this advisory. For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal: https://access.redhat.com/articles/2050743 All glibc users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-105.el7 or higher.

medium severity

RHSA-2017:1916

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-196.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code. (CVE-2014-9761) * It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure. (CVE-2015-8776) * An integer overflow vulnerability was found in hcreate() and hcreate_r() functions which could result in an out-of-bounds memory access. This could lead to application crash or, potentially, arbitrary code execution. (CVE-2015-8778) * A stack based buffer overflow vulnerability was found in the catopen() function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code. (CVE-2015-8779) * It was found that the dynamic loader did not sanitize the LD_POINTER_GUARD environment variable. An attacker could use this flaw to bypass the pointer guarding protection on set-user-ID or set-group-ID programs to execute arbitrary code with the permissions of the user running the application. (CVE-2015-8777) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-196.el7 or higher.

medium severity

RHSA-2018:0805

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-222.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation (CVE-2018-1000001) * glibc: Buffer overflow in glob with GLOB_TILDE (CVE-2017-15670) * glibc: Buffer overflow during unescaping of user names with the ~ operator (CVE-2017-15804) * glibc: denial of service in getnetbyname function (CVE-2014-9402) * glibc: DNS resolver NULL pointer dereference with crafted record type (CVE-2015-5180) * glibc: Fragmentation attacks possible when EDNS0 is enabled (CVE-2017-12132) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank halfdog for reporting CVE-2018-1000001. The CVE-2015-5180 issue was discovered by Florian Weimer (Red Hat Product Security). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-222.el7 or higher.

medium severity

RHSA-2018:3092

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-260.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries (CVE-2017-16997) * glibc: Integer overflow in posix_memalign in memalign functions (CVE-2018-6485) * glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow (CVE-2018-11236) * glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper (CVE-2018-11237) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-260.el7 or higher.

medium severity

RHSA-2019:2118

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-292.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-292.el7 or higher.

References

medium severity

RHSA-2021:0348

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-322.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013) * glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions (CVE-2020-10029) * glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern (CVE-2020-29573) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * glibc: 64bit_strstr_via_64bit_strstr_sse2_unaligned detection fails with large device and inode numbers (BZ#1883162) * glibc: Performance regression in ebizzy benchmark (BZ#1889977)

Remediation

Upgrade Centos:7 glibc to version 0:2.17-322.el7_9 or higher.

References

medium severity

RHSA-2015:2199

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-105.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data. (CVE-2013-7423) A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. (CVE-2015-1781) A heap-based buffer overflow flaw and a stack overflow flaw were found in glibc's swscanf() function. An attacker able to make an application call the swscanf() function could use these flaws to crash that application or, potentially, execute arbitrary code with the permissions of the user running the application. (CVE-2015-1472, CVE-2015-1473) An integer overflow flaw, leading to a heap-based buffer overflow, was found in glibc's _IO_wstr_overflow() function. An attacker able to make an application call this function could use this flaw to crash that application or, potentially, execute arbitrary code with the permissions of the user running the application. (BZ#1195762) A flaw was found in the way glibc's fnmatch() function processed certain malformed patterns. An attacker able to make an application call this function could use this flaw to crash that application. (BZ#1197730) The CVE-2015-1781 issue was discovered by Arjun Shankar of Red Hat. These updated glibc packages also include numerous bug fixes and one enhancement. Space precludes documenting all of these changes in this advisory. For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal: https://access.redhat.com/articles/2050743 All glibc users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-105.el7 or higher.

medium severity

RHSA-2017:1916

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-196.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code. (CVE-2014-9761) * It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure. (CVE-2015-8776) * An integer overflow vulnerability was found in hcreate() and hcreate_r() functions which could result in an out-of-bounds memory access. This could lead to application crash or, potentially, arbitrary code execution. (CVE-2015-8778) * A stack based buffer overflow vulnerability was found in the catopen() function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code. (CVE-2015-8779) * It was found that the dynamic loader did not sanitize the LD_POINTER_GUARD environment variable. An attacker could use this flaw to bypass the pointer guarding protection on set-user-ID or set-group-ID programs to execute arbitrary code with the permissions of the user running the application. (CVE-2015-8777) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-196.el7 or higher.

medium severity

RHSA-2018:0805

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-222.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation (CVE-2018-1000001) * glibc: Buffer overflow in glob with GLOB_TILDE (CVE-2017-15670) * glibc: Buffer overflow during unescaping of user names with the ~ operator (CVE-2017-15804) * glibc: denial of service in getnetbyname function (CVE-2014-9402) * glibc: DNS resolver NULL pointer dereference with crafted record type (CVE-2015-5180) * glibc: Fragmentation attacks possible when EDNS0 is enabled (CVE-2017-12132) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank halfdog for reporting CVE-2018-1000001. The CVE-2015-5180 issue was discovered by Florian Weimer (Red Hat Product Security). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-222.el7 or higher.

medium severity

RHSA-2018:3092

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-260.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries (CVE-2017-16997) * glibc: Integer overflow in posix_memalign in memalign functions (CVE-2018-6485) * glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow (CVE-2018-11236) * glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper (CVE-2018-11237) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-260.el7 or higher.

medium severity

RHSA-2019:2118

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-292.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-292.el7 or higher.

References

medium severity

RHSA-2021:0348

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-322.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013) * glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions (CVE-2020-10029) * glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern (CVE-2020-29573) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * glibc: 64bit_strstr_via_64bit_strstr_sse2_unaligned detection fails with large device and inode numbers (BZ#1883162) * glibc: Performance regression in ebizzy benchmark (BZ#1889977)

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-322.el7_9 or higher.

References

medium severity

RHBA-2019:2599

  • Vulnerable module: krb5-libs
  • Introduced through: krb5-libs@1.12.2-14.el7
  • Fixed in: 0:1.15.1-37.el7_7.2

Detailed paths

  • Introduced through: centos:7.1.1503@* krb5-libs@1.12.2-14.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream krb5-libs package. See Remediation section below for Centos:7 relevant versions.

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). This update fixes the following bug: * KDC and keytab can disagree on kvno after update (BZ#1732743)

Remediation

Upgrade Centos:7 krb5-libs to version 0:1.15.1-37.el7_7.2 or higher.

References

medium severity

RHSA-2015:2154

  • Vulnerable module: krb5-libs
  • Introduced through: krb5-libs@1.12.2-14.el7
  • Fixed in: 0:1.13.2-10.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* krb5-libs@1.12.2-14.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream krb5-libs package. See Remediation section below for Centos:7 relevant versions.

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). It was found that the krb5_read_message() function of MIT Kerberos did not correctly sanitize input, and could create invalid krb5_data objects. A remote, unauthenticated attacker could use this flaw to crash a Kerberos child process via a specially crafted request. (CVE-2014-5355) A flaw was found in the OTP kdcpreauth module of MIT kerberos. An unauthenticated remote attacker could use this flaw to bypass the requires_preauth flag on a client principal and obtain a ciphertext encrypted in the principal's long-term key. This ciphertext could be used to conduct an off-line dictionary attack against the user's password. (CVE-2015-2694) The krb5 packages have been upgraded to upstream version 1.13.2, which provides a number of bug fixes and enhancements over the previous version. (BZ#1203889) Notably, this update fixes the following bugs: * Previously, the RADIUS support (libkrad) in krb5 was sending krb5 authentication for Transmission Control Protocol (TCP) transports multiple times, accidentally using a code path intended to be used only for unreliable transport types, for example User Datagram Protocol (UDP) transports. A patch that fixes the problem by disabling manual retries for reliable transports, such as TCP, has been applied, and the correct code path is now used in this situation. (BZ#1251586) * Attempts to use Kerberos single sign-on (SSO) to access SAP NetWeaver systems sometimes failed. The SAP NetWeaver developer trace displayed the following error message: No credentials were supplied, or the credentials were unavailable or inaccessible Unable to establish the security context Querying SSO credential lifetime has been modified to trigger credential acquisition, thus preventing the error from occurring. Now, the user can successfully use Kerberos SSO for accessing SAP NetWeaver systems. (BZ#1252454) All krb5 users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.

Remediation

Upgrade Centos:7 krb5-libs to version 0:1.13.2-10.el7 or higher.

medium severity

RHSA-2016:0532

  • Vulnerable module: krb5-libs
  • Introduced through: krb5-libs@1.12.2-14.el7
  • Fixed in: 0:1.13.2-12.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* krb5-libs@1.12.2-14.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream krb5-libs package. See Remediation section below for Centos:7 relevant versions.

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): * A memory leak flaw was found in the krb5_unparse_name() function of the MIT Kerberos kadmind service. An authenticated attacker could repeatedly send specially crafted requests to the server, which could cause the server to consume large amounts of memory resources, ultimately leading to a denial of service due to memory exhaustion. (CVE-2015-8631) * An out-of-bounds read flaw was found in the kadmind service of MIT Kerberos. An authenticated attacker could send a maliciously crafted message to force kadmind to read beyond the end of allocated memory, and write the memory contents to the KDC database if the attacker has write permission, leading to information disclosure. (CVE-2015-8629) * A NULL pointer dereference flaw was found in the procedure used by the MIT Kerberos kadmind service to store policies: the kadm5_create_principal_3() and kadm5_modify_principal() function did not ensure that a policy was given when KADM5_POLICY was set. An authenticated attacker with permissions to modify the database could use this flaw to add or modify a principal with a policy set to NULL, causing the kadmind service to crash. (CVE-2015-8630) The CVE-2015-8631 issue was discovered by Simo Sorce of Red Hat.

Remediation

Upgrade Centos:7 krb5-libs to version 0:1.13.2-12.el7_2 or higher.

medium severity

RHSA-2018:0666

  • Vulnerable module: krb5-libs
  • Introduced through: krb5-libs@1.12.2-14.el7
  • Fixed in: 0:1.15.1-18.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* krb5-libs@1.12.2-14.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream krb5-libs package. See Remediation section below for Centos:7 relevant versions.

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): * krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562) * krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 krb5-libs to version 0:1.15.1-18.el7 or higher.

medium severity

RHSA-2017:0907

  • Vulnerable module: libblkid
  • Introduced through: libblkid@2.23.2-21.el7
  • Fixed in: 0:2.23.2-33.el7_3.2

Detailed paths

  • Introduced through: centos:7.1.1503@* libblkid@2.23.2-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libblkid package. See Remediation section below for Centos:7 relevant versions.

