Operating System:

[RedHat]

Published:

16 September 2021

Protect yourself against future threats.

//Service

Security Bulletins

Receive up to date and consistent security bulletins across a wide range of vendors, streamlining security patching.

Read more
Resources > Security Bulletins > ESB-2021.3114 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.3114
                   kernel-rt security and bug fix update
                             16 September 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel-rt
                   kernel
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Denial of Service        -- Existing Account
                   Access Confidential Data -- Existing Account
                   Reduced Security         -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-3653  

Reference:         ESB-2021.3034
                   ESB-2021.3017

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2021:3547
   https://access.redhat.com/errata/RHSA-2021:3548

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel-rt security and bug fix update
Advisory ID:       RHSA-2021:3547-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:3547
Issue date:        2021-09-15
CVE Names:         CVE-2021-3653 
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time (v. 8) - x86_64
Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: SVM nested virtualization issue in KVM (AVIC support)
(CVE-2021-3653)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update RT source tree to the RHEL-8.4.z source tree
(BZ#2001131)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1983686 - CVE-2021-3653 kernel: SVM nested virtualization issue in KVM (AVIC support)

6. Package List:

Red Hat Enterprise Linux Real Time for NFV (v. 8):

Source:
kernel-rt-4.18.0-305.19.1.rt7.91.el8_4.src.rpm

x86_64:
kernel-rt-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-core-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-devel-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-kvm-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-modules-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm

Red Hat Enterprise Linux Real Time (v. 8):

Source:
kernel-rt-4.18.0-305.19.1.rt7.91.el8_4.src.rpm

x86_64:
kernel-rt-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-core-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-devel-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-modules-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.19.1.rt7.91.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-3653
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYUHGA9zjgjWX9erEAQhy8Q//edNbeEACPPFeiPatH9Wa6iIZWCHcQu5u
bae3O4kwcKmEk6uuxWS036cVW15gweIc1x+rcV0Efg8eOohjLHi2TTO/hENFP00p
DW8VFR0Qmtp4YdQK11yNlp3xJao6SGq7KaEnwMKANwtb73M4xUUJ/D3sRAwkO+EA
c43X1hjDv7UmGIy/c8+J9HqBhbkLyTEcJh4S9Nc68y9/DLbK3195Ug54g6FEtruc
d4PgC9cfA8+HOukBFNZZslMUW7TSm19zhOQPPf+iF904u77LapHXNzQgZVnz4hNG
pN+uwO8twJun8I7l4SOiAMR+xPF2n/9Py7N3r9RkEwDc4XKnzVNijYEG5OzZDFPz
zNcHmRdYU0Lj99YTW71gP5z2GyXxp/6A8TiATHSyCkeyiJHC1DSc0Av+nCZKEuKn
6wXrksIThPb6Hgd9jB9WupPdDGzqghnwR+KJN3rx3FVCw+YgpO1QC74f2lmOXMrw
6qZNhmtmZIvfIft4iUa7UsMHQ4+k6B+zSTKEg8p1hbYgBLiSdXDXvfIXH/GZi3iV
M129fAi7+cXE3NqD/YL5JJgnH/6dPUR/1by/4jZqNV0M3L3q4QFPdZqOrksViYuG
bwZiOx/NSeEM0yM/rhyFwCFFtZFI3q8mmNiMDa2hTQA71yPgLwTiDRyTcIxqt0cJ
hJLjI5RS7pM=
=Iler
- -----END PGP SIGNATURE-----

- ----------------------------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel security, bug fix, and enhancement update
Advisory ID:       RHSA-2021:3548-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:3548
Issue date:        2021-09-15
CVE Names:         CVE-2021-3653 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: SVM nested virtualization issue in KVM (AVIC support)
(CVE-2021-3653)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* RHEL8.4 Nightly[0308] - HST:STC950:Fleetwood: LPAR crashed during LPM:
BUG at lib/locks.c:34!  (using ibmvfc) (BZ#1969792)

* RHEL8.2 - s390/vtime: fix increased steal time accounting (BZ#1988386)

