Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.1119 OpenShift Container Platform 4.7.5 security and bug fix update 6 April 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: OpenShift Container Platform Publisher: Red Hat Operating System: Red Hat Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-20206 CVE-2021-3121 Reference: ESB-2021.0864 Original Bulletin: https://access.redhat.com/errata/RHSA-2021:1005 https://access.redhat.com/errata/RHSA-2021:1006 https://access.redhat.com/errata/RHSA-2021:1007 Comment: This bulletin contains three (3) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.7.5 security and bug fix update Advisory ID: RHSA-2021:1005-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:1005 Issue date: 2021-04-05 CVE Names: CVE-2021-3121 CVE-2021-20206 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.7.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.5. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2021:1006 All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - - -minor Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: This update also fixes several bugs. Documentation for these changes is available from the Release Notes document linked to in the References section. You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.20-x86_64 The image digest is sha256:0a4c44daf1666f069258aa983a66afa2f3998b78ced79faa6174e0a0f438f0a5 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.20-s390x The image digest is sha256:3fc802aafb72402768bbf1b19ce7c6de95256e5cc50799390e63f40d96cec3cd (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.20-ppc64le The image digest is sha256:5cf6b61198337cd0950e63296be4e48e991721ac17c625f7fd77cf557f08efc7 3. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - - -cli.html. 4. Bugs fixed (https://bugzilla.redhat.com/): 1917904 - [release-4.7] bump k8s.io/apiserver to 1.20.3 1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1925792 - "Edit Annotation" are not correctly translated in Chinese 1927198 - [e2e][automation] Fix pvc string in pvc.view 1927311 - Performance: Console makes unnecessary requests for en-US messages on load 1927953 - [sig-network-edge][Conformance][Area:Networking][Feature:Router] The HAProxy router should be able to connect to a service that is idled because a GET on the route will unidle it 1928151 - Manually misspelled as Manualy 1928614 - NTO may fail to disable stalld when relying on Tuned '[service]' plugin 1929118 - Update plugins and Jenkins version to prepare openshift-sync-plugin 1.0.46 release 1929246 - Missing info for Operational Status, Provisioning status, BMC, Hostname, ID for BMH for OCP deployed with assisted installer 1929674 - [sig-network] pods should successfully create sandboxes by getting pod 1931382 - Pipelines shown in edit flow for Workloads created via ContainerImage flow 1931520 - multicast traffic is not working on ovn-kubernetes 1931622 - LoadBalancer service check test fails during vsphere upgrade 1931856 - ServiceAccount Registry Authfiles Do Not Contain Entries for Public Hostnames 1932268 - ovn-kubernetes endpoint slice controller doesn't run on CI jobs 1932272 - Items marked as mandatory in KMS Provider form are not enforced 1932277 - Create new pool with arbiter - wrong replica 1932806 - release-4.7: e2e: test OAuth API connections in the tests by that name 