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stöckmann for reporting this issue. Bug Fix(es): * The "findmnt --target <path>" command prints all file systems where the mount point directory is <path>. Previously, when used in the chroot environment, "findmnt --target <path>" incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481)

Remediation

Upgrade Centos:7 libblkid to version 0:2.23.2-33.el7_3.2 or higher.

medium severity

RHSA-2020:4011

  • Vulnerable module: libcom_err
  • Introduced through: libcom_err@1.42.9-7.el7
  • Fixed in: 0:1.42.9-19.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcom_err@1.42.9-7.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcom_err package. See Remediation section below for Centos:7 relevant versions.

The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems. Security Fix(es): * e2fsprogs: Crafted ext4 partition leads to out-of-bounds write (CVE-2019-5094) * e2fsprogs: Out-of-bounds write in e2fsck/rehash.c (CVE-2019-5188) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libcom_err to version 0:1.42.9-19.el7 or higher.

References

medium severity

RHSA-2018:3140

  • Vulnerable module: libcroco
  • Introduced through: libcroco@0.6.8-5.el7
  • Fixed in: 0:0.6.12-4.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcroco@0.6.8-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcroco package. See Remediation section below for Centos:7 relevant versions.

GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix(es): * libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames (CVE-2018-12910) * poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service (CVE-2017-18267) * libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c (CVE-2018-10733) * libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c (CVE-2018-10767) * poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF (CVE-2018-10768) * poppler: out of bounds read in pdfunite (CVE-2018-13988) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank chenyuan (NESA Lab) for reporting CVE-2018-10733 and CVE-2018-10767 and Hosein Askari for reporting CVE-2018-13988. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libcroco to version 0:0.6.12-4.el7 or higher.

medium severity

RHSA-2020:4072

  • Vulnerable module: libcroco
  • Introduced through: libcroco@0.6.8-5.el7
  • Fixed in: 0:0.6.12-6.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* libcroco@0.6.8-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcroco package. See Remediation section below for Centos:7 relevant versions.

The libcroco is a standalone Cascading Style Sheet level 2 (CSS2) parsing and manipulation library. Security Fix(es): * libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 libcroco to version 0:0.6.12-6.el7_9 or higher.

References

medium severity

RHSA-2015:2159

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-25.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613) A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707) It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150) It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate-authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148) Red Hat would like to thank the cURL project for reporting these issues. Bug fixes: * An out-of-protocol fallback to SSL 3.0 was available with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSL 3.0 through the libcurl API. (BZ#1154060) * TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can explicitly disable them through the libcurl API. (BZ#1170339) * FTP operations such as downloading files took a significantly long time to complete. Now, the FTP implementation in libcurl correctly sets blocking direction and estimated timeout for connections, resulting in faster FTP transfers. (BZ#1218272) Enhancements: * With the updated packages, it is possible to explicitly enable or disable new Advanced Encryption Standard (AES) cipher suites to be used for the TLS protocol. (BZ#1066065) * The libcurl library did not implement a non-blocking SSL handshake, which negatively affected performance of applications based on the libcurl multi API. The non-blocking SSL handshake has been implemented in libcurl, and the libcurl multi API now immediately returns the control back to the application whenever it cannot read or write data from or to the underlying network socket. (BZ#1091429) * The libcurl library used an unnecessarily long blocking delay for actions with no active file descriptors, even for short operations. Some actions, such as resolving a host name using /etc/hosts, took a long time to complete. The blocking code in libcurl has been modified so that the initial delay is short and gradually increases until an event occurs. (BZ#1130239) All curl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-25.el7 or higher.

medium severity

RHSA-2016:2575

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-35.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * It was found that the libcurl library did not prevent TLS session resumption when the client certificate had changed. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. (CVE-2016-5419) * It was found that the libcurl library did not check the client certificate when choosing the TLS connection to reuse. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. (CVE-2016-5420) * It was found that the libcurl library using the NSS (Network Security Services) library as TLS/SSL backend incorrectly re-used client certificates for subsequent TLS connections in certain cases. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. (CVE-2016-7141) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-35.el7 or higher.

medium severity

RHSA-2017:2016

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-42.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by sending a specially crafted input to the affected libcurl functions. (CVE-2016-7167) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-42.el7 or higher.

medium severity

RHSA-2017:3263

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-42.el7_4.1

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application. (CVE-2017-1000257) Red Hat would like to thank the Curl project for reporting this issue. Upstream acknowledges Brian Carpenter and the OSS-Fuzz project as the original reporters.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-42.el7_4.1 or higher.

medium severity

RHSA-2018:3157

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-51.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. The nss-pem package provides the PEM file reader for Network Security Services (NSS) implemented as a PKCS#11 module. Security Fix(es): * curl: HTTP authentication leak in redirects (CVE-2018-1000007) * curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120) * curl: RTSP RTP buffer over-read (CVE-2018-1000122) * curl: Out-of-bounds heap read when missing RTSP headers allows information leak of denial of service (CVE-2018-1000301) * curl: LDAP NULL pointer dereference (CVE-2018-1000121) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Curl project for reporting these issues. Upstream acknowledges Craig de Stigter as the original reporter of CVE-2018-1000007; Duy Phan Thanh as the original reporter of CVE-2018-1000120; Max Dymond as the original reporter of CVE-2018-1000122; the OSS-fuzz project as the original reporter of CVE-2018-1000301; and Dario Weisser as the original reporter of CVE-2018-1000121. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-51.el7 or higher.

medium severity

RHSA-2020:3916

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-59.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-59.el7 or higher.

References

medium severity

RHSA-2020:5002

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-59.el7_9.1

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-59.el7_9.1 or higher.

References

medium severity

RHSA-2016:2674

  • Vulnerable module: libgcrypt
  • Introduced through: libgcrypt@1.5.3-12.el7
  • Fixed in: 0:1.5.3-13.el7_3.1

Detailed paths

  • Introduced through: centos:7.1.1503@* libgcrypt@1.5.3-12.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libgcrypt package. See Remediation section below for Centos:7 relevant versions.

The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix(es): * A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313) Red Hat would like to thank Felix Dörre and Vladimir Klebanov for reporting this issue.

Remediation

Upgrade Centos:7 libgcrypt to version 0:1.5.3-13.el7_3.1 or higher.

medium severity

RHSA-2017:0907

  • Vulnerable module: libmount
  • Introduced through: libmount@2.23.2-21.el7
  • Fixed in: 0:2.23.2-33.el7_3.2

Detailed paths

  • Introduced through: centos:7.1.1503@* libmount@2.23.2-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libmount package. See Remediation section below for Centos:7 relevant versions.

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stöckmann for reporting this issue. Bug Fix(es): * The "findmnt --target <path>" command prints all file systems where the mount point directory is <path>. Previously, when used in the chroot environment, "findmnt --target <path>" incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481)

Remediation

Upgrade Centos:7 libmount to version 0:2.23.2-33.el7_3.2 or higher.

medium severity

RHSA-2016:0428

  • Vulnerable module: libssh2
  • Introduced through: libssh2@1.4.3-8.el7
  • Fixed in: 0:1.4.3-10.el7_2.1

Detailed paths

  • Introduced through: centos:7.1.1503@* libssh2@1.4.3-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Centos:7 relevant versions.

The libssh2 packages provide a library that implements the SSHv2 protocol. A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. (CVE-2016-0787) Red Hat would like to thank Aris Adamantiadis for reporting this issue. All libssh2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing these updated packages, all running applications using libssh2 must be restarted for this update to take effect.

Remediation

Upgrade Centos:7 libssh2 to version 0:1.4.3-10.el7_2.1 or higher.

medium severity

RHSA-2019:1884

  • Vulnerable module: libssh2
  • Introduced through: libssh2@1.4.3-8.el7
  • Fixed in: 0:1.4.3-12.el7_6.3

Detailed paths

  • Introduced through: centos:7.1.1503@* libssh2@1.4.3-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Centos:7 relevant versions.

The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es): * libssh2: Out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 libssh2 to version 0:1.4.3-12.el7_6.3 or higher.

References

medium severity

RHSA-2019:2136

  • Vulnerable module: libssh2
  • Introduced through: libssh2@1.4.3-8.el7
  • Fixed in: 0:1.8.0-3.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libssh2@1.4.3-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Centos:7 relevant versions.

The libssh2 packages provide a library that implements the SSH2 protocol. The following packages have been upgraded to a later upstream version: libssh2 (1.8.0). (BZ#1592784) Security Fix(es): * libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read (CVE-2019-3858) * libssh2: Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libssh2 to version 0:1.8.0-3.el7 or higher.

References

medium severity

RHSA-2020:3915

  • Vulnerable module: libssh2
  • Introduced through: libssh2@1.4.3-8.el7
  • Fixed in: 0:1.8.0-4.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libssh2@1.4.3-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Centos:7 relevant versions.

The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es): * libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c (CVE-2019-17498) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libssh2 to version 0:1.8.0-4.el7 or higher.

References

medium severity

RHSA-2017:1860

  • Vulnerable module: libtasn1
  • Introduced through: libtasn1@3.8-2.el7
  • Fixed in: 0:4.10-1.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libtasn1@3.8-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libtasn1 package. See Remediation section below for Centos:7 relevant versions.

Libtasn1 is a library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions. The following packages have been upgraded to a later upstream version: libtasn1 (4.10). (BZ#1360639) Security Fix(es): * A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER-encoded input could cause an application using libtasn1 to perform an invalid read, causing the application to crash. (CVE-2015-3622) * A stack-based buffer overflow was found in the way libtasn1 decoded certain DER encoded data. An attacker could use this flaw to crash an application using the libtasn1 library. (CVE-2015-2806) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libtasn1 to version 0:4.10-1.el7 or higher.

medium severity

RHSA-2017:0907

  • Vulnerable module: libuuid
  • Introduced through: libuuid@2.23.2-21.el7
  • Fixed in: 0:2.23.2-33.el7_3.2

Detailed paths

  • Introduced through: centos:7.1.1503@* libuuid@2.23.2-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libuuid package. See Remediation section below for Centos:7 relevant versions.

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stöckmann for reporting this issue. Bug Fix(es): * The "findmnt --target <path>" command prints all file systems where the mount point directory is <path>. Previously, when used in the chroot environment, "findmnt --target <path>" incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481)

Remediation

Upgrade Centos:7 libuuid to version 0:2.23.2-33.el7_3.2 or higher.

medium severity

RHSA-2015:0749

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-5.el7_0.1
  • Fixed in: 0:2.9.1-5.el7_1.2

Detailed paths

  • Introduced through: centos:7.1.1503@* libxml2@2.9.1-5.el7_0.1

NVD Description

Note: Versions mentioned in the description apply to the upstream libxml2 package. See Remediation section below for Centos:7 relevant versions.

