From security em unicamp.br Tue Aug 25 10:51:49 2020 From: security em unicamp.br (CSIRT Unicamp) Date: Tue, 25 Aug 2020 10:51:49 -0300 Subject: [SECURITY-L] [RHSA-2020:3548-01] Important: kernel security and bug fix update In-Reply-To: <202008251336.07PDaPIL003825@lists01.pubmisc.prod.ext.phx2.redhat.com> References: <202008251336.07PDaPIL003825@lists01.pubmisc.prod.ext.phx2.redhat.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2020:3548-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3548 Issue date: 2020-08-25 CVE Names: CVE-2017-2647 CVE-2019-14896 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Null pointer dereference in search_keyring (CVE-2017-2647) * kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c (CVE-2019-14896) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Crash in mptscsih_io_done() due to buffer overrun in sense_buf_pool (BZ#1824907) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1428353 - CVE-2017-2647 kernel: Null pointer dereference in search_keyring 1774875 - CVE-2019-14896 kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-754.33.1.el6.src.rpm i386: kernel-2.6.32-754.33.1.el6.i686.rpm kernel-debug-2.6.32-754.33.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm kernel-devel-2.6.32-754.33.1.el6.i686.rpm kernel-headers-2.6.32-754.33.1.el6.i686.rpm perf-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.33.1.el6.noarch.rpm kernel-doc-2.6.32-754.33.1.el6.noarch.rpm kernel-firmware-2.6.32-754.33.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.33.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.33.1.el6.x86_64.rpm kernel-devel-2.6.32-754.33.1.el6.x86_64.rpm kernel-headers-2.6.32-754.33.1.el6.x86_64.rpm perf-2.6.32-754.33.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.33.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm python-perf-2.6.32-754.33.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-754.33.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-754.33.1.el6.noarch.rpm kernel-doc-2.6.32-754.33.1.el6.noarch.rpm kernel-firmware-2.6.32-754.33.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.33.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.33.1.el6.x86_64.rpm kernel-devel-2.6.32-754.33.1.el6.x86_64.rpm kernel-headers-2.6.32-754.33.1.el6.x86_64.rpm perf-2.6.32-754.33.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.33.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm python-perf-2.6.32-754.33.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-754.33.1.el6.src.rpm i386: kernel-2.6.32-754.33.1.el6.i686.rpm kernel-debug-2.6.32-754.33.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm kernel-devel-2.6.32-754.33.1.el6.i686.rpm kernel-headers-2.6.32-754.33.1.el6.i686.rpm perf-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.33.1.el6.noarch.rpm kernel-doc-2.6.32-754.33.1.el6.noarch.rpm kernel-firmware-2.6.32-754.33.1.el6.noarch.rpm ppc64: kernel-2.6.32-754.33.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-754.33.1.el6.ppc64.rpm kernel-debug-2.6.32-754.33.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-754.33.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.33.1.el6.ppc64.rpm kernel-devel-2.6.32-754.33.1.el6.ppc64.rpm kernel-headers-2.6.32-754.33.1.el6.ppc64.rpm perf-2.6.32-754.33.1.el6.ppc64.rpm perf-debuginfo-2.6.32-754.33.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.ppc64.rpm s390x: kernel-2.6.32-754.33.1.el6.s390x.rpm kernel-debug-2.6.32-754.33.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.s390x.rpm kernel-debug-devel-2.6.32-754.33.1.el6.s390x.rpm kernel-debuginfo-2.6.32-754.33.