1933205 - /usr/lib/dracut/modules.d/30ignition/ignition --version sigsev 1933665 - Getting Forbidden for image in a container template when creating a sample app 1934442 - [release-4.7] Gather info about unhealthy SAP pods 1935070 - (release-4.7) Extend OLM operator gatherer to include Operator/ClusterServiceVersion conditions 1935180 - [4.7z] IGMP/MLD packets being dropped 1935605 - [Backport 4.7] Add memory and uptime metadata to IO archive 1935672 - pipelinerun status icon rendering issue 1935707 - test: Detect when the master pool is still updating after upgrade 1936337 - console operator panics in DefaultDeployment with nil cm 1936802 - (release-4.7) Authentication log gatherer shouldn't scan all the pod logs in the openshift-authentication namespace 1936975 - VSphereProblemDetectorControllerDegraded: context canceled during upgrade to 4.7.0 1937089 - cluster DNS experiencing disruptions during cluster upgrade in insights cluster 1937214 - Ingress operator performs spurious updates in response to API's defaulting of NodePort service's clusterIPs field 1937356 - Incorrect imagestream is shown as selected in knative service container image edit flow 1937375 - [release-4.7] When deploying the operator via OLM (after creating the respective catalogsource), the deployment "lost" the `resources` section. 1938316 - [sig-instrumentation][Late] Alerts shouldn't report any alerts in firing state apart from Watchdog and AlertmanagerReceiversNotConfigured: Prometheus query error 1938921 - Router HAProxy config file template is slow to render due to repetitive regex compilations 1938960 - Permissive Egress NetworkPolicy (0.0.0.0/0) is blocking all traffic 1939061 - [release-4.7] Sap license management logs gatherer 4.7 1939199 - move to go 1.15 and registry.ci.openshift.org 1939608 - FilterToolbar component does not handle 'null' value for 'rowFilters' prop 1940052 - Not all image pulls within OpenShift builds retry 1940806 - [4.7z] CNO: nodes and masters are upgrading simultaneously 1940866 - Add BareMetalPlatformType into e2e upgrade service unsupported list 1941128 - fix co upgradeableFalse status and reason 1941217 - Bare-metal operator is firing for ClusterOperatorDown for 15m during 4.6 to 4.7 upgrade 1941246 - Openshift-apiserver CO unavailable during cluster upgrade from 4.6 to 4.7 1941367 - The containerruntimecontroller doesn't roll back to CR-1 if we delete CR-2 1941468 - (release-4.7) 'More about Insights' link points to support link 1941574 - [sig-network-edge][Conformance][Area:Networking][Feature:Router] The HAProxy router should be able to connect to a service that is idled because a GET on the route will unidle it [Suite:openshift/conformance/parallel/minimal] 1942059 - `oc adm catalog mirror` doesn't work for the air-gapped cluster 1942068 - [release-4.7] Gahter datahubs.installers.datahub.sap.com resources from SAP clusters 1943310 - [SCALE] enable OVN DB memory trimming on compaction 5. References: https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/cve/CVE-2021-20206 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYGsbdtzjgjWX9erEAQi9Jg//XinGV4VTRIg1jiwdm/c5YjRoEZYln/VI ITJC7jjMO9TUyuV6WUbllthmxY7uMP/YX0LC6YyC6+7MECUta0sOqN37O2RIFdyV VQFEzGlpNEIRIUUWM16ZCGX7om5RNFWXtBrya9/oYxNR5ftQr3MY1sO77xCE2tfs ij0WXVMX+5V0RX2SCy5USSNTWW8ZPk8EasR3yv/rw6jeVo+AnW99plSg8lrHNlWk