* [FJ8.4 Bug]: Installation of RHEL8.4 hang up on a Tatlow platform while
loading intel_lpss_pci module. (BZ#1989560)

* kernel panic in drm_fb_helper_dirty_work() caused by a race condition qxl
driver (BZ#1992839)

* [RHEL8.4] TIOCGSERIAL ioctl fails on serial device (BZ#1993872)

* RHEL8.4 Nightly[0208] - kernel panic when executing test case for
persistent device configuration (using DASD) (BZ#1995206)

* Killing ceph daemon leaving an unhealthy ocs/ocp cluster (worker node/s
NotReady) (BZ#1995862)

* ceph: potential data corruption in cephfs write_begin codepath
(BZ#1996680)

* libceph: allow addrvecs with a single NONE/blank address (BZ#1996682)

* [iavf] traffic stops after host sets vf trust on (BZ#1997536)

* [ice][iavf] hit some call trace and system panic when create-remove-vfs
in loop (BZ#1997538)

* Missing backport of IMA boot aggregate calculation in rhel 8.4 kernel
(BZ#1997766)

* XArray tests broken for single processor (BZ#1997997)

* [RHEL-8.4] mlock() end up returning -EINVAL instead of -ENOMEM in
rewriting the upper address bits. (BZ#1997998)

* Kernel panic at n_tty_set_termios+0x30 (BZ#1997999)

* [ice]BUG: scheduling while atomic: ifenslave/270215/0x00000200
(BZ#2000129)

* [ice]port lost connectivity after removing from bonding (BZ#2000130)

Enhancement(s):

* [Mellanox 8.5 FEAT] mlx5: drivers update upto Linux v5.12 (BZ#1983681)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1983686 - CVE-2021-3653 kernel: SVM nested virtualization issue in KVM (AVIC support)

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
kernel-4.18.0-305.19.1.el8_4.src.rpm

aarch64:
bpftool-4.18.0-305.19.1.el8_4.aarch64.rpm
bpftool-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-core-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-cross-headers-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debug-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debug-core-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debug-devel-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debug-modules-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debug-modules-extra-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-devel-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-headers-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-modules-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-modules-extra-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-tools-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-tools-libs-4.18.0-305.19.1.el8_4.aarch64.rpm
perf-4.18.0-305.19.1.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
python3-perf-4.18.0-305.19.1.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm

noarch:
kernel-abi-stablelists-4.18.0-305.19.1.el8_4.noarch.rpm
kernel-doc-4.18.0-305.19.1.el8_4.noarch.rpm

ppc64le:
bpftool-4.18.0-305.19.1.el8_4.ppc64le.rpm
bpftool-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-core-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-cross-headers-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debug-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debug-core-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debug-devel-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debug-modules-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-devel-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-headers-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-modules-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-modules-extra-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-tools-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-tools-libs-4.18.0-305.19.1.el8_4.ppc64le.rpm
perf-4.18.0-305.19.1.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
python3-perf-4.18.0-305.19.1.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm

s390x:
bpftool-4.18.0-305.19.1.el8_4.s390x.rpm
bpftool-debuginfo-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-core-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-cross-headers-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-debug-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-debug-core-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-debug-debuginfo-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-debug-devel-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-debug-modules-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-debug-modules-extra-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-debuginfo-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-devel-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-headers-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-modules-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-modules-extra-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-tools-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-tools-debuginfo-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-zfcpdump-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-zfcpdump-core-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-zfcpdump-devel-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-4.18.0-305.19.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-305.19.1.el8_4.s390x.rpm
perf-4.18.0-305.19.1.el8_4.s390x.rpm
perf-debuginfo-4.18.0-305.19.1.el8_4.s390x.rpm
python3-perf-4.18.0-305.19.1.el8_4.s390x.rpm
python3-perf-debuginfo-4.18.0-305.19.1.el8_4.s390x.rpm

x86_64:
bpftool-4.18.0-305.19.1.el8_4.x86_64.rpm
bpftool-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-core-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-cross-headers-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debug-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debug-core-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debug-devel-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debug-modules-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debug-modules-extra-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-devel-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-headers-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-modules-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-modules-extra-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-tools-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-tools-libs-4.18.0-305.19.1.el8_4.x86_64.rpm
perf-4.18.0-305.19.1.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
python3-perf-4.18.0-305.19.1.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
bpftool-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
kernel-tools-libs-devel-4.18.0-305.19.1.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.19.1.el8_4.aarch64.rpm

ppc64le:
bpftool-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-305.19.1.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.19.1.el8_4.ppc64le.rpm

x86_64:
bpftool-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
kernel-tools-libs-devel-4.18.0-305.19.1.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.19.1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-3653
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYUHJ/9zjgjWX9erEAQih8g/+PD9su3mLvVVbko0YNKfM40rPnwPtLxMd
JmhPTppUyJlCeggWU/P9ko27xxol5mDI7Kb1WbgcefZEz/DWjMMUVjHHz5Gz01lE
RdJYjxP9luhxOYazqgF5TFTpqrhmKGapETDKTnXp8HCce4WsvPtmCK2BWo/36LkO
8depyh3Ji3EM6xQL1sZqcJkZxIBp9S5jUg6/gkdy9iwGCPdEmGPXttMNZ5zt2rwi
YFQ3IIFIVE+Z5vX8JecQ68yFOAj11rzPnLIJT1XeWDQJHT8uQCdpJRSLP18jsb81
Qwss7kqVXgJWPvkDIfj9olsY7ad5mdN0hJiBJSD7FP3t8mrnta1YhgqRml72gyEj
SGoM2MH5uE6+FoZRjlpBeDL9l3GoWQhIZlNg5iVqanCn+P8kIyRFH4p9Dq+lN2wY
pjLUhXC+CRAgGgeIiX8oEVR7HyX/2YiusN2jaFSvG8Eo9swzo0xAjl1DhYZLXSUs
dRuhzEqn0hC2CNL9Gx0bANcHgozZc+Ae4iIyID8YsFPW0mlF7E2gS2Hmpy+xwrMC
fuusZdv55yUek0g+4m0wsHjA7pG14kGKOukIBEPcsLKwgoAlQ/kNjaUPCBNUNdyq
YCsdZ6pLAIMdfZHfJFFrF//KuWS1hQaKG/9oM1fCuWUtq5qd8ARgaBsWk9rU09Tm
c4zD9h2paAo=
=qfyV
- -----END PGP SIGNATURE----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYUJ9AeNLKJtyKPYoAQiZdBAAhgKqAwjO4Qpe/NsPkIe41yHp11V7oRNp
JzpyLmzMvRQc9HFghkjN8daDWLZmfQK/AW97/8Q3SI7i/jKri4PqNMc+6Nsg2elG
qLPSOkiK8aOIuQtoitkMLtI8qFA21+Ibsc9AqX7jeNCRb3kWPsRYKvT38hpNGFBk
j26wirIZTvNVOIG9gFe5MlTzmENi7ouyQNgN32RCIIDs7z5uaqKAhi/ajzkyqRbk
VPQEYsWk2ewbJ0tSqxE2lIOlYlstd/VnRuyRE/AsOzDs++dxW9WPKneGXyyYSHg6
8Ps4ojUspHY64hoCcaVsv0GK0AuaV//XOe6USj4HMnKlAkNblM3/qry7kgh/hOYg
TJhJG6FPFNXZTWM36PgJyK9S7601RgtUuk7k8f271PXwaSkm2xOcbKWb8N3McYzI
BKbPQSF4C/HVz9P11uNuIrQ11eKuIa6BtfmtQrF/b/HHuSLHLAQgADs+5i4nJqro
+Jts5hRPb7t2izsF2TYrnt7/QU7EUO5e0kxoOfqBTZqtwNJs8j9VWYQXT5PeA3AM
4bTx5uL9TOXSRbihgKReW/7U59Lf8S3PIuR6KrCZ0jwK3LmfiiV6uGvQPFPfvVgh
OYQL7wcmz5gvbeU+7BfGZOWxcdmkomzfvN8PwEwXtOb4LuMJN3SgdKtDcm1beB00
fR70ugzp5Cg=
=88iL
-----END PGP SIGNATURE-----