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.33.1.el6.s390x.rpm kernel-devel-2.6.32-754.33.1.el6.s390x.rpm kernel-headers-2.6.32-754.33.1.el6.s390x.rpm kernel-kdump-2.6.32-754.33.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.33.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-754.33.1.el6.s390x.rpm perf-2.6.32-754.33.1.el6.s390x.rpm perf-debuginfo-2.6.32-754.33.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.s390x.rpm x86_64: kernel-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.33.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.33.1.el6.x86_64.rpm kernel-devel-2.6.32-754.33.1.el6.x86_64.rpm kernel-headers-2.6.32-754.33.1.el6.x86_64.rpm perf-2.6.32-754.33.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-754.33.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.33.1.el6.ppc64.rpm perf-debuginfo-2.6.32-754.33.1.el6.ppc64.rpm python-perf-2.6.32-754.33.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-754.33.1.el6.s390x.rpm kernel-debuginfo-2.6.32-754.33.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.33.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.33.1.el6.s390x.rpm perf-debuginfo-2.6.32-754.33.1.el6.s390x.rpm python-perf-2.6.32-754.33.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.33.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm python-perf-2.6.32-754.33.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-754.33.1.el6.src.rpm i386: kernel-2.6.32-754.33.1.el6.i686.rpm kernel-debug-2.6.32-754.33.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm kernel-devel-2.6.32-754.33.1.el6.i686.rpm kernel-headers-2.6.32-754.33.1.el6.i686.rpm perf-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.33.1.el6.noarch.rpm kernel-doc-2.6.32-754.33.1.el6.noarch.rpm kernel-firmware-2.6.32-754.33.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.33.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.33.1.el6.x86_64.rpm kernel-devel-2.6.32-754.33.1.el6.x86_64.rpm kernel-headers-2.6.32-754.33.1.el6.x86_64.rpm perf-2.6.32-754.33.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.33.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.33.1.el6.i686.rpm perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm python-perf-2.6.32-754.33.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.33.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm python-perf-2.6.32-754.33.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.33.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2647 https://access.redhat.com/security/cve/CVE-2019-14896 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX0UT09zjgjWX9erEAQgssA/9GA0D0zli3azG4ozHjrrpFjoUcJDfSj7J kAgQw6IJomdoheQWP2aHaERNWIx9vA4MYDNQYfi0EJb49SVZB4sJ6c+45s1fHD6c DNoIcTfiykFdsWL3ZLAEF1AKISovSW2halz3EWLC63twuicWrxRQ3lkWheMJI0yl zNHj5oVyyGlrK4uRnkWntOLUhjpnSGtiFC7EGl2A15fRJrwATJSU6gNXnrgv9FxV T+di9g5bj7hZFBZIECY4mnYii6b/AqmgsSbaGSSDooVc+R+1txHqHgDh1/kH6k7i suXrVB5Tjq32QbuGax6e5Xf2qp42dGdpIJtXuxrJZXVtaxfrSggMacwnpXiUsaQH Aa69O9GtzaZJ9zSccK50nMz/d+TrNO9Vg5pGB51Rj5d55LbotAEkvJw1AM08ZIli j5hutPuS6rWxOprYduNjAeahOF1jBE7T+CZjrYGMm/ZfBI6ZjtlvjcxJLVlvAKd+ 5ZZf2VjxIlSFbfxoOFpzN388bKMu1BMxKZNOgwkAfHBuuv5+9iXPiYwlG6Htdj4G N2jMyfSB3t1osvLUzx13/6ruc3SQRjoMcMHrEGHLCH5U/pv3nST5iu/LEBfUhshV zY77vI3PCayrqu2dzDUoHTAxvInNd5siXrDDGBWfwNQ5kgVR90bSSh6A7wIUxZsA B5UzBKOxvVA= =4uNs -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce em redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: From security em unicamp.br Thu Aug 27 13:09:08 2020 From: security em unicamp.br (CSIRT Unicamp) Date: Thu, 27 Aug 2020 13:09:08 -0300 Subject: [SECURITY-L] [RHSA-2020:3574-01] Critical: CloudForms 4.7.16 security, bug fix and enhancement update In-Reply-To: <202008271603.07RG3MXP028234@lists01.pubmisc.prod.ext.phx2.redhat.com> References: <202008271603.07RG3MXP028234@lists01.pubmisc.prod.ext.phx2.redhat.