Zwo6BlRkO7HGt4gkD+ECBMdKm8ND4ZUx7pcKophVRueNAsFk1M2UCpQC+WpQmXXF 1HNhwCR31HNc5lkR7nfgTDKQRsyzD1N5O4UTdmh1bnMFsgcGE37NX0dmysKPUYuh DUuI3qc85PfkNb3/9vJvyo+r79/D5s8xsFYbHAXqYlbdeKKS13ztSsxirhwWsZ7x jwX+UbKrt/PKTVZyyq80VPVeZvLhl/Jq8lJ9BaYEp6BROKqS6lpie7wLayZTxSWS tCuxO0zoye/HkOzkaWLc9tygVzdJZ/aaDxtMJ+B/nghsv7w+w5/CS9RCqJiFPAz+ t9BkXKWFcqD+fpzjCmSYi4FgG3sFEeSQDIfZlm0+QyVp88tp6Xf96trYqTYdvh7e 1/dn8Wc5zN29Lv7nl5w+Mb+91cZweKQ6a8XbcZGu3v8t0Xs48u0DcYLImvqI7H+4 6Lr59pNFewo= =qhQn - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.7.5 security and bug fix update Advisory ID: RHSA-2021:1006-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:1006 Issue date: 2021-04-05 CVE Names: CVE-2021-3121 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.7.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 4.7 - noarch, ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.5. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2021:1005 All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - - -minor Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Placeholder bug for OCP 4.7.0 rpm release (BZ#1944016) 4. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - - -cli.html. 5. Bugs fixed (https://bugzilla.redhat.com/): 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1944016 - Placeholder bug for OCP 4.7.0 rpm release 6. Package List: Red Hat OpenShift Container Platform 4.7: Source: cri-o-1.20.2-4.rhaos4.7.gitd5a999a.el7.src.rpm openshift-clients-4.7.0-202103251046.p0.git.3957.c4da68b.el7.src.rpm x86_64: cri-o-1.20.2-4.rhaos4.7.gitd5a999a.el7.x86_64.rpm cri-o-debuginfo-1.20.2-4.rhaos4.7.gitd5a999a.el7.x86_64.rpm openshift-clients-4.7.0-202103251046.p0.git.3957.c4da68b.el7.x86_64.rpm openshift-clients-redistributable-4.7.0-202103251046.p0.git.3957.c4da68b.el7.x86_64.rpm Red Hat OpenShift Container Platform 4.7: Source: cri-o-1.20.2-4.rhaos4.7.gitd5a999a.el8.src.rpm jenkins-2-plugins-4.7.1616671397-1.el8.src.rpm openshift-clients-4.7.0-202103251046.p0.git.3957.c4da68b.el8.src.rpm openshift-kuryr-4.7.0-202103241948.p0.git.2504.add19d0.el8.src.rpm noarch: jenkins-2-plugins-4.7.1616671397-1.el8.noarch.rpm openshift-kuryr-cni-4.7.0-202103241948.p0.git.2504.add19d0.el8.noarch.rpm openshift-kuryr-common-4.7.0-202103241948.p0.git.2504.add19d0.el8.noarch.rpm openshift-kuryr-controller-4.7.0-202103241948.p0.git.2504.add19d0.el8.noarch.rpm python3-kuryr-kubernetes-4.7.0-202103241948.p0.git.2504.add19d0.el8.noarch.rpm ppc64le: cri-o-1.20.2-4.rhaos4.7.gitd5a999a.el8.ppc64le.rpm cri-o-debuginfo-1.20.2-4.rhaos4.7.gitd5a999a.el8.ppc64le.rpm cri-o-debugsource-1.20.2-4.rhaos4.7.gitd5a999a.el8.ppc64le.rpm openshift-clients-4.7.0-202103251046.p0.git.3957.c4da68b.el8.ppc64le.rpm s390x: cri-o-1.20.2-4.rhaos4.7.gitd5a999a.el8.s390x.rpm cri-o-debuginfo-1.20.2-4.rhaos4.7.gitd5a999a.el8.s390x.rpm cri-o-debugsource-1.20.2-4.rhaos4.7.gitd5a999a.el8.s390x.rpm openshift-clients-4.7.0-202103251046.p0.git.3957.c4da68b.el8.s390x.rpm x86_64: cri-o-1.20.2-4.rhaos4.7.gitd5a999a.el8.x86_64.rpm cri-o-debuginfo-1.20.2-4.rhaos4.7.gitd5a999a.el8.x86_64.rpm cri-o-debugsource-1.20.2-4.rhaos4.7.gitd5a999a.el8.x86_64.rpm openshift-clients-4.7.0-202103251046.p0.git.3957.c4da68b.el8.x86_64.rpm openshift-clients-redistributable-4.7.0-202103251046.p0.git.3957.c4da68b.