Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2030 microcode_ctl security, bug fix and enhancement update 9 June 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: microcode_ctl Publisher: Red Hat Operating System: Red Hat Impact/Access: Increased Privileges -- Existing Account Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2020-24513 CVE-2020-24512 CVE-2020-24511 CVE-2020-24489 Reference: ESB-2021.1996 Original Bulletin: https://access.redhat.com/errata/RHSA-2021:2299 https://access.redhat.com/errata/RHSA-2021:2300 https://access.redhat.com/errata/RHSA-2021:2301 https://access.redhat.com/errata/RHSA-2021:2302 https://access.redhat.com/errata/RHSA-2021:2303 https://access.redhat.com/errata/RHSA-2021:2304 https://access.redhat.com/errata/RHSA-2021:2305 https://access.redhat.com/errata/RHSA-2021:2306 https://access.redhat.com/errata/RHSA-2021:2307 https://access.redhat.com/errata/RHSA-2021:2308 Comment: This bulletin contains ten (10) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2299-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2299 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6 ELS) - i386, x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release * Do not use "grep -q" in a pipe in check_caveats. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux Server (v. 6 ELS): Source: microcode_ctl-1.17-33.33.el6_10.src.rpm i386: microcode_ctl-1.17-33.33.el6_10.i686.rpm microcode_ctl-debuginfo-1.17-33.33.el6_10.i686.rpm x86_64: microcode_ctl-1.17-33.33.el6_10.x86_64.rpm microcode_ctl-debuginfo-1.17-33.33.el6_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMALXtzjgjWX9erEAQgv+g/9HNZPFfi8eABF+ljMb70KbKzJ1CmTiWPI Ks84+KA2b6wBCK1KzjellqZCuPy8uMpp8shK6wauTDmYkOWzN+IqPr5QCc6/9HwJ Xr7FHVbKaS/eKweCbgZqXl92CziGDo3YKUSGOGBIxiS2v5FqN2AQAgHjeSquJ9Yb toIs4H1Hh+2f0JChXlw3m1raNY8mfaxg38WpO/csUYNWNqw0r9Ur4b1/oTpYapBi bKmFZopKXJ4YhCFvyvGkr9XLza+5hfNnviky9uQ4hcE6Lt9WmOqSPOdu4+5FSYap CuP6KW3r17RftOt7UZtemzpAWXnvQb7O1N9OxxGTVQ1efvXtbkKpZ8Kn3Sm1pmZS CwJwkhrGol9gWrRDqotiILJaI07Gxt30cY7R27FrR/QvuvM57rxg2Dq74iXdi6w+ GaIHvYTFrl3bFq8QZ6xF1S+UsyC1OXfkR4YxrR7lYs8oKs5KFymPNU07pRBtIV2P QmI5eEpym8Bv4PtkqaJh5a88hezDgOTu2ZqZ3m4sJi1Hhd33m+uyO7uKhDBoCIOh jE5vutNpF1p/GAOU6jNe46xHC+VtydUFYcdvidcYnP+NFcb/ENXrJE2sB4v2NYNB 9fK1WWe4/WPKpYV2diJDO1ZLgvgvZNPijVrAg1aL6qZP8OPFIHdIFrGPNQ3B0bKm M3TuDZVx7MA= =OukB - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2300-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2300 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.2) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.2): Source: microcode_ctl-2.1-12.37.el7_2.src.rpm x86_64: microcode_ctl-2.1-12.37.el7_2.x86_64.rpm microcode_ctl-debuginfo-2.1-12.37.