Stay Secure with the Latest Linux Advisories

security advisorysecurity issuecritical

Fedora 30: 2019-af0cd1b8f7 Critical: Openwsman Buffer Disclosure and DoS

Security fixes for CVE-2019-3816 and CVE-2019-3833. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-af0cd1b8f7 2019-03-29 19:07:28.732307 --------------------------------------------------------------------------------Name : openwsman Product : Fedora 30 Version : 2.6.8 Release : 5.fc30 URL : Summary : Open source Implementation of WS-Management Description : Openwsman is a project intended to provide an open-source implementation of the Web Services Management specification (WS-Management) and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that exposes a set of operations focused on and covers all system management aspects. --------------------------------------------------------------------------------Update Information: Security fixes for CVE-2019-3816 and CVE-2019-3833 --------------------------------------------------------------------------------References: [ 1 ] Bug #1667070 - CVE-2019-3816 openwsman: Disclosure of arbitrary files outside of the registered URIs https://bugzilla.redhat.com/show_bug.cgi?id=1667070 [ 2 ] Bug #1674478 - CVE-2019-3833 openwsman: Infinite loop in process_connection() allows denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1674478 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-af0cd1b8f7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Critical openwsman update for Fedora 30 to address file disclosure and DoS issues. See advisory details.. Openwsman Security Update,Fedora Patch,Security Guidance. . Severity: Critical. LinuxSecurity.com Team

Mar 29, 2019 •Critical Fedora