Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.1242
kernel security and bug fix update
1 March 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2023-0179 CVE-2022-4379 CVE-2022-4378
CVE-2022-3564 CVE-2022-2873
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0951
Comment: CVSS (Max): 7.8 CVE-2023-0179 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2023:0951-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0951
Issue date: 2023-02-28
CVE Names: CVE-2022-2873 CVE-2022-3564 CVE-2022-4378
CVE-2022-4379 CVE-2023-0179
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: use-after-free caused by l2cap_reassemble_sdu() in
net/bluetooth/l2cap_core.c (CVE-2022-3564)
* kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
(CVE-2022-4378)
* kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading
to remote Denial of Service attack (CVE-2022-4379)
* kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan
(CVE-2023-0179)
* kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* RHEL 9.0: LTP Test failure and crash at fork14 on Sapphire Rapids
Platinum 8280+ (BZ#2133083)
* RHEL 9.1 Extending NMI watchdog's timer during LPM (BZ#2140085)
* AMDSERVER 9.1: amdpstate driver incorrectly designed to load as default
for Genoa (BZ#2151274)
* qla2xxx NVMe-FC: WARNING: CPU: 0 PID: 124072 at
drivers/scsi/qla2xxx/qla_init.c:70 qla2xxx_rel_done_warning+0x25/0x30
[qla2xxx] (BZ#2152178)
* Regression: Kernel panic on Lenovo T480 with AH40 USB-C docking station
(BZ#2153277)
* Scheduler Update (rhel9.2) (BZ#2153792)
* RHEL9.1, Nx_Gzip: nr_total_credits is not decremented when processing
units are reduced by dlpar in shared mode. (FW1030 / DLPAR) (BZ#2154305)
* MSFT, MANA, NET Patch RHEL-9: Fix race on per-CQ variable napi_iperf
panic fix (BZ#2155145)
* Azure vPCI RHEL-9 add the support of multi-MSI (BZ#2155459)
* Azure RHEL-9: VM Deployment Failures Patch Request (BZ#2155930)
* The 'date' command shows wrong time in nested KVM s390x guest
(BZ#2158815)
* RHEL-9.2: Update NVMe driver to sync with upstream v6.0 (BZ#2161344)
* CEE cephfs: RHEL9 cephfs client crashing with RIP:
0010:netfs_rreq_unlock+0xef/0x380 [netfs] (BZ#2161418)
* block layer: update with upstream v6.0 (BZ#2162535)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
2119048 - CVE-2022-2873 kernel: an out-of-bounds vulnerability in i2c-ismt driver
2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c
2152548 - CVE-2022-4378 kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
2152807 - CVE-2022-4379 kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack
2161713 - CVE-2023-0179 kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan
6. Package List:
Red Hat Enterprise Linux AppStream (v. 9):
aarch64:
bpftool-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-devel-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-devel-matched-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-devel-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-devel-matched-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-headers-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
perf-5.14.0-162.18.1.el9_1.aarch64.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
noarch:
kernel-doc-5.14.0-162.18.1.el9_1.noarch.rpm
ppc64le:
bpftool-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-devel-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-devel-matched-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-devel-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-devel-matched-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-headers-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
perf-5.14.0-162.18.1.el9_1.ppc64le.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
s390x:
bpftool-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-devel-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-devel-matched-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-devel-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-devel-matched-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-headers-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-devel-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-devel-matched-5.14.0-162.18.1.el9_1.s390x.rpm
perf-5.14.0-162.18.1.el9_1.s390x.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
x86_64:
bpftool-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-devel-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-devel-matched-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-devel-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-devel-matched-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-headers-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
perf-5.14.0-162.18.1.el9_1.x86_64.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 9):
Source:
kernel-5.14.0-162.18.1.el9_1.src.rpm
aarch64:
bpftool-5.14.0-162.18.1.el9_1.aarch64.rpm
bpftool-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-core-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-core-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-modules-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-modules-extra-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-modules-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-modules-extra-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-tools-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-tools-libs-5.14.0-162.18.1.el9_1.aarch64.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
