Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1339
kernel security and bug fix update
21 April 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Increased Privileges -- Existing Account
Denial of Service -- Existing Account
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-27365 CVE-2021-27364 CVE-2021-27363
CVE-2021-20265 CVE-2021-3347 CVE-2020-29661
CVE-2020-14351
Reference: ESB-2021.1307
ESB-2021.1225
ESB-2021.1224
ESB-2021.1193
Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:1267
https://access.redhat.com/errata/RHSA-2021:1272
https://access.redhat.com/errata/RHSA-2021:1288
https://access.redhat.com/errata/RHSA-2021:1289
Comment: This bulletin contains four (4) Red Hat security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2021:1267-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1267
Issue date: 2021-04-20
CVE Names: CVE-2020-14351 CVE-2021-27363 CVE-2021-27364
CVE-2021-27365
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.4
Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update
Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP
Solutions.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64
Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)
* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)
* kernel: performance counters race condition use-after-free
(CVE-2020-14351)
* kernel: iscsi: unrestricted access to sessions and handles
(CVE-2021-27363)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* Enable CI and changelog for GitLab workflow (BZ#1930932)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1862849 - CVE-2020-14351 kernel: performance counters race condition use-after-free
1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem
1930079 - CVE-2021-27363 kernel: iscsi: unrestricted access to sessions and handles
1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module
6. Package List:
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source:
kernel-3.10.0-693.84.1.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-693.84.1.el7.noarch.rpm
kernel-doc-3.10.0-693.84.1.el7.noarch.rpm
x86_64:
kernel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.84.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.84.1.el7.x86_64.rpm
perf-3.10.0-693.84.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.4):
Source:
kernel-3.10.0-693.84.1.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-693.84.1.el7.noarch.rpm
kernel-doc-3.10.0-693.84.1.el7.noarch.rpm
ppc64le:
kernel-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-debug-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-devel-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-headers-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-tools-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-693.84.1.el7.ppc64le.rpm
perf-3.10.0-693.84.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
python-perf-3.10.0-693.84.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
x86_64:
kernel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.84.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.84.1.el7.x86_64.rpm
perf-3.10.0-693.84.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.4):
Source:
kernel-3.10.0-693.84.1.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-693.84.1.el7.noarch.rpm
kernel-doc-3.10.0-693.84.1.el7.noarch.rpm
x86_64:
kernel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.84.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.84.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.84.1.el7.x86_64.rpm
perf-3.10.0-693.84.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64:
kernel-debug-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.84.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.4):
ppc64le:
kernel-debug-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-693.84.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.84.1.el7.ppc64le.rpm
x86_64:
kernel-debug-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.84.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.4):
x86_64:
kernel-debug-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.84.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.84.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-14351
https://access.redhat.com/security/cve/CVE-2021-27363
https://access.redhat.com/security/cve/CVE-2021-27364
https://access.redhat.com/security/cve/CVE-2021-27365
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH7PN9zjgjWX9erEAQj00Q//dwJUA3XoZ8Ferzd26sJ/DcX6mUEUBmHR
ak7tX27vETn/72UdgkHJkB0XRqsn6yjQBdowxXQe7zdcmnPFemMlluDzwNnNw2ME
FqLcIPgWI7qct32+csGDvOfUDz912A+Sc9XB2oekMpXgeMunfxz3FfmocZPVKcqh