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMATztzjgjWX9erEAQhNRA//dWSy153QpbPKOSo9s6SQPBw96PmyP7Th GDERqK3CN+gLKzedncZ0XUp+NQO8NfzEEw8B7xu3QFmKE0r7yQEXud91BXH1HphX 9FeKCcNI0vdSLicpiqf6N8K90YuncA8H5NwVDMmCCWp8b9zs0GASutpg1cGnkrck QGlntnaMoFqPSMDL3zBGv1/lZmSb8GP0rG8lY3zEZACABS7f2eWbTyo9b0Rgvxoy rcv+HR2EXSXKFHiA0rFn5cjUQfOGI21Jp3OhDNCTd0C4N//sz39brYQfDq1hsa8x dQY8YGmweOAKifGvxFToTgWgf9krNXiho5FSbHtHZ2CHxjFtha9lWT7irCBNOjNz Xl4qtHxGYqNms2oSud5wfbRokHIyIuv3JdpjGukw7gm+GRpxPgqo0pAmErQThig4 YcIvtMEcuWEkWvptKv9Of81chFhiwEa3CkoC66I3zC69ELsFq/hqe5ToFWsHL+rk OUEbADE3c2gxiZnSjcm72l0sPdICqbBZ+APnUB0AN1Gf1MTs4NBerZ57dvydocSv ib/HtOzRV3EzWW2jV7rgease4dH12ZvSvdU3WHWzyj5n7k75TISiRrp/MZfW39Kl oAU6s/z31DvxHBFBnCUEiH7JO31uloFsb9X3ZTFGFBuWOP16VwGkMX1I7Res9Pg8 bOeMGH8lKHQ= =j/dX - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2301-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2301 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.4): Source: microcode_ctl-2.1-22.39.el7_4.src.rpm x86_64: microcode_ctl-2.1-22.39.el7_4.x86_64.rpm microcode_ctl-debuginfo-2.1-22.39.el7_4.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.4): Source: microcode_ctl-2.1-22.39.el7_4.src.rpm x86_64: microcode_ctl-2.1-22.39.el7_4.x86_64.rpm microcode_ctl-debuginfo-2.1-22.39.el7_4.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.4): Source: microcode_ctl-2.1-22.39.el7_4.src.rpm x86_64: microcode_ctl-2.1-22.39.el7_4.x86_64.rpm microcode_ctl-debuginfo-2.1-22.39.el7_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMAhZtzjgjWX9erEAQgacA/8CSb4gKvVxCL/UEvQ8fD+Fuk7bVgGXgdl zfHALQmqxEvgcquECA1+0gVaALewsTbv0jYGt8ar3LXlNfdYvJyTZIkkTU7QPZX4 noIGXIk9Ljn6HDzNVq4+SzQGFhsy+eCyj0ksgLD1pYvSXZhMhIFoNs88qbn4vohF NWbr/79PFDN5Z8OD6eZ62dQuU0EBgR2/zQGhqEp2A5AIGyCpoGkeMjQbcEr8MTYw re11SdeDWdXudlgn6lCeVm1NB8/oaCRih7VTaNzHMTihyG2fS6Vfy9Tf1PcXXrZT 8r21wAISxES7QfMCxBB3jnlq+/3QYFG/dYLDZ8EDwa6ZCXyFRHirUQP6vrk9TG5k xVPIFH/QUwcWFaquGbvtpllAgn1tcSohpzMzDPqLIFSO031A1Xdn6JaYaUi9unO7 wOUS5MMYTJtXjQJ/lBjMFFCEMzGZ1VY74wwdHmyoBW9eA6DnfjTHsnhTpWvLbuHw fM0+/amC1YdZkMOmKWeSNkB0ESISQw6d7/pgT1px/ZyEktGtlnvOcybPpqVVFnnT 3llMAz6CW3UL59MvAvPk9dXKSeJBfsXVVQq21VVuNi/KHSE9tsYQnBgiVizDbrru npkQK4e+JU/GxTuioDK4/QrC89S9ZTvHcfiTFhpDt8DNxJdkmjjNi87m1UWfS1rL 3CqP9OqPU7Q= =cruI - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2302-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2302 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.3) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.3): Source: microcode_ctl-2.1-16.40.el7_3.src.rpm x86_64: microcode_ctl-2.1-16.40.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.40.