python3-perf-5.14.0-162.18.1.el9_1.aarch64.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
noarch:
kernel-abi-stablelists-5.14.0-162.18.1.el9_1.noarch.rpm
ppc64le:
bpftool-5.14.0-162.18.1.el9_1.ppc64le.rpm
bpftool-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-core-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-core-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-modules-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-modules-extra-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-modules-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-modules-extra-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-tools-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-tools-libs-5.14.0-162.18.1.el9_1.ppc64le.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
python3-perf-5.14.0-162.18.1.el9_1.ppc64le.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
s390x:
bpftool-5.14.0-162.18.1.el9_1.s390x.rpm
bpftool-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-core-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-core-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-modules-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-modules-extra-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-modules-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-modules-extra-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-tools-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-core-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-modules-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-modules-extra-5.14.0-162.18.1.el9_1.s390x.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
python3-perf-5.14.0-162.18.1.el9_1.s390x.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
x86_64:
bpftool-5.14.0-162.18.1.el9_1.x86_64.rpm
bpftool-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-core-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-core-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-modules-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-modules-extra-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-modules-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-modules-extra-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-tools-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-tools-libs-5.14.0-162.18.1.el9_1.x86_64.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
python3-perf-5.14.0-162.18.1.el9_1.x86_64.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 9):
aarch64:
bpftool-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-cross-headers-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
kernel-tools-libs-devel-5.14.0-162.18.1.el9_1.aarch64.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.aarch64.rpm
ppc64le:
bpftool-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-cross-headers-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
kernel-tools-libs-devel-5.14.0-162.18.1.el9_1.ppc64le.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.ppc64le.rpm
s390x:
bpftool-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-cross-headers-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.s390x.rpm
x86_64:
bpftool-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-cross-headers-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debug-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-tools-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
kernel-tools-libs-devel-5.14.0-162.18.1.el9_1.x86_64.rpm
perf-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
python3-perf-debuginfo-5.14.0-162.18.1.el9_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-2873
https://access.redhat.com/security/cve/CVE-2022-3564
https://access.redhat.com/security/cve/CVE-2022-4378
https://access.redhat.com/security/cve/CVE-2022-4379
https://access.redhat.com/security/cve/CVE-2023-0179
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY/3zjNzjgjWX9erEAQh8NQ//YdkzAFd97MkmSBYf8BTaS+RCmd6pbjTC
l3Dowo0KJ2uNDPmQrFddKjD+amnB+M33ZCHVFCDkSluQeHEtdkJATL43wKn9RYfh
Kadvf+C+9Y78QifHEuPy8S+OtR5cOWMMWdMikBMY5/aWyvzHc0tHW9ZPHMmqjrwV
2EtKjMxTNCjjwuTJOLdmHmXhrQl5GBdJXMBqhQ2ZMaKfEmyp6m0Y6LEK5krbZler
+FLntZhNBNQByA3NN1oApuBDl0WYpyEuu2YYlqYNe7vTeVlJjqFf5WBbYlCEEoR4
xTganl8gFJnyGpDLqzdwnMo+qb5/9r+yLO7Mu071pQW4+IvHYxptDrgG51mCxgm+
GGQ2QYJlMevdcQGYTLhxa5sUng/0Yz8NUNWjq1XQMn15ODe2O0mBsnmoRqFW+8oR
g3ingHi9QV7doVdZdM9y+QAcHJFp16sdIhphrUF7RNUNNH8lESa/gQnRDCaTf7j7
rMQcxDotyOVxCaeprCB0yTNEhEfhy6f2pl/wCE+O7DRTaqxCmJjBlY+sFEjcZYuq
C30y/3pXVAbpiQXO2IEsT+mb8n1be7Z6C/xPoGhl0Xydtl8BMiRMau9R+GY6WwBo
NbsZi3nhHU7iqzOgXkp9dE+hqeSoSldgpocehYbPbUV3KwAuN4bCE/vHtKy0Mk+M
aCkx19tCHl0=
=bRZh
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY/6O08kNZI30y1K9AQg+Sg/6ApgyytAjyOajVC1N12CU1Di+PXbwD0g7
yFwRXDJdBhwiMYUbXEyECqzfTQGs030JAwUNTnTBDLO15asGDUuFpPHUnYQ+QMPJ
ErS7j3h9DSkdWboTvdDrMAOza9ihJ8HKllAn6goSR1KrqdW9/HPyYDDVMV8ZiC9P
uzs6pKOw77/Zp0x6Yi6H4g6B7hBEP2Qijt6bW7boUL9rgi11rkcKWW9r5TWiW9pE
0ZdqWYrsDbCrgzwglFKdsozsqA5wkwehZAAjgXl/AfhvQHaIoS98xf5UQwDSnfQ4
oNkexXTiqssWh2IZzS4IiFK3MbjeHOwfeVvB8Vbzvv6IelJU6/A+nKXGz5iLPAWb
xsR4tFPZLYN9baC1FJtndTudfV+FQrgMHvUdRfrM5ZqO+vrSHFvPb6QYmNQ44yhQ
WH/akviiAdL48eROcKlHLs2HNbUbjfNnDQdQuw7vB10zLgctIUsFp7bBB9XXIVgw
wqTnvAww1SE0cGAu+5VkMCY5JeDcCpzq3D7E2zS/JYcE0Zhst/LYKnCn52cyoUGq
Nj9jgOPmt5Yf87jma8Q0cqcePcOZz8Qq9R3sF+KUVOuPoZ4kAq/QAg/kUteqpDQl
F6ePQOL2r3UXwWjYjOmEGpJ0MX3wapDlJ4iCzZghkJdmENuAZP6Ox6NtleCnUgG4
mByFNra46Bg=
=yj51
-----END PGP SIGNATURE-----