The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.

Remediation

Upgrade Centos:7 libxml2 to version 0:2.9.1-5.el7_1.2 or higher.

medium severity

RHSA-2015:2550

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-5.el7_0.1
  • Fixed in: 0:2.9.1-6.el7_2.2

Detailed paths

  • Introduced through: centos:7.1.1503@* libxml2@2.9.1-5.el7_0.1

NVD Description

Note: Versions mentioned in the description apply to the upstream libxml2 package. See Remediation section below for Centos:7 relevant versions.

The libxml2 library is a development toolbox providing the implementation of various XML standards. Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application. (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955) Red Hat would like to thank the GNOME project for reporting CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the original reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck as the original reporter of CVE-2015-8317. The CVE-2015-1819 issue was discovered by Florian Weimer of Red Hat Product Security. All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.

Remediation

Upgrade Centos:7 libxml2 to version 0:2.9.1-6.el7_2.2 or higher.

medium severity

RHSA-2020:1190

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-5.el7_0.1
  • Fixed in: 0:2.9.1-6.el7.4

Detailed paths

  • Introduced through: centos:7.1.1503@* libxml2@2.9.1-5.el7_0.1

NVD Description

Note: Versions mentioned in the description apply to the upstream libxml2 package. See Remediation section below for Centos:7 relevant versions.

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131) * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412) * libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035) * libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404) * libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258) * libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libxml2 to version 0:2.9.1-6.el7.4 or higher.

References

medium severity

RHSA-2020:3996

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-5.el7_0.1
  • Fixed in: 0:2.9.1-6.el7.5

Detailed paths

  • Introduced through: centos:7.1.1503@* libxml2@2.9.1-5.el7_0.1

NVD Description

Note: Versions mentioned in the description apply to the upstream libxml2 package. See Remediation section below for Centos:7 relevant versions.

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c (CVE-2019-19956) * libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388) * libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libxml2 to version 0:2.9.1-6.el7.5 or higher.

References

medium severity

RHSA-2016:0685

  • Vulnerable module: nspr
  • Introduced through: nspr@4.10.6-3.el7
  • Fixed in: 0:4.11.0-1.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nspr@4.10.6-3.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nspr package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss (3.21.0), nss-util (3.21.0), nspr (4.11.0). (BZ#1310581, BZ#1303021, BZ#1299872) Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie–Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Eric Rescorla as the original reporter of CVE-2016-1978; and Tim Taubert as the original reporter of CVE-2016-1979. Bug Fix(es): * The nss-softokn package has been updated to be compatible with NSS 3.21. (BZ#1326221)

Remediation

Upgrade Centos:7 nspr to version 0:4.11.0-1.el7_2 or higher.

medium severity

RHSA-2019:2237

  • Vulnerable module: nspr
  • Introduced through: nspr@4.10.6-3.el7
  • Fixed in: 0:4.21.0-1.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* nspr@4.10.6-3.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nspr package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 nspr to version 0:4.21.0-1.el7 or higher.

References

medium severity

RHSA-2020:4076

  • Vulnerable module: nspr
  • Introduced through: nspr@4.10.6-3.el7
  • Fixed in: 0:4.25.0-2.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nspr@4.10.6-3.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nspr package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885)

Remediation

Upgrade Centos:7 nspr to version 0:4.25.0-2.el7_9 or higher.

References

medium severity

RHSA-2015:1185

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-3.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) Note: This update forces the TLS/SSL client implementation in NSS to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. The nss and nss-util packages have been upgraded to upstream versions 3.19.1. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Users of nss and nss-util are advised to upgrade to these updated packages, which fix these security flaws, bugs, and add these enhancements.

Remediation

Upgrade Centos:7 nss to version 0:3.19.1-3.el7_1 or higher.

medium severity

RHSA-2016:0007

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-19.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) All nss users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the NSS library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 nss to version 0:3.19.1-19.el7_2 or higher.

medium severity

RHSA-2016:0685

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.21.0-9.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss (3.21.0), nss-util (3.21.0), nspr (4.11.0). (BZ#1310581, BZ#1303021, BZ#1299872) Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie–Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Eric Rescorla as the original reporter of CVE-2016-1978; and Tim Taubert as the original reporter of CVE-2016-1979. Bug Fix(es): * The nss-softokn package has been updated to be compatible with NSS 3.21. (BZ#1326221)

Remediation

Upgrade Centos:7 nss to version 0:3.21.0-9.el7_2 or higher.

medium severity

RHSA-2016:2779

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.21.3-2.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.21.3), nss-util (3.21.3). Security Fix(es): * Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-2834) * A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS. (CVE-2016-5285) * It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. (CVE-2016-8635) Red Hat would like to thank the Mozilla project for reporting CVE-2016-2834. The CVE-2016-8635 issue was discovered by Hubert Kario (Red Hat). Upstream acknowledges Tyson Smith and Jed Davis as the original reporter of CVE-2016-2834.

Remediation

Upgrade Centos:7 nss to version 0:3.21.3-2.el7_3 or higher.

medium severity

RHSA-2018:2768

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.36.0-7.el7_5

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello (CVE-2018-12384) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Mozilla project for reporting this issue.

Remediation

Upgrade Centos:7 nss to version 0:3.36.0-7.el7_5 or higher.

medium severity

RHSA-2019:2237

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.44.0-4.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 nss to version 0:3.44.0-4.el7 or higher.

References

medium severity

RHSA-2020:4076

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.53.1-3.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885)

Remediation

Upgrade Centos:7 nss to version 0:3.53.1-3.el7_9 or higher.

References

medium severity

RHSA-2021:1384

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.53.1-7.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * FTBFS: Paypal Cert expired (BZ#1883973) * FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) * Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) * CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193)

Remediation

Upgrade Centos:7 nss to version 0:3.53.1-7.el7_9 or higher.

References

medium severity

RHSA-2015:1699

  • Vulnerable module: nss-softokn
  • Introduced through: nss-softokn@3.16.2.3-9.el7
  • Fixed in: 0:3.16.2.3-13.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. (CVE-2015-2730) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Watson Ladd as the original reporter of this issue. All nss-softokn users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Remediation

Upgrade Centos:7 nss-softokn to version 0:3.16.2.3-13.el7_1 or higher.

medium severity

RHSA-2016:0685

  • Vulnerable module: nss-softokn
  • Introduced through: nss-softokn@3.16.2.3-9.el7
  • Fixed in: 0:3.16.2.3-14.2.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss (3.21.0), nss-util (3.21.0), nspr (4.11.0). (BZ#1310581, BZ#1303021, BZ#1299872) Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie–Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Eric Rescorla as the original reporter of CVE-2016-1978; and Tim Taubert as the original reporter of CVE-2016-1979. Bug Fix(es): * The nss-softokn package has been updated to be compatible with NSS 3.21. (BZ#1326221)

Remediation

Upgrade Centos:7 nss-softokn to version 0:3.16.2.3-14.2.el7_2 or higher.

medium severity

RHSA-2019:2237

  • Vulnerable module: nss-softokn
  • Introduced through: nss-softokn@3.16.2.3-9.el7
  • Fixed in: 0:3.44.0-5.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 nss-softokn to version 0:3.44.0-5.el7 or higher.

References

medium severity

RHSA-2020:4076

  • Vulnerable module: nss-softokn
  • Introduced through: nss-softokn@3.16.2.3-9.el7
  • Fixed in: 0:3.53.1-6.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885)

Remediation

Upgrade Centos:7 nss-softokn to version 0:3.53.1-6.el7_9 or higher.

References

medium severity

RHSA-2015:1699

  • Vulnerable module: nss-softokn-freebl
  • Introduced through: nss-softokn-freebl@3.16.2.3-9.el7
  • Fixed in: 0:3.16.2.3-13.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn-freebl@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn-freebl package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. (CVE-2015-2730) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Watson Ladd as the original reporter of this issue. All nss-softokn users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Remediation

Upgrade Centos:7 nss-softokn-freebl to version 0:3.16.2.3-13.el7_1 or higher.

medium severity

RHSA-2016:0685

  • Vulnerable module: nss-softokn-freebl
  • Introduced through: nss-softokn-freebl@3.16.2.3-9.el7
  • Fixed in: 0:3.16.2.3-14.2.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn-freebl@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn-freebl package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss (3.21.0), nss-util (3.21.0), nspr (4.11.0). (BZ#1310581, BZ#1303021, BZ#1299872) Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie–Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Eric Rescorla as the original reporter of CVE-2016-1978; and Tim Taubert as the original reporter of CVE-2016-1979. Bug Fix(es): * The nss-softokn package has been updated to be compatible with NSS 3.21. (BZ#1326221)

Remediation

Upgrade Centos:7 nss-softokn-freebl to version 0:3.16.2.3-14.2.el7_2 or higher.

medium severity

RHSA-2019:2237

  • Vulnerable module: nss-softokn-freebl
  • Introduced through: nss-softokn-freebl@3.16.2.3-9.el7
  • Fixed in: 0:3.44.0-5.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn-freebl@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn-freebl package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 nss-softokn-freebl to version 0:3.44.0-5.el7 or higher.

References

medium severity

RHSA-2020:4076

  • Vulnerable module: nss-softokn-freebl
  • Introduced through: nss-softokn-freebl@3.16.2.3-9.el7
  • Fixed in: 0:3.53.1-6.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-softokn-freebl@3.16.2.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn-freebl package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885)

Remediation

Upgrade Centos:7 nss-softokn-freebl to version 0:3.53.1-6.el7_9 or higher.