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMANt9zjgjWX9erEAQjMMA/8D4VBPl5nkCRcpR+syji3SDkmTfpn+VCW rrzKwXjNODSxCfdTYgZszDZraQlwYwdL2tz41ThcWtk5SBxgDZJKj/YmpYy2m8su 4HntUyEJDsu244cBj3d4Pl1MHlBdzzcmpSfR0OtUX192qJJqM0u1JTxgb/IRkVff uFhUtg60AEocjC6GCr/EF8yaMZBW488Jy2S07rVWhlI+wxg7Ce9SVhS9WIY+kZcA RWzy19j8Z2KEGGGhn7feYbN74412dwex9l6kq62dWEO8nEKz02PcdU3+qLDGQUE3 7DtVGOZEtfmWGSjlO2xKcEpE1yZxLpnQu4rsL9JVs+gB4aOrjelAGOR4BQB//5UD zg1ACkAthf1OQPLmRCG4w3fmjK5/vhLxL+GaF11PkCnvcG6AtaRamMv4wZdQwj6b +PzS3f9UGm1/NR6+c0qJYlHAqOWyp8k+vGo6ToBEX3VkZ9WbQXWU1VPAxFybq/oF ybfivmeusuvU8flsJdcunVJtIy4c5lNMaeURViAT0S8pVSCYYD6GaZ9tlz6tTLwe LCxyMGc8iZP+iCnHncPWAs1vFcvSwbAndzwXArdMeTF2EKQ2a+QH+rAHOm/fPqwN CkNq3vmabSrXAd3E6w9Z6/PxnljOoCPvgdmZ2ycIMXIMZBV/21goah427P83A/nR 4rVdT91stlQ= =PJDT - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2303-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2303 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMAkptzjgjWX9erEAQjQaxAAiXuFV2AZ5UNVNR29EFFEaHsHDTLaeYNm ibgw81yBpSZopPqtVYoznk9JAYc2YSrgbq0/BxC+rWHRTGPom5lZumlkqc+Nkjon sGx6SXU5q9M/nPutM/p5afTXNaHbZVQojjeP9VIpF1qz94JRcJisrumAW/sS27/v Ie6wqizvXNJZq30FOmgAq3vSXJpvakZYrBZoRvdm3MUx3rqiy/Sn62VtexeJoWJf 7BVF9y24rn2r9BuG6QNKGnYTxuUHAfcTAy5laJZ7EWdpEXcSZG6SV6x40Zdg6TaV 8x6PFSbvb2woGvWfFr5so9I92X1z9MCh4vQ5hmPnoHHREXpDKcDjvmfnStNkKD3F kOvf99Ph7E4Th/NhFwAczspiZEJYbvZ7ZenKQwWd2lGnEzFdPU5g5c3n+WVyN1qZ psD/uZlryQyIUyvRPowGppm/vJfyIiDKr+yUpq3AGscs9ASpnH6120ClaQx3KutT gpUbnKDxAW7UMlg5V4A9y5jJBgW8cZGH4qKc9KeDOj1MOjOhrfClInKhfqqY6YF1 8ulHpTKFyXzFjKBST1PKhCQQ2HhG74GoG147R0yHZw+9T0+o3ovlEQTxD2yVgGua 7LQ/vJotdgvBEaYoWTz6WwphiYQpFbbyQ6E0qplPVJMMmFKhDpNKS+ama5CHnfUF 6I3FlLzt1EU= =YG8p - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2304-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2304 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.7) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.7): Source: microcode_ctl-2.1-53.16.el7_7.src.rpm x86_64: microcode_ctl-2.1-53.16.el7_7.x86_64.rpm microcode_ctl-debuginfo-2.1-53.16.el7_7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.7): Source: microcode_ctl-2.1-53.16.el7_7.src.rpm x86_64: microcode_ctl-2.1-53.16.el7_7.x86_64.rpm microcode_ctl-debuginfo-2.1-53.16.el7_7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMAkctzjgjWX9erEAQg5ig/+JAeeNEhtBWrfWgiRc10zi9KPgHKPXMzQ dm/6GTT9P1fqUfPDOTjm6uQXMNUWfHOkEQQecsbo6Tqh72ccs04xf67Niekc5rPK OzB+j3NOo90PrWKpxyoQlQxJ0dMEM97t2U5FnVcUbp9o1s5Q/rEWPLKsCC+nH2fW 0u6Yjpeofc1AtfcXVnWkJUmrc9zW/HhE6IxFTRSiqY1ltanlQKdH7pdQ8WYALzYt zFk6A72ubHQZkcwZDfpnGHmzWrVlGS4pMjLAv6BJlzUmS9YcFhH0vnDPmcYkSMoQ qOgnrAh3xLwMzaXKIdS8naEI7ldDlttJZScjgwV8UBmzHLyxWswUzPL78jlIEOmC AadovsnzjAZTFsXs39/IY4h88ICvHJSGSEUzN3ANDuXk2VM0MCmmatss8MhAQKHj lXBdpm5n0ngdLk92C9K8e8+ICNCPZTUUVNxrLTv6zmlyGaEibXk1KVXDobrmI7Wv lQxlRnNlGOO74cf7nbxCYNK339uyd87KER4jeDpLA/QbIkW5yDTpuDW7ENvl8zHq BZK7GIsLg2ksw+fiKFG/jk6GFJynz3+XTusNN2VSPOaMa6tSsTCSeerY4pEzqi5q FQGUuRjihEUv1JhLtV8YAyRRxAJo+AufvIuU0Xb8ooATIcWLEct8f39D8O4FwaW9 No6ujR6Vyj8= =d/HZ - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2305-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2305 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: microcode_ctl-2.1-73.9.el7_9.src.rpm x86_64: microcode_ctl-2.1-73.9.