RedHat: RHSA-2019-3673:01 Low: lldpad security and bug fix update

    Date05 Nov 2019
    CategoryRed Hat
    44
    Posted ByLinuxSecurity Advisories
    An update for lldpad is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Low: lldpad security and bug fix update
    Advisory ID:       RHSA-2019:3673-01
    Product:           Red Hat Enterprise Linux
    Advisory URL:      https://access.redhat.com/errata/RHSA-2019:3673
    Issue date:        2019-11-05
    CVE Names:         CVE-2018-10932 
    =====================================================================
    
    1. Summary:
    
    An update for lldpad is now available for Red Hat Enterprise Linux 8.
    
    Red Hat Product Security has rated this update as having a security impact
    of Low. A Common Vulnerability Scoring System (CVSS) base score, which
    gives a detailed severity rating, is available for each vulnerability from
    the CVE link(s) in the References section.
    
    2. Relevant releases/architectures:
    
    Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
    
    3. Description:
    
    The lldpad packages provide the Linux user space daemon and configuration
    tool for Intel's Link Layer Discovery Protocol (LLDP) Agent with Enhanced
    Ethernet support.
    
    Security Fix(es):
    
    * lldptool: improper sanitization of shell-escape codes (CVE-2018-10932)
    
    For more details about the security issue(s), including the impact, a CVSS
    score, acknowledgments, and other related information, refer to the CVE
    page(s) listed in the References section.
    
    Additional Changes:
    
    For detailed information on changes in this release, see the Red Hat
    Enterprise Linux 8.1 Release Notes linked from the References section.
    
    4. Solution:
    
    For details on how to apply this update, which includes the changes
    described in this advisory, refer to:
    
    https://access.redhat.com/articles/11258
    
    5. Bugs fixed (https://bugzilla.redhat.com/):
    
    1614896 - CVE-2018-10932 lldptool: improper sanitization of shell-escape codes
    1727326 - lldpad memory usage increases over time
    
    6. Package List:
    
    Red Hat Enterprise Linux BaseOS (v. 8):
    
    Source:
    lldpad-1.0.1-13.git036e314.el8.src.rpm
    
    aarch64:
    lldpad-1.0.1-13.git036e314.el8.aarch64.rpm
    lldpad-debuginfo-1.0.1-13.git036e314.el8.aarch64.rpm
    lldpad-debugsource-1.0.1-13.git036e314.el8.aarch64.rpm
    
    ppc64le:
    lldpad-1.0.1-13.git036e314.el8.ppc64le.rpm
    lldpad-debuginfo-1.0.1-13.git036e314.el8.ppc64le.rpm
    lldpad-debugsource-1.0.1-13.git036e314.el8.ppc64le.rpm
    
    s390x:
    lldpad-1.0.1-13.git036e314.el8.s390x.rpm
    lldpad-debuginfo-1.0.1-13.git036e314.el8.s390x.rpm
    lldpad-debugsource-1.0.1-13.git036e314.el8.s390x.rpm
    
    x86_64:
    lldpad-1.0.1-13.git036e314.el8.i686.rpm
    lldpad-1.0.1-13.git036e314.el8.x86_64.rpm
    lldpad-debuginfo-1.0.1-13.git036e314.el8.i686.rpm
    lldpad-debuginfo-1.0.1-13.git036e314.el8.x86_64.rpm
    lldpad-debugsource-1.0.1-13.git036e314.el8.i686.rpm
    lldpad-debugsource-1.0.1-13.git036e314.el8.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and
    details on how to verify the signature are available from
    https://access.redhat.com/security/team/key/
    
    7. References:
    
    https://access.redhat.com/security/cve/CVE-2018-10932
    https://access.redhat.com/security/updates/classification/#low
    https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
    
    8. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2019 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1
    
    iQIVAwUBXcHqL9zjgjWX9erEAQg8uxAAp1sXX7k616voF4T1ESaLw/2xgwVpXcFA
    rssf0zsmwNH4Ckt/ehyTMTyeE2b0pEZajfQDLfP5u6Baz6YHJr3/gnDG8/ffHJZ5
    alvJGBoWPTtgVvcmC/T8++eUyMQ9KmpG1SX6sUiIvTbxNVGAe8eYEWmEv3cOVNo9
    fClotoOCiOc+T18xqHfBiUybFuqYYnApzb/UH5R0LEY5hND76PKaijrnNhw+vLe8
    KOnfFu3h79IAfAFbSfj62LTKLNnScHtzNB5N0dlmt/UzyTX0yRZLD4ISqq4j6a7H
    svOTOb7w2PefY+pIN/nwooR2rcD9w98N7KmH2q+8euzE2x9BeuoEgBLe7hH40dSo
    P8siGfzIGhnw1xNdF/8VgUlow0HFRfNXycxVYtTJCwcPczrUFJr0NeaQ9ATwdToI
    N14/JjJ/dpLGoTboUAub2Nhgx3Y4PJEKqnNHfA0hC/0YJ6VHHtbXAmKFiHmZGiNz
    LwAUMQYQ4BcOU0eIy1y55rDy4drAmf1QI+QXq7A0Ax8e8uCxAVcjkoeYbS1ecl1V
    fbC9wtM5Ev/OMWt1nEJfsScDeqIUZKpOYk2nYPVB2EoDzyzlPKJKiv8T1Eu9brY3
    WcffJxHFd2JhPvrxEj9YfCZK4Zk7UEN0swQMEURknKgbSEyaU79mnU6Qlk8DNSJ4
    KxLsAQumMR8=
    =tsSa
    -----END PGP SIGNATURE-----
    
    --
    RHSA-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/rhsa-announce
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"66","type":"x","order":"1","pct":57.39,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.04,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.57,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.