References

medium severity

RHSA-2015:1185

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-3.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) Note: This update forces the TLS/SSL client implementation in NSS to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. The nss and nss-util packages have been upgraded to upstream versions 3.19.1. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Users of nss and nss-util are advised to upgrade to these updated packages, which fix these security flaws, bugs, and add these enhancements.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.19.1-3.el7_1 or higher.

medium severity

RHSA-2016:0007

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-19.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) All nss users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the NSS library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.19.1-19.el7_2 or higher.

medium severity

RHSA-2016:0685

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.21.0-9.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss (3.21.0), nss-util (3.21.0), nspr (4.11.0). (BZ#1310581, BZ#1303021, BZ#1299872) Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie–Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Eric Rescorla as the original reporter of CVE-2016-1978; and Tim Taubert as the original reporter of CVE-2016-1979. Bug Fix(es): * The nss-softokn package has been updated to be compatible with NSS 3.21. (BZ#1326221)

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.21.0-9.el7_2 or higher.

medium severity

RHSA-2016:2779

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.21.3-2.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.21.3), nss-util (3.21.3). Security Fix(es): * Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-2834) * A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS. (CVE-2016-5285) * It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. (CVE-2016-8635) Red Hat would like to thank the Mozilla project for reporting CVE-2016-2834. The CVE-2016-8635 issue was discovered by Hubert Kario (Red Hat). Upstream acknowledges Tyson Smith and Jed Davis as the original reporter of CVE-2016-2834.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.21.3-2.el7_3 or higher.

medium severity

RHSA-2018:2768

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.36.0-7.el7_5

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello (CVE-2018-12384) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Mozilla project for reporting this issue.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.36.0-7.el7_5 or higher.

medium severity

RHSA-2019:2237

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.44.0-4.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.44.0-4.el7 or higher.

References

medium severity

RHSA-2020:4076

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.53.1-3.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885)

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.53.1-3.el7_9 or higher.

References

medium severity

RHSA-2021:1384

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.53.1-7.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * FTBFS: Paypal Cert expired (BZ#1883973) * FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) * Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) * CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193)

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.53.1-7.el7_9 or higher.

References

medium severity

RHSA-2015:1185

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-3.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) Note: This update forces the TLS/SSL client implementation in NSS to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. The nss and nss-util packages have been upgraded to upstream versions 3.19.1. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Users of nss and nss-util are advised to upgrade to these updated packages, which fix these security flaws, bugs, and add these enhancements.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.19.1-3.el7_1 or higher.

medium severity

RHSA-2016:0007

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.19.1-19.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) All nss users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the NSS library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.19.1-19.el7_2 or higher.

medium severity

RHSA-2016:0685

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.21.0-9.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss (3.21.0), nss-util (3.21.0), nspr (4.11.0). (BZ#1310581, BZ#1303021, BZ#1299872) Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie–Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Eric Rescorla as the original reporter of CVE-2016-1978; and Tim Taubert as the original reporter of CVE-2016-1979. Bug Fix(es): * The nss-softokn package has been updated to be compatible with NSS 3.21. (BZ#1326221)

Remediation

Upgrade Centos:7 nss-tools to version 0:3.21.0-9.el7_2 or higher.

medium severity

RHSA-2016:2779

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.21.3-2.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.21.3), nss-util (3.21.3). Security Fix(es): * Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-2834) * A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS. (CVE-2016-5285) * It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. (CVE-2016-8635) Red Hat would like to thank the Mozilla project for reporting CVE-2016-2834. The CVE-2016-8635 issue was discovered by Hubert Kario (Red Hat). Upstream acknowledges Tyson Smith and Jed Davis as the original reporter of CVE-2016-2834.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.21.3-2.el7_3 or higher.

medium severity

RHSA-2018:2768

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.36.0-7.el7_5

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello (CVE-2018-12384) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Mozilla project for reporting this issue.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.36.0-7.el7_5 or higher.

medium severity

RHSA-2019:2237

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.44.0-4.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.44.0-4.el7 or higher.

References

medium severity

RHSA-2020:4076

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.53.1-3.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885)

Remediation

Upgrade Centos:7 nss-tools to version 0:3.53.1-3.el7_9 or higher.

References

medium severity

RHSA-2021:1384

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.53.1-7.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * FTBFS: Paypal Cert expired (BZ#1883973) * FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) * Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) * CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193)

Remediation

Upgrade Centos:7 nss-tools to version 0:3.53.1-7.el7_9 or higher.

References

medium severity

RHSA-2015:1185

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.19.1-1.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) Note: This update forces the TLS/SSL client implementation in NSS to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. The nss and nss-util packages have been upgraded to upstream versions 3.19.1. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Users of nss and nss-util are advised to upgrade to these updated packages, which fix these security flaws, bugs, and add these enhancements.

Remediation

Upgrade Centos:7 nss-util to version 0:3.19.1-1.el7_1 or higher.

medium severity

RHSA-2016:0685

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.21.0-2.2.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss (3.21.0), nss-util (3.21.0), nspr (4.11.0). (BZ#1310581, BZ#1303021, BZ#1299872) Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie–Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Eric Rescorla as the original reporter of CVE-2016-1978; and Tim Taubert as the original reporter of CVE-2016-1979. Bug Fix(es): * The nss-softokn package has been updated to be compatible with NSS 3.21. (BZ#1326221)

Remediation

Upgrade Centos:7 nss-util to version 0:3.21.0-2.2.el7_2 or higher.

medium severity

RHSA-2016:2779

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.21.3-1.1.el7_3

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.21.3), nss-util (3.21.3). Security Fix(es): * Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-2834) * A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS. (CVE-2016-5285) * It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. (CVE-2016-8635) Red Hat would like to thank the Mozilla project for reporting CVE-2016-2834. The CVE-2016-8635 issue was discovered by Hubert Kario (Red Hat). Upstream acknowledges Tyson Smith and Jed Davis as the original reporter of CVE-2016-2834.

Remediation

Upgrade Centos:7 nss-util to version 0:3.21.3-1.1.el7_3 or higher.

medium severity

RHSA-2019:2237

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.44.0-3.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 nss-util to version 0:3.44.0-3.el7 or higher.

References

medium severity

RHSA-2020:4076

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.53.1-1.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nss-softokn (3.53.1), nss-util (3.53.1), nspr (4.25.0). (BZ#1804262, BZ#1804264, BZ#1804271, BZ#1804273) Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Memory leak: libcurl leaks 120 bytes on each connection (BZ#1688958) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1712924) * Make TLS 1.3 work in FIPS mode (BZ#1724251) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1737910) * x25519 allowed in FIPS mode (BZ#1754518) * When NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess (BZ#1779325) * Running ipa-backup continuously causes httpd to crash and makes it irrecoverable (BZ#1804015) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1857308) * KDF-self-tests-induced changes for nss in RHEL 7.9 (BZ#1870885)

Remediation

Upgrade Centos:7 nss-util to version 0:3.53.1-1.el7_9 or higher.

References

medium severity

RHSA-2015:2131

  • Vulnerable module: openldap
  • Introduced through: openldap@2.4.39-6.el7
  • Fixed in: 0:2.4.40-8.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* openldap@2.4.39-6.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openldap package. See Remediation section below for Centos:7 relevant versions.

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and documentation for OpenLDAP. A flaw was found in the way OpenLDAP parsed OpenSSL-style cipher strings. As a result, OpenLDAP could potentially use ciphers that were not intended to be enabled. (CVE-2015-3276) This issue was discovered by Martin Poole of the Red Hat Software Maintenance Engineering group. The openldap packages have been upgraded to upstream version 2.4.40, which provides a number of bug fixes and one enhancement over the previous version: * The ORDERING matching rules have been added to the ppolicy attribute type descriptions. * The server no longer terminates unexpectedly when processing SRV records. * Missing objectClass information has been added, which enables the user to modify the front-end configuration by standard means. (BZ#1147982) This update also fixes the following bugs: * Previously, OpenLDAP did not properly handle a number of simultaneous updates. As a consequence, sending a number of parallel update requests to the server could cause a deadlock. With this update, a superfluous locking mechanism causing the deadlock has been removed, thus fixing the bug. (BZ#1125152) * The httpd service sometimes terminated unexpectedly with a segmentation fault on the libldap library unload. The underlying source code has been modified to prevent a bad memory access error that caused the bug to occur. As a result, httpd no longer crashes in this situation. (BZ#1158005) * After upgrading the system from Red Hat Enterprise Linux 6 to Red Hat Enterprise Linux 7, symbolic links to certain libraries unexpectedly pointed to locations belonging to the openldap-devel package. If the user uninstalled openldap-devel, the symbolic links were broken and the "rpm -V openldap" command sometimes produced errors. With this update, the symbolic links no longer get broken in the described situation. If the user downgrades openldap to version 2.4.39-6 or earlier, the symbolic links might break. After such downgrade, it is recommended to verify that the symbolic links did not break. To do this, make sure the yum-plugin-verify package is installed and obtain the target libraries by running the "rpm -V openldap" or "yum verify openldap" command. (BZ#1230263) In addition, this update adds the following enhancement: * OpenLDAP clients now automatically choose the Network Security Services (NSS) default cipher suites for communication with the server. It is no longer necessary to maintain the default cipher suites manually in the OpenLDAP source code. (BZ#1245279) All openldap users are advised to upgrade to these updated packages, which correct these issues and add this enhancement.

Remediation

Upgrade Centos:7 openldap to version 0:2.4.40-8.el7 or higher.

medium severity

RHSA-2017:1852

  • Vulnerable module: openldap
  • Introduced through: openldap@2.4.39-6.el7
  • Fixed in: 0:2.4.44-5.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* openldap@2.4.39-6.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openldap package. See Remediation section below for Centos:7 relevant versions.

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and documentation for OpenLDAP. The following packages have been upgraded to a later upstream version: openldap (2.4.44). (BZ#1386365) Security Fix(es): * A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this flaw to crash slapd by issuing a specially crafted LDAP search query. (CVE-2017-9287) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 openldap to version 0:2.4.44-5.el7 or higher.

medium severity

RHSA-2020:4041

  • Vulnerable module: openldap
  • Introduced through: openldap@2.4.39-6.el7
  • Fixed in: 0:2.4.44-22.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* openldap@2.4.39-6.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openldap package. See Remediation section below for Centos:7 relevant versions.

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and documentation for OpenLDAP. Security Fix(es): * openldap: denial of service via nested boolean expressions in LDAP search filters (CVE-2020-12243) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 openldap to version 0:2.4.44-22.el7 or higher.

References

medium severity

RHSA-2021:1389

  • Vulnerable module: openldap
  • Introduced through: openldap@2.4.39-6.el7
  • Fixed in: 0:2.4.44-23.el7_9

Detailed paths

  • Introduced through: centos:7.1.1503@* openldap@2.4.39-6.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openldap package. See Remediation section below for Centos:7 relevant versions.

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Security Fix(es): * openldap: NULL pointer dereference for unauthenticated packet in slapd (CVE-2020-25692) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 openldap to version 0:2.4.44-23.el7_9 or higher.

References

medium severity

RHBA-2017:1929

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.2k-8.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. Users of openssl are advised to upgrade to these updated packages.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.2k-8.el7 or higher.

References

medium severity

RHSA-2015:0716

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-42.el7_1.4

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application. (CVE-2015-0286) An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292) A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293) A use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209) An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287) A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289) Red Hat would like to thank the OpenSSL project for reporting CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson of the OpenSSL development team as the original reporter of CVE-2015-0286, Emilia Käsper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia Käsper of the OpenSSL development team as the original reporters of CVE-2015-0293. This update also fixes the following bug: * When a wrapped Advanced Encryption Standard (AES) key did not require any padding, it was incorrectly padded with 8 bytes, which could lead to data corruption and interoperability problems. With this update, the rounding algorithm in the RFC 5649 key wrapping implementation has been fixed. As a result, the wrapped key conforms to the specification, which prevents the described problems. (BZ#1197667) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-42.el7_1.4 or higher.

medium severity

RHSA-2015:1072

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-42.el7_1.6

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) Note: This update forces the TLS/SSL client implementation in OpenSSL to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-42.el7_1.6 or higher.

medium severity

RHSA-2015:1115

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-42.el7_1.8

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176) A flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash. (CVE-2015-3216) An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789) A race condition was found in the session handling code of OpenSSL. This issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791) A flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790) Red Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Böck as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Käsper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792. All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-42.el7_1.8 or higher.

medium severity

RHSA-2015:2617

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-51.el7_2.1

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-51.el7_2.1 or higher.

medium severity

RHSA-2016:0008

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-51.el7_2.2

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-51.el7_2.2 or higher.

medium severity

RHSA-2017:0286

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.1e-60.el7_3.1

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. (CVE-2017-3731) * A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients. (CVE-2016-8610)

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.1e-60.el7_3.1 or higher.

medium severity

RHSA-2018:0998

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.2k-12.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) * openssl: Read/write after SSL object in error state (CVE-2017-3737) * openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.2k-12.el7 or higher.

medium severity

RHSA-2018:3221

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.2k-16.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.2k-16.el7 or higher.

medium severity

RHSA-2018:3221

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.2k-16.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.2k-16.el7 or higher.

medium severity

RHSA-2019:0483

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.2k-16.el7_6.1

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Perform the RSA signature self-tests with SHA-256 (BZ#1673914)

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.2k-16.el7_6.1 or higher.

medium severity

RHSA-2019:2304

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.1e-42.el7
  • Fixed in: 1:1.0.2k-19.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* openssl-libs@1:1.0.1e-42.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl-libs package. See Remediation section below for Centos:7 relevant versions.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: 0-byte record padding oracle (CVE-2019-1559) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 openssl-libs to version 1:1.0.2k-19.el7 or higher.

References

medium severity

RHSA-2015:1640

  • Vulnerable module: pam
  • Introduced through: pam@1.1.8-12.el7
  • Fixed in: 0:1.1.8-12.el7_1.1

Detailed paths

  • Introduced through: centos:7.1.1503@* pam@1.1.8-12.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream pam package. See Remediation section below for Centos:7 relevant versions.

Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. It was discovered that the _unix_run_helper_binary() function of PAM's unix_pam module could write to a blocking pipe, possibly causing the function to become unresponsive. An attacker able to supply large passwords to the unix_pam module could use this flaw to enumerate valid user accounts, or cause a denial of service on the system. (CVE-2015-3238) Red Hat would like to thank Sebastien Macke of Trustwave SpiderLabs for reporting this issue. All pam users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.

Remediation

Upgrade Centos:7 pam to version 0:1.1.8-12.el7_1.1 or higher.

medium severity

RHBA-2015:2142

  • Vulnerable module: pcre
  • Introduced through: pcre@8.32-14.el7
  • Fixed in: 0:8.32-15.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* pcre@8.32-14.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream pcre package. See Remediation section below for Centos:7 relevant versions.

PCRE is a Perl-compatible regular expression library. This update fixes the following bugs: * Previously, non-matched groups within capturing groups up to a forced match were not being properly reset by PCRE, causing the library to incorrectly match some groups. With this update, non-matched groups within capturing groups up to a forced match are being properly marked as non-matching. (BZ#1161597) * Compiling zero-repeated groups with recursive back references no longer causes PCRE to crash. (BZ#1119356) * A bug in PCRE was causing it to match the wrong substring in regular expressions with empty-matching possessive zero-repeat groups. This problem has been fixed and matching these groups now behaves as expected. (BZ#1119320) * PCRE previously did not correctly evaluate regular expressions with literal quotations inside character class. For example, the expression "/[\Qa]\E]+/" was not matching the string "a", although it should. The problem has been fixed and regular expressions with literal quotations inside character class are now being evaluated correctly. (BZ#1111091) * An error in first character optimization was causing PCRE to incorrectly evaluate regular expressions where a start-anchored character with more than once case follows circumflex in multi-line UTF-8 mode. This update resolves the problem and PCRE now properly evaluates these regular expressions. (BZ#1110621) * Linking an application to the static PCRE library using the libpcre module for pkg-config was failing due to missing pthread symbols. The pkg-config modules for PCRE libraries have been updated to declare private libraries properly, and the "pkg-config --static --libs libpcre" command can now be used to link the static pcre library to an application. (BZ#1217111) * The pcredemo.c file, which is described in the pcresample(3) man page as containing code examples for PCRE, was missing from the pcre-devel package. The example file has been added to the pcre-devel package and can now be found in the /usr/share/doc/pcre-devel-8.32/ directory. (BZ#1217118) Users of pcre are advised to upgrade to these updated packages, which fix these bugs.

Remediation

Upgrade Centos:7 pcre to version 0:8.32-15.el7 or higher.

References

medium severity

RHSA-2019:2189

  • Vulnerable module: procps-ng
  • Introduced through: procps-ng@3.3.10-3.el7
  • Fixed in: 0:3.3.10-26.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* procps-ng@3.3.10-3.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream procps-ng package. See Remediation section below for Centos:7 relevant versions.

The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es): * procps-ng, procps: Local privilege escalation in top (CVE-2018-1122) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 procps-ng to version 0:3.3.10-26.el7 or higher.

References

medium severity

RHSA-2015:2101

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-34.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the Python xmlrpclib module did not restrict the size of gzip-compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory. (CVE-2013-1753) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) A flaw was found in the way the json module handled negative index arguments passed to certain functions (such as raw_decode()). An attacker able to control the index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory. (CVE-2014-4616) The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) Note: The Python standard library was updated to make it possible to enable certificate verification by default. However, for backwards compatibility, verification remains disabled by default. Future updates may change this default. Refer to the Knowledgebase article 2039753 linked to in the References section for further details about this change. (BZ#1219108) This update also fixes the following bugs: * Subprocesses used with the Eventlet library or regular threads previously tried to close epoll file descriptors twice, which led to an "Invalid argument" error. Subprocesses have been fixed to close the file descriptors only once. (BZ#1103452) * When importing the readline module from a Python script, Python no longer produces erroneous random characters on stdout. (BZ#1189301) * The cProfile utility has been fixed to print all values that the "-s" option supports when this option is used without a correct value. (BZ#1237107) * The load_cert_chain() function now accepts "None" as a keyfile argument. (BZ#1250611) In addition, this update adds the following enhancements: * Security enhancements as described in PEP 466 have been backported to the Python standard library, for example, new features of the ssl module: Server Name Indication (SNI) support, support for new TLSv1.x protocols, new hash algorithms in the hashlib module, and many more. (BZ#1111461) * Support for the ssl.PROTOCOL_TLSv1_2 protocol has been added to the ssl library. (BZ#1192015) * The ssl.SSLSocket.version() method is now available to access information about the version of the SSL protocol used in a connection. (BZ#1259421) All python users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-34.el7 or higher.

medium severity

RHSA-2016:1626

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-38.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000110) * It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttls() function. A man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. (CVE-2016-0772) * It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. (CVE-2016-5699) Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-1000110.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-38.el7_2 or higher.

medium severity

RHSA-2017:1868

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-58.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) Note: The Python standard library was updated to enable certificate verification by default. Refer to the Knowledgebase article 2039753 linked to in the References section for further details about this change. (BZ#1219110) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-58.el7 or higher.

medium severity

RHSA-2018:2123

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-69.el7_5

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) Note: This update modifies the Python ssl module to disable 3DES cipher suites by default. Red Hat would like to thank OpenVPN for reporting this issue. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaëtan Leurent (Inria) as the original reporters.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-69.el7_5 or higher.

medium severity

RHSA-2018:3041

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-76.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) * python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Python security response team for reporting these issues. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-76.el7 or higher.

medium severity

RHSA-2019:2030

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-86.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-86.el7 or higher.

References

medium severity

RHSA-2020:1131

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-88.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Cookie domain check returns incorrect results (CVE-2018-20852) * python: email.utils.parseaddr wrongly parses email addresses (CVE-2019-16056) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-88.el7 or higher.

References

medium severity

RHSA-2020:3911

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-89.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-89.el7 or higher.

References

medium severity

RHSA-2020:5009

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-90.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-90.el7 or higher.

References

medium severity

RHSA-2015:2101

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-34.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the Python xmlrpclib module did not restrict the size of gzip-compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory. (CVE-2013-1753) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) A flaw was found in the way the json module handled negative index arguments passed to certain functions (such as raw_decode()). An attacker able to control the index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory. (CVE-2014-4616) The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) Note: The Python standard library was updated to make it possible to enable certificate verification by default. However, for backwards compatibility, verification remains disabled by default. Future updates may change this default. Refer to the Knowledgebase article 2039753 linked to in the References section for further details about this change. (BZ#1219108) This update also fixes the following bugs: * Subprocesses used with the Eventlet library or regular threads previously tried to close epoll file descriptors twice, which led to an "Invalid argument" error. Subprocesses have been fixed to close the file descriptors only once. (BZ#1103452) * When importing the readline module from a Python script, Python no longer produces erroneous random characters on stdout. (BZ#1189301) * The cProfile utility has been fixed to print all values that the "-s" option supports when this option is used without a correct value. (BZ#1237107) * The load_cert_chain() function now accepts "None" as a keyfile argument. (BZ#1250611) In addition, this update adds the following enhancements: * Security enhancements as described in PEP 466 have been backported to the Python standard library, for example, new features of the ssl module: Server Name Indication (SNI) support, support for new TLSv1.x protocols, new hash algorithms in the hashlib module, and many more. (BZ#1111461) * Support for the ssl.PROTOCOL_TLSv1_2 protocol has been added to the ssl library. (BZ#1192015) * The ssl.SSLSocket.version() method is now available to access information about the version of the SSL protocol used in a connection. (BZ#1259421) All python users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-34.el7 or higher.

medium severity

RHSA-2016:1626

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-38.el7_2

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000110) * It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttls() function. A man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. (CVE-2016-0772) * It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. (CVE-2016-5699) Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-1000110.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-38.el7_2 or higher.

medium severity

RHSA-2017:1868

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-58.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) Note: The Python standard library was updated to enable certificate verification by default. Refer to the Knowledgebase article 2039753 linked to in the References section for further details about this change. (BZ#1219110) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-58.el7 or higher.

medium severity

RHSA-2018:2123

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-69.el7_5

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) Note: This update modifies the Python ssl module to disable 3DES cipher suites by default. Red Hat would like to thank OpenVPN for reporting this issue. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaëtan Leurent (Inria) as the original reporters.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-69.el7_5 or higher.

medium severity

RHSA-2018:3041

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-76.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) * python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Python security response team for reporting these issues. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-76.el7 or higher.

medium severity

RHSA-2019:2030

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-86.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-86.el7 or higher.