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Critical: CloudForms 4.7.16 security, bug fix and enhancement update Advisory ID: RHSA-2020:3574-01 Product: Red Hat CloudForms Advisory URL: https://access.redhat.com/errata/RHSA-2020:3574 Issue date: 2020-08-27 Cross references: RHSA-2020:0589 CVE Names: CVE-2020-10778 CVE-2020-10783 CVE-2020-14324 CVE-2020-14325 ===================================================================== 1. Summary: An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: CloudForms Management Engine 5.10 - x86_64 3. Description: Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components. Security Fix(es): * cfme: CloudForms: Out-of-band OS Command Injection through conversion host (CVE-2020-14324) * cfme-appliance: CloudForms: User Impersonation in the API for OIDC and SAML (CVE-2020-14325) * cfme-gemset: CloudForms: Business logic bypass through widgets (CVE-2020-10778) * cfme-gemset: CloudForms: Missing access control leads to escalation of admin group privileges (CVE-2020-10783) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: This update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 If the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1811145 - When using advanced search by field custom attributes the ui remains unresponsive after presenting results 1847628 - CVE-2020-10778 CloudForms: Business logic bypass through widgets 1847811 - CVE-2020-10783 CloudForms: Missing access control leads to escalation of admin group privileges 1855713 - CVE-2020-14324 CloudForms: Out-of-band OS Command Injection through conversion host 1855739 - CVE-2020-14325 CloudForms: User Impersonation in the API for OIDC and SAML 6. Package List: CloudForms Management Engine 5.10: Source: cfme-5.10.16.0-1.el7cf.src.rpm cfme-amazon-smartstate-5.10.16.0-1.el7cf.src.rpm cfme-appliance-5.10.16.0-1.el7cf.src.rpm cfme-gemset-5.10.16.0-1.el7cf.src.rpm x86_64: cfme-5.10.16.0-1.el7cf.x86_64.rpm cfme-amazon-smartstate-5.10.16.0-1.el7cf.x86_64.rpm cfme-appliance-5.10.16.0-1.el7cf.x86_64.rpm cfme-appliance-common-5.10.16.0-1.el7cf.x86_64.rpm cfme-appliance-debuginfo-5.10.16.0-1.el7cf.x86_64.rpm cfme-appliance-tools-5.10.16.0-1.el7cf.x86_64.rpm cfme-debuginfo-5.10.16.0-1.el7cf.x86_64.rpm cfme-gemset-5.10.16.0-1.el7cf.x86_64.rpm cfme-gemset-debuginfo-5.10.16.0-1.el7cf.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10778 https://access.redhat.com/security/cve/CVE-2020-10783 https://access.redhat.com/security/cve/CVE-2020-14324 https://access.redhat.com/security/cve/CVE-2020-14325 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.7/html/release_notes 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX0fZRtzjgjWX9erEAQgWJg/9Gpha2H67b+cW0YY4XqdJGQleN2Cs2eWY s019vyVuTI9gnzcvWXuf3BblKYqHz7NphXVlMGF/dSy0tZYcr356gPo88rJ3BxcO i1jB1JXgj/zRW3EtAcbX1hGLcqJOt3b6XY4MdP4ajGXSNLZSL+Ltcaiek3oCDlSf NsPdx3Qe3WLRyEY8+YdT0aoCpO1FbuH8NTvumwEumC1PJ97pLF9yOXbYnjkz5+Be AV06PybNmEpLike24xwbznVq+Gzm0V8CVqHKYNmYKsjCBmnRHqUrJhdwdSsndzzt iqvVOgbeEdTk8RaeFWNRH1B8k+ijdVixau39tLLCYClSRMl6yZvLMeUZArx+2Gy9 p2+DUGsmERAX4VfYusgdkNBNvh0FPfViFQmldEQjK+F4gC9hZ3O0rNkUjQ7CZN4X 8Qn0GlISt5rPdx/21pXpGyXBpZr7V/dr5zkws43NIsBfBH2cpRDj7zm5HD96DiXE rCugj+9CBRQb2iktaIpqAgXulLsD6/RbZFnNtUww36T3scOxFpvGeWwCiiLgwBZG 5TRpTEfMnPq7ZyDiGOColTP45kqizdkBa8hLHEfwCs9jDPNsyzRurf/oqHxT0Qeo IUpd8QXVlLh4dKfJ3EsWH+b0kGhQqJkXbBXcAv1fs5ajTKwem64cN0mb3TuVF4mt 1paBG39o79w= =6IVQ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce em redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: