Operating System:

[RedHat]

Published:

06 November 2019

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ESB-2019.4122 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.4122
      container-tools:rhel8 security, bug fix, and enhancement update
                              6 November 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           ontainer-tools
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 8
                   Red Hat Enterprise Linux WS/Desktop 8
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account            
                   Denial of Service               -- Existing Account            
                   Provide Misleading Information  -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-14378 CVE-2019-10214 

Reference:         ESB-2019.4105
                   ESB-2019.3973
                   ESB-2019.3968
                   ESB-2019.3927
                   ESB-2019.3900
                   ESB-2019.3944.2

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2019:3403

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: container-tools:rhel8 security, bug fix, and enhancement update
Advisory ID:       RHSA-2019:3403-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:3403
Issue date:        2019-11-05
CVE Names:         CVE-2019-10214 CVE-2019-14378 
=====================================================================

1. Summary:

An update for the container-tools:rhel8 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The container-tools module contains tools for working with containers,
notably podman, buildah, skopeo, and runc.

Security Fix(es):

* QEMU: slirp: heap buffer overflow during packet reassembly
(CVE-2019-14378)

* containers/image: not enforcing TLS when sending username+password
credentials to token servers leading to credential disclosure
(CVE-2019-10214)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1655211 - podman exec seems to assume console even if -ti is not used
1661597 - Under podman, python recompiles sources even if they are compiled in build time
1671023 - timeout not working with podman pull on rhel8 beta
1672581 - podman does not respect -q option while pulling an image
1674519 - Not able to create volumes using Dockerfile using podman
1677251 - AVC while running php container [x86_64 only]
1677264 - There is no certs.d directory for podman currently
1689255 - don't allow a container to connect to random services
1690514 - rootless unable to access subscription: non-root podman should read /usr/share/containers/mounts.conf
1691543 - rootless unable to access subscription: bad permissions on /usr/share/rhel/secrets
1692513 - unable to mount disk at `/var/lib/containers` via `systemd` unit when `container-selinux` policy installed
1693154 - Varlink subcommand is missing for podman in rhel-8.0
1693424 - rootless: cannot specify gid= mount options for unmapped gid in rootless containers
1707220 - Add event notifications (blocking cockpit-podman)
1719626 - podman exec rc-code needs to distinguish between stopped containers and non existing ones
1719994 - [8.1.0] Registries.conf not configured to search registry.access.redhat.com
1720646 - python-podman-api needs python-psutil at runtime
1720654 - rebase packages
1721247 - [rhel-8.1.0] build without the `no_openssl` buildtag
1721638 - Podman build segfaults on Dockerfiles with RUN instruction
1723879 - Performance Problems with Podman on systems with IO load
1728700 - Unable to install container-selinux 2.107
1730281 - podman leaks kernel memory due to return code stored in tmpfs
1731117 - podman exec leaks an exec_pid_<hash> file for every exec in tmpfs
1732508 - CVE-2019-10214 containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure
1734745 - CVE-2019-14378 QEMU: slirp: heap buffer overflow during packet reassembly
1734809 - Wrong AppStream ID
1737077 - after a podman rm --all, sometimes one cannot recreate a previously existing container
1739961 - cannot find "static" IPAM module and IPAM support for the host-device module
1740079 - race/corruption: podman failed to launch containers
1741157 - exit status from command run in container not forwarded to outside
1743685 - Regression: rootless: podman run --rm hangs

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.src.rpm
cockpit-podman-4-1.module+el8.1.0+4081+b29780af.src.rpm
container-selinux-2.107-2.module+el8.1.0+4081+b29780af.src.rpm
containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.src.rpm
fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.src.rpm
oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.src.rpm
oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.src.rpm
podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.src.rpm
python-podman-api-1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af.src.rpm
runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.src.rpm
skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.src.rpm
slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.src.rpm
toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.src.rpm

aarch64:
buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.aarch64.rpm
containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.aarch64.rpm
containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.aarch64.rpm
containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.aarch64.rpm
fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.aarch64.rpm
fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.aarch64.rpm
oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.aarch64.rpm
oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.aarch64.rpm
oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.aarch64.rpm
oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.aarch64.rpm
oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.aarch64.rpm
oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.aarch64.rpm
podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.aarch64.rpm
runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.aarch64.rpm
runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.aarch64.rpm
skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm
slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.aarch64.rpm
slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.aarch64.rpm
slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.aarch64.rpm
toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.aarch64.rpm

noarch:
cockpit-podman-4-1.module+el8.1.0+4081+b29780af.noarch.rpm
container-selinux-2.107-2.module+el8.1.0+4081+b29780af.noarch.rpm
podman-docker-1.4.2-5.module+el8.1.0+4240+893c1ab8.noarch.rpm
podman-manpages-1.4.2-5.module+el8.1.0+4240+893c1ab8.noarch.rpm
python-podman-api-1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af.noarch.rpm