References

medium severity

RHSA-2020:1131

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-88.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Cookie domain check returns incorrect results (CVE-2018-20852) * python: email.utils.parseaddr wrongly parses email addresses (CVE-2019-16056) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-88.el7 or higher.

References

medium severity

RHSA-2020:3911

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-89.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-89.el7 or higher.

References

medium severity

RHSA-2020:5009

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-90.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-90.el7 or higher.

References

medium severity

RHBA-2015:2116

  • Vulnerable module: shared-mime-info
  • Introduced through: shared-mime-info@1.1-7.el7
  • Fixed in: 0:1.1-9.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* shared-mime-info@1.1-7.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream shared-mime-info package. See Remediation section below for Centos:7 relevant versions.

The GTK+ packages contain the GIMP ToolKit (GTK+), a library for creating graphical user interfaces for the X Window System. This update contains a number of rebases to the latest upstream stable versions, which provides a number of bug fixes and enhancements over the previous versions. For more information on the changes, see the GNOME release notes and Red Hat Enterprise Linux 7.2 Release Notes. The orc packages have been upgraded to version 0.4.22. (BZ#1174391) The atk packages have been upgraded to version 2.14.0. (BZ#1174433) The cairo packages have been upgraded to version 1.14.2. (BZ#1174435) The pango packages have been upgraded to version 1.36.8. (BZ#1174436) The gdk-pixbuf2 packages have been upgraded to version 2.31.1. (BZ#1174438) The gobject-introspection packages have been upgraded to version 1.42.0. (BZ#1174439) The glib-networking packages have been upgraded to version 2.42.2. (BZ#1174447) The dconf packages have been upgraded to version 0.22.0. (BZ#1174448) The gtksourceview3 packages have been upgraded to version 3.14.2. (BZ#1174500) The json-glib packages have been upgraded to version 1.0.2. (BZ#1174501) The webkitgtk3 packages have been upgraded to version 2.4.9. (BZ#1174556) The glibmm24 packages have been upgraded to version 2.42.0. (BZ#1174565) The harfbuzz packages have been upgraded to version 0.9.36. (BZ#1201148) The libxklavier packages have been upgraded to version 5.4. (BZ#1202874) The glib2 packages have been upgraded to version 2.42.2. (BZ#1203755) The gtk2 packages have been upgraded to version 2.24.28. (BZ#1221171) This update also fixes the following bugs: * Previously, GTK+ was treating frame times from _NET_WM_FRAME_DRAWN and _NET_WM_FRAME_TIMINGS as local monotonic times, but they are actually extended-precision versions of the server time. This was causing rendering stalls when using GTK+ applications remotely. With this update, frame times are converted to monotonic times when the X server and client are not running on the same system, and GTK+ applications can be used remotely without rendering stalls. (BZ#1243646) * Previously, the glib2 packages were rebased to a version that deprecated the g_memmove() function. As a consequence, libgsf failed to build from source. This update replaces g_memmove() with memmove(), thus fixing this bug. (BZ#1132679) * Prior to this update, the Python plug-in for GDB did not work with the version of GDB in Red Hat Enterprise Linux 7.1. As a consequence, GDB returned error messages when debugging glib2 applications. This update applies an upstream fix to use newer GDB APIs, and the Python GDB debugging aid for glib2 applications now works as expected. (BZ#1055733) * The glib2 utility previously returned confusing warning messages when programs added GObject properties after the class was initialized. The functionality of adding a property after the class was initialized has been added back due to backward compatibility concerns, and error messages on properties thus no longer appear. (BZ#1168600) * When selecting a file in the "Add attachment" window, Evolution previously terminated unexpectedly with a segmentation fault. This update fixes the gtk_tree_row_ref_deleted() function causing this bug, and attaching a file no longer leads to a crash. (BZ#1175941) * Previously, the CUPS back end checked an incorrect port to connect to remote printers. Consequently, fetching printer information failed and the "Print" button became insensitive. This update makes sure CUPS checks the correct port, thus fixing this bug. (BZ#1221157, BZ#1154038) Users of GTK+ are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 shared-mime-info to version 0:1.1-9.el7 or higher.

References

medium severity

RHSA-2020:1021

  • Vulnerable module: shared-mime-info
  • Introduced through: shared-mime-info@1.1-7.el7
  • Fixed in: 0:1.8-5.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* shared-mime-info@1.1-7.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream shared-mime-info package. See Remediation section below for Centos:7 relevant versions.

GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix(es): * gnome-shell: partial lock screen bypass (CVE-2019-3820) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 shared-mime-info to version 0:1.8-5.el7 or higher.

References

medium severity

RHSA-2015:1635

  • Vulnerable module: sqlite
  • Introduced through: sqlite@3.7.17-4.el7
  • Fixed in: 0:3.7.17-6.el7_1.1

Detailed paths

  • Introduced through: centos:7.1.1503@* sqlite@3.7.17-4.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream sqlite package. See Remediation section below for Centos:7 relevant versions.

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414) It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415) It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3416) All sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.

Remediation

Upgrade Centos:7 sqlite to version 0:3.7.17-6.el7_1.1 or higher.

medium severity

RHBA-2015:2092

  • Vulnerable module: systemd-libs
  • Introduced through: systemd-libs@208-20.el7
  • Fixed in: 0:219-19.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* systemd-libs@208-20.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd-libs package. See Remediation section below for Centos:7 relevant versions.

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. This update fixes multiple bugs and adds numerous enhancements. Refer to the following Red Hat Knowledgebase article for information on the most significant of these changes: https://access.redhat.com/articles/1611383 Users of systemd are advised to upgrade to these updated packages, which fix these bugs and add these enhancements. The system must be rebooted for this update to take effect.

Remediation

Upgrade Centos:7 systemd-libs to version 0:219-19.el7 or higher.

References

medium severity

RHSA-2016:2610

  • Vulnerable module: systemd-libs
  • Introduced through: systemd-libs@208-20.el7
  • Fixed in: 0:219-30.el7_3.3

Detailed paths

  • Introduced through: centos:7.1.1503@* systemd-libs@208-20.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd-libs package. See Remediation section below for Centos:7 relevant versions.

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd freeze its execution, preventing further management of system services, system shutdown, or zombie process collection via systemd. (CVE-2016-7795) Bug Fix(es): * Previously, the udev device manager automatically enabled all memory banks on IBM z System installations. As a consequence, hot plug memory was enabled automatically, which was incorrect. With this update, system architecture checks have been added to the udev rules to address the problem. As a result, hot plug memory is no longer automatically enabled. (BZ#1381123)

Remediation

Upgrade Centos:7 systemd-libs to version 0:219-30.el7_3.3 or higher.

medium severity

RHSA-2018:0260

  • Vulnerable module: systemd-libs
  • Introduced through: systemd-libs@208-20.el7
  • Fixed in: 0:219-42.el7_4.7

Detailed paths

  • Introduced through: centos:7.1.1503@* systemd-libs@208-20.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd-libs package. See Remediation section below for Centos:7 relevant versions.

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * A race condition was found in systemd. This could result in automount requests not being serviced and processes using them could hang, causing denial of service. (CVE-2018-1049)

Remediation

Upgrade Centos:7 systemd-libs to version 0:219-42.el7_4.7 or higher.

medium severity

RHSA-2019:2091

  • Vulnerable module: systemd-libs
  • Introduced through: systemd-libs@208-20.el7
  • Fixed in: 0:219-67.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* systemd-libs@208-20.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd-libs package. See Remediation section below for Centos:7 relevant versions.

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: line splitting via fgets() allows for state injection during daemon-reexec (CVE-2018-15686) * systemd: out-of-bounds read when parsing a crafted syslog message (CVE-2018-16866) * systemd: kills privileged process if unprivileged PIDFile was tampered (CVE-2018-16888) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 systemd-libs to version 0:219-67.el7 or higher.

References

medium severity

RHSA-2017:0907

  • Vulnerable module: util-linux
  • Introduced through: util-linux@2.23.2-21.el7
  • Fixed in: 0:2.23.2-33.el7_3.2

Detailed paths

  • Introduced through: centos:7.1.1503@* util-linux@2.23.2-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream util-linux package. See Remediation section below for Centos:7 relevant versions.

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stöckmann for reporting this issue. Bug Fix(es): * The "findmnt --target <path>" command prints all file systems where the mount point directory is <path>. Previously, when used in the chroot environment, "findmnt --target <path>" incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481)

Remediation

Upgrade Centos:7 util-linux to version 0:2.23.2-33.el7_3.2 or higher.

medium severity

RHSA-2016:2972

  • Vulnerable module: vim-minimal
  • Introduced through: vim-minimal@2:7.4.160-1.el7
  • Fixed in: 2:7.4.160-1.el7_3.1

Detailed paths

  • Introduced through: centos:7.1.1503@* vim-minimal@2:7.4.160-1.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream vim-minimal package. See Remediation section below for Centos:7 relevant versions.

Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim. (CVE-2016-1248)

Remediation

Upgrade Centos:7 vim-minimal to version 2:7.4.160-1.el7_3.1 or higher.

low severity

RHSA-2018:3032

  • Vulnerable module: binutils
  • Introduced through: binutils@2.23.52.0.1-30.el7
  • Fixed in: 0:2.27-34.base.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* binutils@2.23.52.0.1-30.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package. See Remediation section below for Centos:7 relevant versions.

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fix(es): * binutils: Improper bounds check in coffgen.c:coff_pointerize_aux() allows for denial of service when parsing a crafted COFF file (CVE-2018-7208) * binutils: integer overflow via an ELF file with corrupt dwarf1 debug information in libbfd library (CVE-2018-7568) * binutils: integer underflow or overflow via an ELF file with a corrupt DWARF FORM block in libbfd library (CVE-2018-7569) * binutils: NULL pointer dereference in swap_std_reloc_in function in aoutx.h resulting in crash (CVE-2018-7642) * binutils: Integer overflow in the display_debug_ranges function resulting in crash (CVE-2018-7643) * binutils: Crash in elf.c:bfd_section_from_shdr() with crafted executable (CVE-2018-8945) * binutils: Heap-base buffer over-read in dwarf.c:process_cu_tu_index() allows for denial of service via crafted file (CVE-2018-10372) * binutils: NULL pointer dereference in dwarf2.c:concat_filename() allows for denial of service via crafted file (CVE-2018-10373) * binutils: out of bounds memory write in peXXigen.c files (CVE-2018-10534) * binutils: NULL pointer dereference in elf.c (CVE-2018-10535) * binutils: Uncontrolled Resource Consumption in execution of nm (CVE-2018-13033) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 binutils to version 0:2.27-34.base.el7 or higher.

low severity

RHSA-2019:1880

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-51.el7_6.3

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: NTLM password overflow via integer overflow (CVE-2018-14618) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * baseurl with file:// hangs and then timeout in yum repo (BZ#1709474) * curl crashes on http links with rate-limit (BZ#1711914)

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-51.el7_6.3 or higher.

References

low severity

RHSA-2019:2181

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-54.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Heap-based buffer over-read in the curl tool warning formatting (CVE-2018-16842) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-54.el7 or higher.

References

low severity

RHSA-2020:1020

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-57.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* curl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: TFTP receive heap buffer overflow in tftp_receive_packet() function (CVE-2019-5436) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 curl to version 0:7.29.0-57.el7 or higher.

References

low severity

RHEA-2015:2126

  • Vulnerable module: elfutils-libelf
  • Introduced through: elfutils-libelf@0.160-1.el7
  • Fixed in: 0:0.163-3.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* elfutils-libelf@0.160-1.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream elfutils-libelf package. See Remediation section below for Centos:7 relevant versions.

The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The elfutils packages have been upgraded to upstream version 0.163, which provides a number of bug fixes and enhancements over the previous version. Notably: * Previously, elfutils libraries and tools could crash on malformed ELF files or incorrect DWARF data. All known ways to crash the libraries and tools on such incorrect input data have been fixed. * The following changes and improvements have been made to the eu-addr2line tool: - Input addresses are now always interpreted as hexadecimal numbers, never as octal or decimal numbers. - A new option, "-a", "--addresses", to print address before each entry. - A new option, "-C", "--demangle", to show demangled symbols. - A new option, "--pretty-print", to print all information on one line. As a result, it is possible to use eu-addr2line as a drop-in replacement for binutils addr2line. * This update introduces the following improvements to the libdw library: - A new header file elfutils/known-dwarf.h. - The preliminary DWARF5 constants "DW_AT_noreturn", "DW_LANG_C11", "DW_LANG_C_plus_plus_11", "DW_LANG_C_plus_plus_14", "DW_TAG_atomic_type", "DW_LANG_Fortran03", and "DW_LANG_Fortran08", plus the GNU extension "DW_AT_GNU_deleted" have been added to the elfutils/dwarf.h file. - A new function, dwarf_peel_type(), for handling qualified types. - The dwarf_getmacros function now serves both the .debug_macro and .debug_macinfo section data transparently. - New interfaces, "dwarf_getmacros_off", "dwarf_macro_getsrcfiles", "dwarf_macro_getparamcnt", and "dwarf_macro_param", are available for more generalized inspection of macros and their parameters. (BZ#1224169, BZ#1223462) Users of elfutils are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 elfutils-libelf to version 0:0.163-3.el7 or higher.

References

low severity

RHSA-2019:2197

  • Vulnerable module: elfutils-libelf
  • Introduced through: elfutils-libelf@0.160-1.el7
  • Fixed in: 0:0.176-2.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* elfutils-libelf@0.160-1.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream elfutils-libelf package. See Remediation section below for Centos:7 relevant versions.

The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The following packages have been upgraded to a later upstream version: elfutils (0.176). (BZ#1676504) Security Fix(es): * elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file (CVE-2018-16062) * elfutils: Double-free due to double decompression of sections in crafted ELF causes crash (CVE-2018-16402) * elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash (CVE-2018-16403) * elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl (CVE-2018-18310) * elfutils: eu-size cannot handle recursive ar files (CVE-2018-18520) * elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c (CVE-2018-18521) * elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw (CVE-2019-7149) * elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c (CVE-2019-7150) * elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h (CVE-2019-7664) * elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c (CVE-2019-7665) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 elfutils-libelf to version 0:0.176-2.el7 or higher.

References

low severity

RHSA-2020:1022

  • Vulnerable module: file
  • Introduced through: file@5.11-21.el7
  • Fixed in: 0:5.11-36.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* file@5.11-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream file package. See Remediation section below for Centos:7 relevant versions.

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Security Fix(es): * file: out-of-bounds read via a crafted ELF file (CVE-2018-10360) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 file to version 0:5.11-36.el7 or higher.

References

low severity

RHSA-2020:1022

  • Vulnerable module: file-libs
  • Introduced through: file-libs@5.11-21.el7
  • Fixed in: 0:5.11-36.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* file-libs@5.11-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream file-libs package. See Remediation section below for Centos:7 relevant versions.

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Security Fix(es): * file: out-of-bounds read via a crafted ELF file (CVE-2018-10360) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 file-libs to version 0:5.11-36.el7 or higher.

References

low severity

RHBA-2019:2044

  • Vulnerable module: glib2
  • Introduced through: glib2@2.40.0-4.el7
  • Fixed in: 0:2.56.1-5.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glib2@2.40.0-4.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2 package. See Remediation section below for Centos:7 relevant versions.

GNOME is the default desktop environment of Red Hat Enterprise Linux. For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. Users of gnome are advised to upgrade to these updated packages.

Remediation

Upgrade Centos:7 glib2 to version 0:2.56.1-5.el7 or higher.

References

low severity

RHSA-2016:2573

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-157.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution. (CVE-2016-3075) This issue was discovered by Florian Weimer (Red Hat). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-157.el7 or higher.

low severity

RHSA-2020:3861

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-78.el7
  • Fixed in: 0:2.17-317.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc to version 0:2.17-317.el7 or higher.

References

low severity

RHSA-2016:2573

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-157.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution. (CVE-2016-3075) This issue was discovered by Florian Weimer (Red Hat). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-157.el7 or higher.

low severity

RHSA-2020:3861

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-78.el7
  • Fixed in: 0:2.17-317.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* glibc-common@2.17-78.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-common package. See Remediation section below for Centos:7 relevant versions.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 glibc-common to version 0:2.17-317.el7 or higher.

References

low severity

RHSA-2015:2111

  • Vulnerable module: grep
  • Introduced through: grep@2.20-1.el7
  • Fixed in: 0:2.20-2.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* grep@2.20-1.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream grep package. See Remediation section below for Centos:7 relevant versions.

The grep utility searches through textual input for lines that contain a match to a specified pattern and then prints the matching lines. The GNU grep utilities include grep, egrep, and fgrep. A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory. (CVE-2015-1345) This update also fixes the following bugs: * Prior to this update, the \w and \W symbols were inconsistently matched to the [:alnum:] character class. Consequently, using regular expressions with "\w" and "\W" could lead to incorrect results. With this update, "\w" is consistently matched to the [[:alnum:]] character, and "\W" is consistently matched to the [^[:alnum:]] character. (BZ#1159012) * Previously, the Perl Compatible Regular Expression (PCRE) matcher (selected by the "-P" parameter in grep) did not work correctly when matching non-UTF-8 text in UTF-8 locales. Consequently, an error message about invalid UTF-8 byte sequence characters was returned. To fix this bug, patches from upstream have been applied to the grep utility. As a result, PCRE now skips non-UTF-8 characters as non-matching text without returning any error message. (BZ#1217080) All grep users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Remediation

Upgrade Centos:7 grep to version 0:2.20-2.el7 or higher.

low severity

RHSA-2016:2591

  • Vulnerable module: krb5-libs
  • Introduced through: krb5-libs@1.12.2-14.el7
  • Fixed in: 0:1.14.1-26.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* krb5-libs@1.12.2-14.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream krb5-libs package. See Remediation section below for Centos:7 relevant versions.

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). The following packages have been upgraded to a newer upstream version: krb5 (1.14.1). (BZ#1292153) Security Fix(es): * A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereference a null pointer and crash by supplying an empty DB argument to the modify_principal command, if kadmind was configured to use the LDAP KDB module. (CVE-2016-3119) * A NULL pointer dereference flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to dereference a null pointer and crash by making an S4U2Self request, if the restrict_anonymous_to_tgt option was set to true. (CVE-2016-3120) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 krb5-libs to version 0:1.14.1-26.el7 or higher.

low severity

RHSA-2018:3071

  • Vulnerable module: krb5-libs
  • Introduced through: krb5-libs@1.12.2-14.el7
  • Fixed in: 0:1.15.1-34.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* krb5-libs@1.12.2-14.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream krb5-libs package. See Remediation section below for Centos:7 relevant versions.

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): * krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data (CVE-2018-5729) * krb5: DN container check bypass by supplying special crafted data (CVE-2018-5730) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 krb5-libs to version 0:1.15.1-34.el7 or higher.

low severity

RHSA-2016:2605

  • Vulnerable module: libblkid
  • Introduced through: libblkid@2.23.2-21.el7
  • Fixed in: 0:2.23.2-33.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libblkid@2.23.2-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libblkid package. See Remediation section below for Centos:7 relevant versions.

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * It was found that util-linux's libblkid library did not properly handle Extended Boot Record (EBR) partitions when reading MS-DOS partition tables. An attacker with physical USB access to a protected machine could insert a storage device with a specially crafted partition table that could, for example, trigger an infinite loop in systemd-udevd, resulting in a denial of service on that machine. (CVE-2016-5011) Red Hat would like to thank Michael Gruhn for reporting this issue. Upstream acknowledges Christian Moch as the original reporter. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libblkid to version 0:2.23.2-33.el7 or higher.

low severity

RHSA-2019:1880

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-51.el7_6.3

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: NTLM password overflow via integer overflow (CVE-2018-14618) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * baseurl with file:// hangs and then timeout in yum repo (BZ#1709474) * curl crashes on http links with rate-limit (BZ#1711914)

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-51.el7_6.3 or higher.

References

low severity

RHSA-2019:2181

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-54.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Heap-based buffer over-read in the curl tool warning formatting (CVE-2018-16842) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-54.el7 or higher.

References

low severity

RHSA-2020:1020

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-19.el7
  • Fixed in: 0:7.29.0-57.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libcurl@7.29.0-19.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libcurl package. See Remediation section below for Centos:7 relevant versions.

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: TFTP receive heap buffer overflow in tftp_receive_packet() function (CVE-2019-5436) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libcurl to version 0:7.29.0-57.el7 or higher.

References

low severity

RHSA-2018:0849

  • Vulnerable module: libgcc
  • Introduced through: libgcc@4.8.3-9.el7
  • Fixed in: 0:4.8.5-28.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libgcc@4.8.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libgcc package. See Remediation section below for Centos:7 relevant versions.

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libgcc to version 0:4.8.5-28.el7 or higher.

low severity

RHSA-2018:0849

  • Vulnerable module: libgomp
  • Introduced through: libgomp@4.8.3-9.el7
  • Fixed in: 0:4.8.5-28.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libgomp@4.8.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libgomp package. See Remediation section below for Centos:7 relevant versions.

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libgomp to version 0:4.8.5-28.el7 or higher.

low severity

RHSA-2016:2605

  • Vulnerable module: libmount
  • Introduced through: libmount@2.23.2-21.el7
  • Fixed in: 0:2.23.2-33.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libmount@2.23.2-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libmount package. See Remediation section below for Centos:7 relevant versions.

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * It was found that util-linux's libblkid library did not properly handle Extended Boot Record (EBR) partitions when reading MS-DOS partition tables. An attacker with physical USB access to a protected machine could insert a storage device with a specially crafted partition table that could, for example, trigger an infinite loop in systemd-udevd, resulting in a denial of service on that machine. (CVE-2016-5011) Red Hat would like to thank Michael Gruhn for reporting this issue. Upstream acknowledges Christian Moch as the original reporter. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libmount to version 0:2.23.2-33.el7 or higher.

low severity

RHSA-2015:2140

  • Vulnerable module: libssh2
  • Introduced through: libssh2@1.4.3-8.el7
  • Fixed in: 0:1.4.3-10.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libssh2@1.4.3-8.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Centos:7 relevant versions.

The libssh2 packages provide a library that implements the SSH2 protocol. A flaw was found in the way the kex_agree_methods() function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the-middle attacker could use a crafted SSH_MSG_KEXINIT packet to crash a connecting libssh2 client. (CVE-2015-1782) This update also fixes the following bugs: * Previously, libssh2 did not correctly adjust the size of the receive window while reading from an SSH channel. This caused downloads over the secure copy (SCP) protocol to consume an excessive amount of memory. A series of upstream patches has been applied on the libssh2 source code to improve handling of the receive window size. Now, SCP downloads work as expected. (BZ#1080459) * Prior to this update, libssh2 did not properly initialize an internal variable holding the SSH agent file descriptor, which caused the agent destructor to close the standard input file descriptor by mistake. An upstream patch has been applied on libssh2 sources to properly initialize the internal variable. Now, libssh2 closes only the file descriptors it owns. (BZ#1147717) All libssh2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing these updated packages, all running applications using libssh2 must be restarted for this update to take effect.

Remediation

Upgrade Centos:7 libssh2 to version 0:1.4.3-10.el7 or higher.

low severity

RHSA-2018:0849

  • Vulnerable module: libstdc++
  • Introduced through: libstdc++@4.8.3-9.el7
  • Fixed in: 0:4.8.5-28.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libstdc++@4.8.3-9.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libstdc++ package. See Remediation section below for Centos:7 relevant versions.

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libstdc++ to version 0:4.8.5-28.el7 or higher.

low severity

RHSA-2016:2605

  • Vulnerable module: libuuid
  • Introduced through: libuuid@2.23.2-21.el7
  • Fixed in: 0:2.23.2-33.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* libuuid@2.23.2-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream libuuid package. See Remediation section below for Centos:7 relevant versions.

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * It was found that util-linux's libblkid library did not properly handle Extended Boot Record (EBR) partitions when reading MS-DOS partition tables. An attacker with physical USB access to a protected machine could insert a storage device with a specially crafted partition table that could, for example, trigger an infinite loop in systemd-udevd, resulting in a denial of service on that machine. (CVE-2016-5011) Red Hat would like to thank Michael Gruhn for reporting this issue. Upstream acknowledges Christian Moch as the original reporter. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 libuuid to version 0:2.23.2-33.el7 or higher.

low severity

RHBA-2015:0965

  • Vulnerable module: nspr
  • Introduced through: nspr@4.10.6-3.el7
  • Fixed in: 0:4.10.8-1.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nspr@4.10.6-3.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nspr package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The nss and nss-util packages have been upgraded to upstream versions 3.18, and the nspr packages have been upgraded to upstream version 4.10.8. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 38 Extended Support Release. (BZ#1211371, BZ#1211372, BZ#1211373) Users of nss, nss-util, and nspr are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 nspr to version 0:4.10.8-1.el7_1 or higher.

References

low severity

RHBA-2015:0965

  • Vulnerable module: nss
  • Introduced through: nss@3.16.2.3-5.el7
  • Fixed in: 0:3.18.0-2.2.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The nss and nss-util packages have been upgraded to upstream versions 3.18, and the nspr packages have been upgraded to upstream version 4.10.8. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 38 Extended Support Release. (BZ#1211371, BZ#1211372, BZ#1211373) Users of nss, nss-util, and nspr are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 nss to version 0:3.18.0-2.2.el7_1 or higher.

References

low severity

RHBA-2015:0965

  • Vulnerable module: nss-sysinit
  • Introduced through: nss-sysinit@3.16.2.3-5.el7
  • Fixed in: 0:3.18.0-2.2.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-sysinit@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-sysinit package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The nss and nss-util packages have been upgraded to upstream versions 3.18, and the nspr packages have been upgraded to upstream version 4.10.8. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 38 Extended Support Release. (BZ#1211371, BZ#1211372, BZ#1211373) Users of nss, nss-util, and nspr are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 nss-sysinit to version 0:3.18.0-2.2.el7_1 or higher.

References

low severity

RHBA-2015:0965

  • Vulnerable module: nss-tools
  • Introduced through: nss-tools@3.16.2.3-5.el7
  • Fixed in: 0:3.18.0-2.2.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-tools@3.16.2.3-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-tools package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The nss and nss-util packages have been upgraded to upstream versions 3.18, and the nspr packages have been upgraded to upstream version 4.10.8. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 38 Extended Support Release. (BZ#1211371, BZ#1211372, BZ#1211373) Users of nss, nss-util, and nspr are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 nss-tools to version 0:3.18.0-2.2.el7_1 or higher.

References

low severity

RHBA-2015:0965

  • Vulnerable module: nss-util
  • Introduced through: nss-util@3.16.2.3-2.el7
  • Fixed in: 0:3.18.0-1.el7_1

Detailed paths

  • Introduced through: centos:7.1.1503@* nss-util@3.16.2.3-2.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-util package. See Remediation section below for Centos:7 relevant versions.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The nss and nss-util packages have been upgraded to upstream versions 3.18, and the nspr packages have been upgraded to upstream version 4.10.8. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 38 Extended Support Release. (BZ#1211371, BZ#1211372, BZ#1211373) Users of nss, nss-util, and nspr are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Remediation

Upgrade Centos:7 nss-util to version 0:3.18.0-1.el7_1 or higher.

References

low severity

RHSA-2016:2586

  • Vulnerable module: python
  • Introduced through: python@2.7.5-16.el7
  • Fixed in: 0:2.7.5-48.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later "import" statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python to version 0:2.7.5-48.el7 or higher.

low severity

RHSA-2016:2586

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-16.el7
  • Fixed in: 0:2.7.5-48.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* python-libs@2.7.5-16.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream python-libs package. See Remediation section below for Centos:7 relevant versions.

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later "import" statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 python-libs to version 0:2.7.5-48.el7 or higher.

low severity

RHSA-2018:3249

  • Vulnerable module: setup
  • Introduced through: setup@2.8.71-5.el7
  • Fixed in: 0:2.8.71-10.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* setup@2.8.71-5.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream setup package. See Remediation section below for Centos:7 relevant versions.

The setup package contains a set of important default system configuration and setup files. Examples include /etc/passwd, /etc/group, and /etc/profile. Other examples are the default lists of reserved user IDs, reserved ports, reserved protocols, allowed shells, allowed secure terminals. Security Fix(es): * setup: nologin listed in /etc/shells violates security expectations (CVE-2018-1113) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 setup to version 0:2.8.71-10.el7 or higher.

low severity

RHSA-2019:0201

  • Vulnerable module: systemd-libs
  • Introduced through: systemd-libs@208-20.el7
  • Fixed in: 0:219-62.el7_6.3

Detailed paths

  • Introduced through: centos:7.1.1503@* systemd-libs@208-20.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd-libs package. See Remediation section below for Centos:7 relevant versions.

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 (CVE-2019-3815) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 systemd-libs to version 0:219-62.el7_6.3 or higher.

low severity

RHSA-2020:4007

  • Vulnerable module: systemd-libs
  • Introduced through: systemd-libs@208-20.el7
  • Fixed in: 0:219-78.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* systemd-libs@208-20.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd-libs package. See Remediation section below for Centos:7 relevant versions.

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: memory leak in button_open() in login/logind-button.c when udev events are received (CVE-2019-20386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 systemd-libs to version 0:219-78.el7 or higher.

References

low severity

RHSA-2016:2605

  • Vulnerable module: util-linux
  • Introduced through: util-linux@2.23.2-21.el7
  • Fixed in: 0:2.23.2-33.el7

Detailed paths

  • Introduced through: centos:7.1.1503@* util-linux@2.23.2-21.el7

NVD Description

Note: Versions mentioned in the description apply to the upstream util-linux package. See Remediation section below for Centos:7 relevant versions.

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * It was found that util-linux's libblkid library did not properly handle Extended Boot Record (EBR) partitions when reading MS-DOS partition tables. An attacker with physical USB access to a protected machine could insert a storage device with a specially crafted partition table that could, for example, trigger an infinite loop in systemd-udevd, resulting in a denial of service on that machine. (CVE-2016-5011) Red Hat would like to thank Michael Gruhn for reporting this issue. Upstream acknowledges Christian Moch as the original reporter. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Remediation

Upgrade Centos:7 util-linux to version 0:2.23.2-33.el7 or higher.