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: microcode_ctl-2.1-73.9.el7_9.src.rpm x86_64: microcode_ctl-2.1-73.9.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: microcode_ctl-2.1-73.9.el7_9.src.rpm x86_64: microcode_ctl-2.1-73.9.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: microcode_ctl-2.1-73.9.el7_9.src.rpm x86_64: microcode_ctl-2.1-73.9.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMAkjNzjgjWX9erEAQj9Rw//aAXwJWN2Q/e3KJ6n+bdhBXSWxMI+ro7r 86Elrmw3BY2uTNbkjEorxQfON15ZawMJn0eNprNGA4gxRJ1/OlV+bMXcXsHcxdwt 2ndTxSL9G3xd+B3j6L8N2YQAXzCSzJT2ohbFPntZeMDpd6hILbNO+XDmnPu0uEsh E1Rl1BNsQJGoJ9yrrk9hqae2erlB2nTuDwYcNN6YWANkpWxPnzrJBRt115hBL/Xm Gh9vsxTC98/V+TWn0o0gLDUr0sM21KhD2U8F3byxBQB4Kr4Y0X34U12whwHkG95b m+HKj38OHmwhm+JZV68AsVBbnaa4TM3ilccuAVujxcW10IyXZBsmBFoEnIQ5Y7mm X8Bc5goFlKet/cDqwwUDBvjFfXfC61+2N4gRnWp48b8+vojs+T6JsurrCJbRhXjL gy8adoRwG3zNj+0xh7sHjX7XkIYFwrWMxiFHUaJWMV8pfx6NvGJJTiRR6n1+nKJt scM4MX7RUnLlcmRMbN4HpU4Kg7CLqI3dgiJ1XAgIUyB4Xvsb+Ckp/M8EB9I+GLDP Z4feYJ/cplYpSCcRG0xxHsnqrDFgAI0P/KVy9GQeAaXWWVwQzP5vHr+tauLSaEae q4MCBAMQQ69TX2rSLhnwtH1fpVuBsZibIN3QAikZM///peIXrNcmR4jPBVRPU6p+ ulH8AIb5GRA= =sYI9 - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2306-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2306 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v. 8.1): Source: microcode_ctl-20190618-1.20210525.1.el8_1.src.rpm x86_64: microcode_ctl-20190618-1.20210525.1.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMAU+tzjgjWX9erEAQhHYhAAlacei1fpfJTlKBDD5y02DE8nQE/RLGDq 6KfYldHBSjepJD/5bprpYTn2dteeIUOZZvuy3vAznn80kR5lDfgkBINTjoMJGQqg Yi5h0ZEQjdbluA29S0vAog2OMvbaL6wiIV54mqo4344AEt6W/yrou+70FRcizbMN gBIT5AacV4mF6n+DQJovtHWzx9WY7otOE+6cV7gVTEBh6RQWSBMNIhLOiO7cjK7+ 0ws3zlO+fG81GHwGiNqXtuj46xmUKkOUltGph3XuidAkVQXgSNSDjGO7KHVL5o8Z /VSNoEvQCQXMc+V1I1jSZev8BPG5UO+6Ezy8hCNBX8e59kDqpwlh0wlHBLt1kppz 9t7byAIbNW2aBi6temUUf6ATAw8pFJ1yVcr4CByd/7HiBNZLfo8qos0G8JZ5tGCE 00LfImOlaymGI6vfm6OHf2mMW6er3fvaVBdA4GRhrF+xZuKR1XZqSrL9t7wEAIY2 W5OQnKuzwe7K17nTCeDlZ0FOoTEk5NJ/3yNwQwWEXjIrR1X4cluOdHc8DiGelDnd CeVw7peG+Zxf2xAIvRcdp0/nHd+qyKENZLFS+JG0jPlVKzxH78gwY8Ksb43R+kx8 OXNAsvXLVaOkiBP0AyuVNMmvfZ2+zQlCjSwyIFD+sqP1IgHDS76HqqkNPlPjcLDM C2fRCdWToGo= =D+Ke - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2307-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2307 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v. 8.2): Source: microcode_ctl-20191115-4.20210525.1.el8_2.src.rpm x86_64: microcode_ctl-20191115-4.20210525.1.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMAcetzjgjWX9erEAQjhVA/9Gf/eyK4VS1itF6pnUCbfTKvh6XGc9zuj FdSOCFxEFzwlvHVYUYFn1KSYy9TGfWJnheaT6ptSjP2LwbRH3LWceaQhK6PEhaFR KyFGiiyX3fbcu+VZKHObAtRy+mxb8c22Sq/K56qpWnfJSoR+AzF0+UzsiVaFeVr9 iiHhoQOn/DZ+D1uajzaxWU4kdH5SdgLIMMmnYfUYPiRXHyvEpZ6j4FXDslCU8E3k lMeaWk8micyUH0Kw+BEDt5/Ytvku/Xzamt1hflZ7eBppgJjAzTD8VKRCny0B9nRh vYRlb+HuL9p3AJ+E5O0REBen9JuZdgL4C8u5TisODShC9FTEts+ljnsr0zvplpMI 8E9x3Xom0b/JwPbbKNU6L0bpXLVJ3i6jLgffQBGPe8qwdy/7O7chNboYnWn/Kf0s 0KqPwqKM/1Jnru+bYzKXXtKhku9shTDWBTI5VVFtC3HSxQgHbIScMdhPFQQI/mZL 2bkaNc0QNm7oXu6j02T4ZVYm8a4lXXi/J8I/7NhSYmSeb+nRu/wU9X+Coe9/8hmk AUr9mLLlnZUhx3byk/5Xhb+Z4XfB1siDw2Yvp3E9zaq/dZc2ptkSkeEMlVqC1bIw Mj2/L61k7by12TxeE1PluPB/trGRrU6fpwYwCRhna5KxyBAEK/nvmpfeO2T97B3a 3UmdFKrqRHo= =q9Om - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2308-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2308 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: microcode_ctl-20210216-1.20210525.1.el8_4.src.rpm x86_64: microcode_ctl-20210216-1.20210525.1.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMAgOtzjgjWX9erEAQidkg/+I45fthLelwB2GV2+yNSvwVSh9VakGV2o W7mWN92nwRysqUWk1mdAXxkVQx9wwudBAsLms+cGnk/aaf69C33LM2wLI2pe8ySd q0JLQltjJ96PbZ+JZGOnt5AKbi+MsPWA7YJi2A6hC67mn+KYUc3YTChJgOn1PLVV u37dui+HcXRk+nPcZdnlZfHcinNNbp1g+Qkf/M6BENqxpz774kuhXeDwBAlZiaQV w8GEpA8b1Vr33BQtqonNLMeoKhDG+b8TDVuj1KRaKpjojCyDtd3IxhSJ81j45O4c vSkEs1eqJr9/Y4jKv8KRt0rzA6KoyQEAvnwVAyWsUf+rKD6fibUDbXIg5XmLhwz8 g9+bIkSEfshexLLpgupZGzWlxVct56gfL4wnqww4x0pXH87cOtBFBrZWa5hpcSHS FWIelgOOLQoPCOqOMFUHJnbTpqCRSQRsfqdzyhGm7EkUoUQNtzy+G5ACJC+328bB W364ynbMUXl2KvumvdWUVO267U3YYd7MGacaPFbxkz9C44BryaH1orCgnyxogcQG iF3JcceHiYgBGsT5y8cXOw7qggX0TQaBDtkvxf7+P2svvNF1g0U886AxC8o7VGHD Tm/mYfWLpuLOGiOLPqV+BjdcymdtC87QdXk52EjoG+6A0imRfQjsPNiyCw70TVYF 3Y5ZLiS/gok= =9LbM - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYMBPBeNLKJtyKPYoAQiKOxAAr1if7/AQU/NHGg11BMe9imxRTX3wCqfV PYGPV96eu6mcPd3RwWbmp59U+t5fHEEcXAcKYjd/H0xS50db3yJz66YeWFY2HST7 B/cwImP1PLVBk0vo1L9mO0vVRKY96UvXfsHgQiWtm9qH9wpYXSLTyN08yHxz195P F64OxEYeux0TPl5jK7XDggAuB9eaLP20UBvAAkk6RQow1NKU1YvWGjn3uivvIyRh C6/R7QcUZFkOq7XroG5JgdW5MTytl59ofd/Q/Xw+JzYS14JfFfdpaCbhY+CE6hMm gMCe3rvQSi3ThaC/5uxl3RQnNJKRGOYNllFyCBKh5BomnVISBmjsTOzYUp8ri9rD j4hUgCRdVlNBq27Iv+ijfuWqfspumcJjckICWyRkgH6wj/8W2b8weztisBBmQlGz BMIb+KQJXYYr65crF5YVQj29cLtf44NeKZX8Gp1BzKjbfkYSXnhD5HOcbtkO4TkF jvhwZZgGZ+2kSyB0g1S3PjWKfA0NJkMCSY2HbvxOx+da57mv1DaThfYeLOX0VAsf nACJyvuO+2FI1CeGHkwfAC2gtv5fc1jmTJZvMxvplhQxVJvHx1QSVjF1HvCRARuZ jRkqRtHI76l9M20ATZGqT2c70jlrWbGQ7zBBqMV6TbXuZS4D9tzAibtr/qZAoDdK nZ/v/AjiLHk= =wcVL -----END PGP SIGNATURE-----