OJq9MTkjJcktHOKvwr40xnYKk/0cKUqcjqQxGZbYCr0RZ3u88vHd8JIDZqmBr+dk
tYHIs5lIZ2jICescQf9nwQByB4jm8BX7WDqmdyvV8jrrRzVYhLyFZdDDo9nosDVK
4y++m9pLVqHtkojPscbn2+NBEDHJxUmtFn5JabSLb51Jog0tGu+QC5MEtfqc5jgH
Cn/M47TR6OiB88i8FdQva40HWGsEQanZaLeNWRGEh+AaVZt0WD7zgzAbKghZ8iLY
EypWscF8RYcEN27Q6DNcWwozLyfWGbH3Sex4OMsPL1jqtki0+6HD/ezI6HDmnHy0
4FuCbavgKBRuHHZXG7jX/rN6FHMg/7My4LSHk9fmj2PszaTyZZpFqz0mcBCMJzNX
rbgPNtvbOpjv4sUn22LNNA77lOGw+cKwXIU0FKwDBXx+Ak7riGn2l6OpTReUa3qj
Eck9dxJiZAzSNunG9HN8dBXUprcuo2WYJ4TV+KwxCLQbQbOkrnHD6bSHXRv70bxK
HUMRmNWYCrM=
=INXh
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2021:1272-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1272
Issue date: 2021-04-20
CVE Names: CVE-2021-3347 CVE-2021-27363 CVE-2021-27364
CVE-2021-27365
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder EUS (v. 8.2) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: Use after free via PI futex state (CVE-2021-3347)
* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)
* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)
* kernel: iscsi: unrestricted access to sessions and handles
(CVE-2021-27363)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* System Crash / Core dump while deleting VMs (BZ#1897687)
* various patches to stabilize the OPAL error log processing and the
powernv dump processing (ESS) (BZ#1907302)
* Unable to receive the signal registered using mq_notify(). (BZ#1926111)
* SCTP "Address already in use" when no active endpoints from RHEL 8.2
onwards (BZ#1927522)
* enable CONFIG_RANDOM_TRUST_CPU (BZ#1928027)
* [mm] mm, oom: remove oom_lock from oom_reaper (BZ#1929739)
* Configuring the system with non-RT kernel will hang the system
(BZ#1930737)
* fNIC driver needs a patch fix that addresses crash (BZ#1932460)
* OVS mistakenly using local IP as tun_dst for VXLAN packets (?)
(BZ#1944670)
Enhancement(s):
* mlx5: Hairpin Support in Switch Mode (BZ#1924690)
* Trace mode enablement in IMC to facilitate perf-kvm support (perf:)
(BZ#1929696)
* ice: Enable Flow Director Support (BZ#1930780)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1922249 - CVE-2021-3347 kernel: Use after free via PI futex state
1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem
1930079 - CVE-2021-27363 kernel: iscsi: unrestricted access to sessions and handles
1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module
6. Package List:
Red Hat Enterprise Linux BaseOS EUS (v. 8.2):
Source:
kernel-4.18.0-193.51.1.el8_2.src.rpm
aarch64:
bpftool-4.18.0-193.51.1.el8_2.aarch64.rpm
bpftool-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-core-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-cross-headers-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debug-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debug-core-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debug-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debug-devel-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debug-modules-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debug-modules-extra-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-devel-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-headers-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-modules-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-modules-extra-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-tools-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-tools-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-tools-libs-4.18.0-193.51.1.el8_2.aarch64.rpm
perf-4.18.0-193.51.1.el8_2.aarch64.rpm
perf-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
python3-perf-4.18.0-193.51.1.el8_2.aarch64.rpm
python3-perf-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
noarch:
kernel-abi-whitelists-4.18.0-193.51.1.el8_2.noarch.rpm
kernel-doc-4.18.0-193.51.1.el8_2.noarch.rpm
ppc64le:
bpftool-4.18.0-193.51.1.el8_2.ppc64le.rpm
bpftool-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-core-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-cross-headers-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debug-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debug-core-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debug-devel-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debug-modules-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-devel-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-headers-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-modules-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-modules-extra-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-tools-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-tools-libs-4.18.0-193.51.1.el8_2.ppc64le.rpm
