Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.3868.3 kernel-rt security and bug fix update 24 October 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel-rt Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux Server 7 Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-10126 CVE-2019-9506 CVE-2019-3846 CVE-2018-20856 Reference: ASB-2019.0238 ESB-2019.3846 ESB-2019.3835 ESB-2019.3817 Original Bulletin: https://access.redhat.com/errata/RHSA-2019:3089 https://access.redhat.com/errata/RHSA-2019:3165 https://access.redhat.com/errata/RHSA-2019:3187 Comment: This bulletin contains three (3) Red Hat security advisories. Revision History: October 24 2019: Added RHSA-2019:3187-01 October 23 2019: Added RHSA-2019:3165-01 October 17 2019: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2019:3089-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3089 Issue date: 2019-10-16 CVE Names: CVE-2018-20856 CVE-2019-3846 CVE-2019-9506 CVE-2019-10126 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856) * kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846) * hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506) * kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) 1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c 1748570 - kernel-rt: update to the RHEL7.7.z batch#2 source tree 6. Package List: Red Hat Enterprise Linux for Real Time for NFV (v. 7): Source: kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.src.rpm noarch: kernel-rt-doc-3.10.0-1062.4.1.rt56.1027.el7.noarch.rpm x86_64: kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debug-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debug-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debug-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-trace-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-trace-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-trace-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm Red Hat Enterprise Linux Realtime (v. 7): Source: kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.src.rpm noarch: kernel-rt-doc-3.10.0-1062.4.1.rt56.1027.el7.noarch.rpm x86_64: kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debug-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-trace-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-20856 https://access.redhat.com/security/cve/CVE-2019-3846 https://access.redhat.com/security/cve/CVE-2019-9506 https://access.redhat.com/security/cve/CVE-2019-10126 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXabNldzjgjWX9erEAQjy9A/9E8bMomtPb4CmI8OJqPL4+QHJ+f5XBrQ4 d0QuOQGlV+8scyXuyn1ImR7tpNdM/6oL6jps/kYsHpmXCpyTvjrnlRK50gXne8jj ys9Wi3zNNGT+B6OG6F9+Z9ITqTMe0CB3xGP3XGVMpxOHYl752tdySQZ4I4SCxUH4 53OMOkDMVx0aSlUn6Vi2hrvNEkdP5s1LYFtR1ecg6bTCO5iJcnGUUQpea9JlZ5IQ ZcHG7TGmBBHAcVatrMAxabWuiTqxKmRuouhj2UKew/tymIX7ifgILZZUKV0shM9j QPsnGT9jcXmeE6dsYJHdLx+F60fioCKxCJEl+j9oYOob1c/0og86YGFfebQ6o51E Xuum5Zi4AAPnAG1x0ObdOX5IM0BXDKeFCa4WMYs5tPgM2UY4iPH5K6xIZBmuhDrT lUkmHhYChViC0ZCiFicnifdznvmKugkT+3Yn+0nAhiPqf8o2ACinXVbUtdaj77qu i3rLXpcAmghwOyb2waxmd3Y/a6wxlZKxnTuoHv1pvcV4ta4Bj+41C1exhwB415vH SXwF1knzHO2uri3noEETvv0999HNNLi4ub2tg5AjkOAZuh43UMPNnZ743E+IGmDm ik/giocJ3hJ4DrtApt4SScabNThDauiKZVyzgMTOKIVyyJeZ8HBkfsED59TRAn4d 5Ftkuf6Wd0I= =OmnK - -----END PGP SIGNATURE----- ============================================================================== - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2019:3165-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://access.redhat.com/errata/RHSA-2019:3165 Issue date: 2019-10-22 CVE Names: CVE-2019-9506 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) 1751263 - update the MRG 2.5.z 3.10 realtime-kernel sources 6. Package List: Red Hat MRG Realtime for RHEL 6 Server v.2: Source: kernel-rt-3.10.0-693.60.1.rt56.654.el6rt.src.rpm noarch: kernel-rt-doc-3.10.0-693.60.1.rt56.654.el6rt.noarch.rpm kernel-rt-firmware-3.10.0-693.60.1.rt56.654.el6rt.noarch.rpm x86_64: kernel-rt-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-debug-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-debug-devel-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-debuginfo-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-devel-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-trace-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-trace-devel-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-vanilla-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-vanilla-debuginfo-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm kernel-rt-vanilla-devel-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-9506 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXa7VBtzjgjWX9erEAQjJBA//Xauxn1HVrmCHbbdWMTElCcdI0zatQeBu t0yFLeMjxqKL0cdBbVWPPpbnM/IL48VMKPNVnYVWdVgvsRJrvVzANYIEKTZZOnHm Wy95HJL0vZSUjti6QlRkhrzaN8X9RBXdCXJjfNcPxnvbd2kh6rXbhKnn7y5Lgn9j bDRPZzSy6EUAcTl9BT8pbsT3ZIfy1F7OOJ8mVat0FXIjN3w1y9Fl4i4x2D1IW5H/ jC/eLBjPgHZhp0FW0ZwAQJTKuBIH2zof92/Eh70r+RkIt783i8Wlj4J3CDK6Ie9+ YuhDVVSipttcj6WkP3t8C5gO6SsJydqZJxERhsPpCzMhmdUQ3regbbDt7KF+Qlau C1lNaIUZttmc7WCg/6sCVOxpqrNyS5RregApNssbztDyMDBGCosxa/+NgUe9hr5O HBLenCyPj4GPbl4XyKR8QdUJ+x+BK5k4oRPLSijDBBa5maqAhMmFT7pTDxQ6vkfz /sHaK6+JNPW/PNEaK3GUkrLqg1q7jRU6QCw0bglSzGaD+vQsK9G9ZFVW2qMwm+ZY dDScxA/PcLDsL1y7lUXjIKfEK99thm/D1xNO+lDksxuU4F5LrnXEEnJDjhIKZtbl SGIrSzVaJiXZNFmxGMVdksNs1Kk57/too7jG7shGVK+EF1TFlmefayECTKdlWDeE ZFYaE1SZHDo= =/aFa - -----END PGP SIGNATURE----- ============================================================================== - ----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:3187-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3187 Issue date: 2019-10-23 CVE Names: CVE-2019-9506 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Fix possible Spectre-v1 bugs in wireless code (BZ#1706696) * powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745436) * powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745438) * ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745446) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.4): Source: kernel-3.10.0-693.60.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.4): Source: kernel-3.10.0-693.60.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm ppc64le: kernel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm perf-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.4): Source: kernel-3.10.0-693.60.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.4): x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.4): ppc64le: kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.4): x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-9506 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E KceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL A2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e Lbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl 1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA rx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak xg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT lQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo 3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8 zOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn RNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy Vdo262+aA6k= =FkCN - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXbDi92aOgq3Tt24GAQiGAhAApSkjErw8AtU+7+9BTt+cmyp2HKYOf8kk +OFSC45RkkLYdVFXcS1ld1LAMSrY2QEaKWRIfSnURlTV6XJtmKseNYCV8gi1+cJI oQujTKxBOMpAd33ZsCnL/+sjr3VdQjIr0E+0uocDWPngcWGpKBPOh9pGbqGHlJJz roPTQb5X6LKkR+kRdbNLbFBLLlTELUabNxOiMWvNvIUtmHGy8HNUqsAcy+79dwAJ dzcxPQX4dd+oBUgqn3AuBR0nWs6048pMpB2aSUFvxKtH51Jct+h7xnCaVHkk92AU pQkOZsUxrql3+c3vNvE1kUigDCssySsfvS3Bla0OlrhWsNOrm/7GrsVZJTHIxyN7 8rvnHZM9OPKum3sAEYZvGoiGCUJOj2uYdriqRmCNSMg5hdFjxp+o3ljnSosX/lf7 0CgwTOfaF4u6LUB5KQPtuzBMaqFnW4KnYQLSvz1K9G0TSNq89qUvYkLUjcRLWyWY tyXyPtWUpE2FVjHqAepIjpe6KSe/+sghuJpzlIe1zsfq2WaXwmqTh5YXp5AHmEyd o7ktSHPhyiqWShNyse8/NU5OmDAwcJGykzLRHasenA2Dy94hez+R5Dx0AydfEJ4w ebObBf9H/bi63gG5LkdZ1OQL1xc/z6VPw8dypaTQqV3G4WJ1uVEFfiSMx8cMEiZC 6SP6Enw1V9k= =ece3 -----END PGP SIGNATURE-----