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYGsOGtzjgjWX9erEAQixdhAAmllM77oEiNgImUhnrM3vqyccZxwaK2G6 tRCpT++vM5tU69NfsoeOJK2KUsurDrtbFo/2O+BSLE8Bf6LrzVGWQCMZ0cafa8+W tfksvIzxzVsIZr8pLtDcMNdGYFCc1h23BVpsBxra9K/qVRyU2Fi8sQq5h563ivk+ mm+MLB1fZjduUPzUAWF+SbqwzVZHSMRwlVAlKlbIevlPF1W8TDT4tgxBeH8y24o6 33Julgpn9f+idILwMhQcfRvOGQhH+K1fZA2kl5b6lYRFJAxwOdvTG4WcIsksflJn IlMPci2vtSixD8fNJjplc0rzXke0WkBqBYl8S2pFb2vbsiOZeHt+tdZD362ScNm0 dC+tAlUFRzbiU23NjW5Kld3cfebNR29ZCK82jCKj/HIYRmtyuduWKYCDQu/0bNiW 5yGFQvwT904KBkdbYaTU+8wK1Hxa9cUMQ0BtcKM/HLS7mC8I7NiO7U/E7ZlG7flu g/f2SK6oNhdu7EJXWxxcKMZU3jknZV8mBQ/CH1ptY3HR8zxLjUJLYwQJX6kVm7bG X9FegW7OlPhAPwu2FPQkK+1rbHtHwsjjviASdXlEENwN8DOb3NYqmBbIxUEBH41H GsYcBXS4QAZRI+xZf8MqBG3VYLYnunBwEMpG+Yj7EC8I25QdnbqEOG2Oe5jXmGRX V41FtdhcGbE= =obC8 - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.7.5 security and bug fix update Advisory ID: RHSA-2021:1007-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:1007 Issue date: 2021-04-05 CVE Names: CVE-2021-3121 CVE-2021-20206 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.7.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.5. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2021:1005 All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - - -minor Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Reports that has specified a retention should not be requeued in the sync handler (BZ#1929042) * Placeholder bug for OCP 4.7.0 extras release (BZ#1944017) 3. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - - -cli.html. 4. Bugs fixed (https://bugzilla.redhat.com/): 1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1929042 - Reports that has specified a retention should not be requeued in the sync handler 1944017 - Placeholder bug for OCP 4.7.0 extras release 5. References: https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/cve/CVE-2021-20206 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYGsVPNzjgjWX9erEAQjXtw//T+/BE8eBBrC3kjDoEBJHhbFhvShKcEDD t25QlukfATNTyZ4BwTlzmPtxGt547saKg9YEDdTpaHDh67Q4vy27NlnbTShJyG/a iUL4Aps47VCOBVHOAPlGoVsQfBL28C3bI+7lVgECKCowJdUWQu/TT+kJobbx+PA1 4Am4gQHdGHoG0OYtY9AOMDkCNj1BzOgwYxEl9xlrV80I3yjSgr+H2mensnbHQtWk t96ii3HxkegULgsKsuiFY6yYs5/Oq7lm9coi6MiqpYgEyDmfzD/hN7/S2DLwzHuy telWHSIG73Wn8wyQFZCdRl0r2ERs6g6zhD0QQdRCwZ/0vnIcbDP3F2y1CA8JQGQR xIvGY+AISiBe9TtGgkUi9DhLKxuQ3D/5/fzWY3PKJWXmmffs2Xj5Li9rwLuWlG6h j8hSPtNjW2K76XI1ezkvIWt7nY74YB8Nc+MB4KSPv+sZIN6g9+IqCt+jwScXa0yT MRQ2ebTFE2I5swjrOcUlUg0UpCtWFjPvhfYLc1snmxKbtw69njO/0okE3HCRry37 0L0EMoBgy27HkiAbPmYe6ehVNFEVziy9nUF3+m+7pH3mVGIT2ebZEfG94cewq+ni MFyaQidH3mcexYcokC5EYsEs23rQP+JrIpxHVAQ7ZK1/ltdKPAJh+bku0GUqncXn +StKu4zXcm0= =cJni - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYGuuDONLKJtyKPYoAQh9bA/+Je4pb55n+E/i1Dk1lTHtppnFUJCfkKYH Yi92q70Lc3mWdWQEEs/bcZekNr9L+rVsmKCLPKjUaip6X5N0G00ejz1Afvx8zWrC Gq2sX8hx+DBO70ZiLiIbBUUTRHIKDzxOVQpX0gC+hdd6njLskdaa0MqMPFlNBnnO wrXILFjP49g+gjKvQL+WdFGaYo5XUPc4PDdRdFaV0mJDfRsWRJcvOl5S/UBS6Tga pMH/LNudEBOvYwuraP9ncq04Qo9kiS2RAG2lAGhU0raztuKGotoosQbyodJIvMRj lq65T2GvgoCZcpfohhLNvG7c5tK61fQ7uX9cI6J5Q0v3bppl8/cYN9b0bYI/qROK 5+5eAxaJKgQPElrTNfZb7lahndvDDqIoVXeyilZ1DrJUGzH6DeEcPI5nYila3W0+ VudIwskP+Zf6dz3WYxgfRbhUjivAoLyMPXKXhr9clXoV6cqaaUeYF2UOTlhIdSM1 Oqr3pPHycI3zhK4yZG4saVoa07YrnbsM5ueoy0T2a7uDuhzHHVLQlql69DIhDj1S +fFNn8F3jqAME8KIKFXE7r6al3eA2gixgS6tKWjzdiHn6iGb0P9EINip6OZCozDY CblNpQhmHJwPiVW5hn/N2saju+VbryzzbF68EKPxBxraw+VEacTBsiMdQhABM65P 7h8OcreZayg= =389u -----END PGP SIGNATURE-----