ppc64le:
buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.ppc64le.rpm
containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.ppc64le.rpm
containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.ppc64le.rpm
containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.ppc64le.rpm
fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.ppc64le.rpm
fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.ppc64le.rpm
oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.ppc64le.rpm
oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.ppc64le.rpm
oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.ppc64le.rpm
oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.ppc64le.rpm
oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.ppc64le.rpm
oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.ppc64le.rpm
podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.ppc64le.rpm
runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.ppc64le.rpm
runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.ppc64le.rpm
skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm
slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.ppc64le.rpm
slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.ppc64le.rpm
slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.ppc64le.rpm
toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.ppc64le.rpm

s390x:
buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.s390x.rpm
containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.s390x.rpm
containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.s390x.rpm
containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.s390x.rpm
fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.s390x.rpm
fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.s390x.rpm
oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.s390x.rpm
oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.s390x.rpm
oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.s390x.rpm
oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.s390x.rpm
oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.s390x.rpm
oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.s390x.rpm
podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.s390x.rpm
runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.s390x.rpm
runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.s390x.rpm
skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm
slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.s390x.rpm
slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.s390x.rpm
slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.s390x.rpm
toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.s390x.rpm

x86_64:
buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpm
containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpm
containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpm
containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpm
fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpm
fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpm
oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpm
oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpm
oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpm
oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpm
oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpm
oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpm
podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpm
runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpm
runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpm
skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm
slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpm
slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpm
slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpm
toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-10214
https://access.redhat.com/security/cve/CVE-2019-14378
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXcHqpdzjgjWX9erEAQgWdhAAiIp2qMGDNdBjAveysGwYsamOPmUQLpek
NxLzZEE4g9c1Xp8dmetUB51n11vP8UPpXM7ALUlY4zD548JruMrs4FYuxYVFYQcn
YWZR05g3S/qHT3SrcbubkibtW5kICOEK9/2HK5RIbrCIAAQWTEBd0vSpDlboaYLU
lu/rw+1h2yNl4Hr89DCyB/x/4XrItU8MzUbBDxLBT8ReF7vf6NmiKuNmQ6tecilO
3DvP40I/sepXWwbCYNJvnV7Tst31U45D4/TQoIhwBnvM4Cd3zvAQ9Z+K5Jbk5tCp
pNN7RmVfy8L6oKH2QRku34ieLhi0Za4PW4p6h8xl0mL2VJv8Tyvot0BL1Va8yJTp
8v3dUWFU+ONXlmKK1sf3Pmw11kn5D9Pa6xVzRL0YjXveE6Gs3Q0wHE+fHTMRtJIj
4fkiJTcAEAFGvetH6YwoHDTI3+hnCg3XcpLctFFU5xB2jiYDa48qmEQwUzsiCknK
Ja6zkEo2yvam2YU9QZk3F5IxNq812O0VEkP0PKb3FxNmzmFEX0VyZ1ZwJsAdunny
xCnp5qvQTnptLs11XytQKP7bOERqzsNCTQGBGGf9G3beA44XOJAOgmLOh7T5PUpU
2THkTPPU8bFJSA9kOvhh926kg1hGjqk1Z6ixSHtGNXlZn0x0FWrK00ZbSEQuqhHg
lSo2gYaJ4CE=
=3uAc
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXcI5RWaOgq3Tt24GAQjsaA//XiCBKhQUxcpdWzxTewTBkzhS43A8kgYk
CnMmaKR24Ktr+8ZGYd2f38UbXhcCR1u7ZwMd2+57d65JK+beQMCA57sJyiXJSe2o
KIlm2fax8o4n0c1cKLobEBtDQqzTEcrmK9d+yVBJBxqMNEh7X+c9ttt4MV7+RuSt
XHS5IoaiQxAPhwk7HWRLmPtmldYmsIg++zubiJU6q48FSO+z2MPBjV+MzrjxSk60
LbU6AYGMq2HfCAJ3eJZEHdchokhd0qfHU/RpzxLH+KIV2LqZeoR00g98DzhWdq8/
p/Sn471XhbijckuLBhQqeoz17RIgd7Ue2W5nlLqPJfZdO6Qfb4JqGxTXcNCR+JUU
RbFnqr/e/tUioCAHUpFO6HxB1lvjo5cB0oKhQEVOht7y5qmnlW02NYUFzIar+Vrr
tCyqn+h4Qs0qcQjJy8tngA9FVvP7XD0QGXEvgreUhm8OOqQZ0D+hi5iOT4WOE4Ep
heik6gSZQi2PlC9Mp4wqxQlPo1CXEK4dG1NjxeITJYUcdwEK1XqvR4scCEowUieP
C/4Koc0R+vbEKF6Dv5zYw769ACH5NgUzXuUy3RfO1VStCMOTw23BUaBOa4kMEvAO
gwQ0KnehghDewJlvdLYar4vAQ/Z+l7QpthzN430ivYYW+TF5KYpWwNFt4p1NYRzO
HLpdKD8F8A0=
=s9J3
-----END PGP SIGNATURE-----