perf-4.18.0-193.51.1.el8_2.ppc64le.rpm
perf-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
python3-perf-4.18.0-193.51.1.el8_2.ppc64le.rpm
python3-perf-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
s390x:
bpftool-4.18.0-193.51.1.el8_2.s390x.rpm
bpftool-debuginfo-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-core-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-cross-headers-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-debug-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-debug-core-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-debug-debuginfo-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-debug-devel-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-debug-modules-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-debug-modules-extra-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-debuginfo-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-devel-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-headers-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-modules-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-modules-extra-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-tools-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-tools-debuginfo-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-zfcpdump-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-zfcpdump-core-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-zfcpdump-devel-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-zfcpdump-modules-4.18.0-193.51.1.el8_2.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-193.51.1.el8_2.s390x.rpm
perf-4.18.0-193.51.1.el8_2.s390x.rpm
perf-debuginfo-4.18.0-193.51.1.el8_2.s390x.rpm
python3-perf-4.18.0-193.51.1.el8_2.s390x.rpm
python3-perf-debuginfo-4.18.0-193.51.1.el8_2.s390x.rpm
x86_64:
bpftool-4.18.0-193.51.1.el8_2.x86_64.rpm
bpftool-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-core-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-cross-headers-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debug-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debug-core-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debug-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debug-devel-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debug-modules-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debug-modules-extra-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-devel-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-headers-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-modules-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-modules-extra-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-tools-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-tools-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-tools-libs-4.18.0-193.51.1.el8_2.x86_64.rpm
perf-4.18.0-193.51.1.el8_2.x86_64.rpm
perf-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
python3-perf-4.18.0-193.51.1.el8_2.x86_64.rpm
python3-perf-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
Red Hat CodeReady Linux Builder EUS (v. 8.2):
aarch64:
bpftool-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debug-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-tools-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
kernel-tools-libs-devel-4.18.0-193.51.1.el8_2.aarch64.rpm
perf-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
python3-perf-debuginfo-4.18.0-193.51.1.el8_2.aarch64.rpm
ppc64le:
bpftool-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-193.51.1.el8_2.ppc64le.rpm
perf-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
python3-perf-debuginfo-4.18.0-193.51.1.el8_2.ppc64le.rpm
x86_64:
bpftool-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debug-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-tools-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
kernel-tools-libs-devel-4.18.0-193.51.1.el8_2.x86_64.rpm
perf-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
python3-perf-debuginfo-4.18.0-193.51.1.el8_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-3347
https://access.redhat.com/security/cve/CVE-2021-27363
https://access.redhat.com/security/cve/CVE-2021-27364
https://access.redhat.com/security/cve/CVE-2021-27365
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH7U19zjgjWX9erEAQg+fg/+JMZC3jCnmmsPYlffgIe96rR5+HJZ55ic
dbaHM3i1X1kGIYxjWgX8L3b+cMYRpfxZpasXMmgvEn93ml7BiD2Bx7VpQ05Wdo2D
zLlfh7G/P9IBe4Fk97sz0lYkp1rgdU8TxpCqO84X9mrBTKU3TU27bLWNJ8/DDPwW
F6gkwiGIsNmiEpbRE2Y8uvULpH+7anKfWrSdw4rtDKJ2jQcI1PguEaCL/VrxtpGW
UZ1Tlv3AemqKz9gsChPQFnDPW+cgPW2j9Nh42oJFxbmfzXRvEQ/7tupVmjlrAh+9
M5sL4P4OFnE6yV76R5i0ZJ2Tfw6SoOu1HUot2p8y1O+POoiX5H5lNTDejl6H82Gy
O9ZQ58y3ZLniTtOPt7xdI36KZQm/Lr0tGLsEw7DDprRxYekPQ7cVpbgN6D5PvNOb
EAuA4pF0JLObF4MwhY33UIQvfNH6WV2Wbq87LnypzDwmRUeYLWhg5orlF33kz8pR
PBF/E/Z/vOJF7yuxROvFHDnNEPmps2wcJqdf1UdE0QD29F2biQ4MhCicCwiFwFGH
wxFHdykdoZY9URt7TjvgOaaHuZKoyrzcJTpzqxijxJFVNEhqQEnHMyIEQSKTesz6
NsyeTS1R8S0sig608M/GoKj4ODenJAIo14ZLGa+sYsadBXlf+gyiCqM38eMMMsJe
V5/znOSDjsI=
=sqZK
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2021:1288-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1288
Issue date: 2021-04-20
CVE Names: CVE-2020-29661 CVE-2021-20265 CVE-2021-27364
CVE-2021-27365
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6
Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server (v. 6 ELS) - i386, noarch, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an
use-after-free (CVE-2020-29661)
* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)
* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)
* kernel: increase slab leak leads to DoS (CVE-2021-20265)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* Enable CI and changelog for GitLab workflow (BZ#1930523)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1906525 - CVE-2020-29661 kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free
1908827 - CVE-2021-20265 kernel: increase slab leak leads to DoS
1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem
1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module
6. Package List:
Red Hat Enterprise Linux Server (v. 6 ELS):
Source:
kernel-2.6.32-754.39.1.el6.src.rpm
i386:
kernel-2.6.32-754.39.1.el6.i686.rpm
kernel-debug-2.6.32-754.39.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.39.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.39.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.39.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.39.1.el6.i686.rpm
kernel-devel-2.6.32-754.39.1.el6.i686.rpm
kernel-headers-2.6.32-754.39.1.el6.i686.rpm
perf-2.6.32-754.39.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.39.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.39.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.39.1.el6.noarch.rpm
kernel-doc-2.6.32-754.39.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.39.1.el6.noarch.rpm
s390x:
kernel-2.6.32-754.39.1.el6.s390x.rpm
kernel-debug-2.6.32-754.39.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-754.39.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.39.1.el6.s390x.rpm
kernel-devel-2.6.32-754.39.1.el6.s390x.rpm
kernel-headers-2.6.32-754.39.1.el6.s390x.rpm
kernel-kdump-2.6.32-754.39.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-754.39.1.el6.s390x.rpm
perf-2.6.32-754.39.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
x86_64:
kernel-2.6.32-754.39.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.39.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.39.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.39.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.39.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.39.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.39.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.39.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.39.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.39.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.39.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.39.1.el6.x86_64.rpm
perf-2.6.32-754.39.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.39.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.39.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.39.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.39.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6 ELS):
i386:
kernel-debug-debuginfo-2.6.32-754.39.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.39.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.39.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.39.1.el6.i686.rpm
python-perf-2.6.32-754.39.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.39.1.el6.i686.rpm
s390x:
kernel-debug-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.39.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
python-perf-2.6.32-754.39.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.39.1.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.39.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.39.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.39.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.39.1.el6.x86_64.rpm
python-perf-2.6.32-754.39.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.39.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-29661
https://access.redhat.com/security/cve/CVE-2021-20265
https://access.redhat.com/security/cve/CVE-2021-27364
https://access.redhat.com/security/cve/CVE-2021-27365
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH7vytzjgjWX9erEAQgwEA/+NDrzmWdApgeYeDXFUR/3dJSmpBDe0HpM
SiGr4zwde45RzuqoNes4/ytwnZg/cAHsxZHl94a4CtK457whCXUUtwjuljF+AvzL
qvIGIrgHR8VaOT4ctX6528yRTe7Mm9fdlFpPqElSxLlGXFU8+JQ3Fp0INs0YgvBu
QOYQNv3GuoW/ftx2QbaIk+KdXbzAR/WPOJ8VObiLF+qlcGcNk/oQQ7wOxggPOeoT
sppjIrFfFyyxf25NcwvswHCfVOQ3Lp9bmO7hYCwPI2W+I0h1uLQ1ZcIqzGc8Yrcu
tPHGQsDO1fsC01uImPJCheScldy/bE+qN0ZyL9Ydm1tMR9c9iaHxPHL4FmLQHuQH
tjhG5Ekc/+KCIpO4ueMdXevS8mQui6Fzpe0upttauJgjW3VG8+kaj1/rPgBKPLUs
7HkHLfu9qCczvJauUcO64VsgUj7AjM+aWpJ4HI92/ruAnwOK9BSmjl0k8AhEFhSY
r1kuX9Lauf7G5UUdseYosQPxm9xUW5GGYPvIpp/XohO4ui2j/v0p2G1Z3+L2o5fC
JhpvTajOxXqFCBUw1hE/IzuFFBUCzUC6jGd4WG72XzGHKMb2iWZfQVY+KKMVu8jL
Oa8l3NA6KifAYhfKu5x33IXssyGhHCp+UssxdE8r0kwSKpSG1EjS46037VzKkV0B
vmaD/qGwFdU=
=N8CO
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2021:1289-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1289
Issue date: 2021-04-20
CVE Names: CVE-2021-27363 CVE-2021-27364 CVE-2021-27365
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.2
Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)
* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)
* kernel: iscsi: unrestricted access to sessions and handles
(CVE-2021-27363)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* Enable CI and changelog for GitLab workflow (BZ#1930934)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem
1930079 - CVE-2021-27363 kernel: iscsi: unrestricted access to sessions and handles
1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module
6. Package List:
Red Hat Enterprise Linux Server AUS (v. 7.2):
Source:
kernel-3.10.0-327.96.1.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-327.96.1.el7.noarch.rpm
kernel-doc-3.10.0-327.96.1.el7.noarch.rpm
x86_64:
kernel-3.10.0-327.96.1.el7.x86_64.rpm
kernel-debug-3.10.0-327.96.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-327.96.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-327.96.1.el7.x86_64.rpm
kernel-devel-3.10.0-327.96.1.el7.x86_64.rpm
kernel-headers-3.10.0-327.96.1.el7.x86_64.rpm
kernel-tools-3.10.0-327.96.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-327.96.1.el7.x86_64.rpm
perf-3.10.0-327.96.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
python-perf-3.10.0-327.96.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.2):
x86_64:
kernel-debug-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-327.96.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-327.96.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-327.96.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-27363
https://access.redhat.com/security/cve/CVE-2021-27364
https://access.redhat.com/security/cve/CVE-2021-27365
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH70etzjgjWX9erEAQj1MQ/9EQo8E5fQOYaJ4wBhCtJc0P08FBRq+5T/
4HZQHGBBx66FucFRofP5RPxcPdHfjU2+HA9i/A8oI+mQPpkk4Z7JVDmPR4Uw9dgu
i1Fe3LJ2doAjjezbH9IcoPXGFodWPAKEVVmXLsQ4fPBsu+8sbHZFpxhqvtxVTLr8
QdDlWY/Ml535jLX+cSbUzCKn7eHl/mfaB+98Fc1v8LVHzyeAcQlshZ2kYIVOV2Zs
HJZ0hgH2wiA5A3dZWMnk4iTTmwEp+EFhX9LMFJkKTSNm+cW/tNzzud5tEHaCsfCn
Ac4KTjxvtry4pgpnO+Lmq8ogHURfTzVbXpTTdTsqCFjqtCyO8yNxblOn4+wTuuJ1
Vq9l0n21VcMaJjSO0C11E8HIdjneYU/OXJNFEaXMfeXUfqNYnQ96U3WXl7tF2B1O
YBYlWRyGaQPPo0IZSKcv9XckcJJ71gMRUuCQWJKRSZmsA9S56B/IQUb9xHor1I5k
ZhXJ6et2OXnhDLe5wbYXPREKd1jUtxT4fXwSXKVlP3gD6Qgaj4kEex5830yP4SHk
/oSS46smIU8b8qRCpCxLwpA7KqvHbQn2Fakg2fVthibxms5w9iIPBYKx//HITg5C
iQNKmb9xEKQQr7UAPxw6SLsXhRF3UzRUWnTfMSc3BNRjxoN9YEDHSP82fYuYZsG/
ptCrR1BZ1X0=
=yVW8
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYH97+ONLKJtyKPYoAQgrvw//Zf5W3lO32EBOJ7m5DI/cu9L7FRpCQUwL
hkYYKMlYWeZWg+faJu2PAkLAHu0Xr8q71bxBTTgzKtRF8YnIWreXXqCuAyxNtIrZ
nEvbb98wBYOZNHsy5tMbfIq7b/G4Ut7Ukrkpk3KVPMY9dBaI3+CiLIPwYvCopEJR
WE/wjl0xNRM4+RaD7Y2Z049mCRpayiOYlfasJjhE0s7USMQULqTMoStrdj+UsT7W
lSILfwK7bUwIVjsLF50r8j3yvEMoWNwrEfBR36Ws1ng8YQlq6LBFZhYxX795gdfI
64pb8Vd9kALrQGkso6+kl4h6OhW3AWPtVMJbwvWO5L4jIfc9S5KsRJMV81Xljb+8
a4mUCEeMAyk1P32M1NIMlU0lH3l/eND1rvywNEWuFa4XbjhIJKLno0Y1AP/deV/K
lMYCKb3EbGyWTJXDUxa2x8i5yKRAiGf7laEykKBzckMTSNr/uW+lZEmBgV8HM0yv
ZEvxoBQ2aezQTszoJnbVhClJwbkwS4usX7c23rWYQTNPUyHwsjpMzYSbB8l9wVpq
dcemFOAcAHF9z/Ky30lDtvzqK1eUwtK8kzk2iyjJUeRdRm/zxUE2VcE3ydnapEE8
lNthO1wumMvEmmrwAP3d6XhFm1/BQur3kmbPGWZz1vmcImyONX8kUnpkxyqyus/k
Icy5qn6XVRw=
=Z3z2
-----END PGP SIGNATURE-----