Synopsis:          Important: yum-utils security update
Advisory ID:       SLSA-2018:2285-1
Issue Date:        2018-07-30
CVE Numbers:       CVE-2018-10897
--

Security Fix(es):

* yum-utils: reposync: improper path validation may lead to directory
traversal (CVE-2018-10897)
--

SL7
  noarch
    yum-plugin-aliases-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-changelog-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-ovl-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-tmprepo-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-verify-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-versionlock-1.1.31-46.el7_5.noarch.rpm
    yum-utils-1.1.31-46.el7_5.noarch.rpm
    yum-NetworkManager-dispatcher-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-auto-update-debug-info-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-copr-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-fastestmirror-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-filter-data-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-fs-snapshot-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-keys-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-list-data-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-local-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-merge-conf-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-post-transaction-actions-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-pre-transaction-actions-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-priorities-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-protectbase-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-ps-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-remove-with-leaves-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-rpm-warm-cache-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-show-leaves-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-tsflags-1.1.31-46.el7_5.noarch.rpm
    yum-plugin-upgrade-helper-1.1.31-46.el7_5.noarch.rpm
    yum-updateonboot-1.1.31-46.el7_5.noarch.rpm
    yum-utils-1.1.31-46.el7_5.src.rpm

- Scientific Linux Development Team

SciLinux: SLSA-2018-2285-1 Important: yum-utils on SL7.x (noarch)

yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) SL7 noarch yum-plugin-aliases-1.1.31-46.el7_5.noarch.rpm yum-plugin-changelog-1.1.31-...

Summary

Important: yum-utils security update



Security Fixes

* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)
SL7 noarch yum-plugin-aliases-1.1.31-46.el7_5.noarch.rpm yum-plugin-changelog-1.1.31-46.el7_5.noarch.rpm yum-plugin-ovl-1.1.31-46.el7_5.noarch.rpm yum-plugin-tmprepo-1.1.31-46.el7_5.noarch.rpm yum-plugin-verify-1.1.31-46.el7_5.noarch.rpm yum-plugin-versionlock-1.1.31-46.el7_5.noarch.rpm yum-utils-1.1.31-46.el7_5.noarch.rpm yum-NetworkManager-dispatcher-1.1.31-46.el7_5.noarch.rpm yum-plugin-auto-update-debug-info-1.1.31-46.el7_5.noarch.rpm yum-plugin-copr-1.1.31-46.el7_5.noarch.rpm yum-plugin-fastestmirror-1.1.31-46.el7_5.noarch.rpm yum-plugin-filter-data-1.1.31-46.el7_5.noarch.rpm yum-plugin-fs-snapshot-1.1.31-46.el7_5.noarch.rpm yum-plugin-keys-1.1.31-46.el7_5.noarch.rpm yum-plugin-list-data-1.1.31-46.el7_5.noarch.rpm yum-plugin-local-1.1.31-46.el7_5.noarch.rpm yum-plugin-merge-conf-1.1.31-46.el7_5.noarch.rpm yum-plugin-post-transaction-actions-1.1.31-46.el7_5.noarch.rpm yum-plugin-pre-transaction-actions-1.1.31-46.el7_5.noarch.rpm yum-plugin-priorities-1.1.31-46.el7_5.noarch.rpm yum-plugin-protectbase-1.1.31-46.el7_5.noarch.rpm yum-plugin-ps-1.1.31-46.el7_5.noarch.rpm yum-plugin-remove-with-leaves-1.1.31-46.el7_5.noarch.rpm yum-plugin-rpm-warm-cache-1.1.31-46.el7_5.noarch.rpm yum-plugin-show-leaves-1.1.31-46.el7_5.noarch.rpm yum-plugin-tsflags-1.1.31-46.el7_5.noarch.rpm yum-plugin-upgrade-helper-1.1.31-46.el7_5.noarch.rpm yum-updateonboot-1.1.31-46.el7_5.noarch.rpm yum-utils-1.1.31-46.el7_5.src.rpm
- Scientific Linux Development Team

Severity
Advisory ID: SLSA-2018:2285-1
Issued Date: : 2018-07-30
CVE Numbers: CVE-2018-10897

Related News