Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorypatch releaseoracle

Oracle7: ELSA-2024-3760 Important IPA Security Updates for Aarch64

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-3760 http://linux.oracle.com/errata/ELSA-2024-3760.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: ipa-client-4.6.8-5.0.1.el7_9.17.aarch64.rpm ipa-client-common-4.6.8-5.0.1.el7_9.17.noarch.rpm ipa-common-4.6.8-5.0.1.el7_9.17.noarch.rpm ipa-python-compat-4.6.8-5.0.1.el7_9.17.noarch.rpm ipa-server-4.6.8-5.0.1.el7_9.17.aarch64.rpm ipa-server-common-4.6.8-5.0.1.el7_9.17.noarch.rpm ipa-server-dns-4.6.8-5.0.1.el7_9.17.noarch.rpm ipa-server-trust-ad-4.6.8-5.0.1.el7_9.17.aarch64.rpm python2-ipaclient-4.6.8-5.0.1.el7_9.17.noarch.rpm python2-ipalib-4.6.8-5.0.1.el7_9.17.noarch.rpm python2-ipaserver-4.6.8-5.0.1.el7_9.17.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//ipa-4.6.8-5.0.1.el7_9.17.src.rpm Related CVEs: CVE-2024-3183 Description of changes: [4.6.8-5.0.1.el7_9.17] - Blank out header-logo.png product-name.png - Replace login-screen-logo.png [Orabug: 20362818] [4.6.8-5.el7_9.17] - Resolves: RHEL-29926 ipa: user can obtain a hash of the passwords of all domain users and perform offline brute force _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . The recent Oracle Linux Advisory ELSA-2024-3760 outlines critical updates and security enhancements pertaining to the ipa client specifically designed for the aarch64 architecture.. Oracle Linux Updates, IPA Security, Aarch64 Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 11, 2024 Important Oracle
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatered hat

RHEL 7 RHSA-2021:0860-01 Moderate ipa Security Update Released

An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ipa security and bug fix update Advisory ID: RHSA-2021:0860-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0860 Issue date: 2021-03-16 CVE Names: CVE-2020-11023 ==================================================================== 1. Summary: An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other relatedinformation, refer to the CVE page(s) listed in the References section. Bug Fix(es): * cannot issue certs with multiple IP addresses corresponding to different hosts (BZ#1846349) * CA-less install does not set required permissions on KDC certificate (BZ#1863619) * IdM Web UI shows users as disabled (BZ#1884819) * Authentication and login times are over several seconds due to unindexed ipaExternalMember (BZ#1892793) * improve IPA PKI susbsystem detection by other means than a directory presence, use pki-server subsystem-find (BZ#1895197) * IPA WebUI inaccessible after upgrading to RHEL 8.3 - idoverride-memberof.js missing (BZ#1897253) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1846349 - cannot issue certs with multiple IP addresses corresponding to different hosts [rhel-7.9.z] 1850004 - CVE-2020-11023 jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution 1863619 - CA-less install does not set required permissions on KDC certificate [rhel-7.9.z] 1884819 - IdM Web UI shows users as disabled [rhel-7.9.z] 1892793 - Authentication and login times are over several seconds due to unindexed ipaExternalMember [rhel-7.9.z] 1895197 - improve IPA PKI susbsystem detection by other means than a directory presence, use pki-server subsystem-find [rhel-7.9.z] 1897253 - IPA WebUI inaccessible after upgrading to RHEL 8.3 - idoverride-memberof.js missing [rhel-7.9.z] 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: ipa-4.6.8-5.el7_9.4.src.rpm noarch: ipa-client-common-4.6.8-5.el7_9.4.noarch.rpm ipa-common-4.6.8-5.el7_9.4.noarch.rpm ipa-python-compat-4.6.8-5.el7_9.4.noarch.rpm python2-ipaclient-4.6.8-5.el7_9.4.noarch.rpm python2-ipalib-4.6.8-5.el7_9.4.noarch.rpm x86_64: ipa-client-4.6.8-5.el7_9.4.x86_64.rpm ipa-debuginfo-4.6.8-5.el7_9.4.x86_64.rpm Red Hat Enterprise Linux Client Optional(v. 7): noarch: ipa-server-common-4.6.8-5.el7_9.4.noarch.rpm ipa-server-dns-4.6.8-5.el7_9.4.noarch.rpm python2-ipaserver-4.6.8-5.el7_9.4.noarch.rpm x86_64: ipa-debuginfo-4.6.8-5.el7_9.4.x86_64.rpm ipa-server-4.6.8-5.el7_9.4.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7_9.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: ipa-4.6.8-5.el7_9.4.src.rpm noarch: ipa-client-common-4.6.8-5.el7_9.4.noarch.rpm ipa-common-4.6.8-5.el7_9.4.noarch.rpm ipa-python-compat-4.6.8-5.el7_9.4.noarch.rpm python2-ipaclient-4.6.8-5.el7_9.4.noarch.rpm python2-ipalib-4.6.8-5.el7_9.4.noarch.rpm x86_64: ipa-client-4.6.8-5.el7_9.4.x86_64.rpm ipa-debuginfo-4.6.8-5.el7_9.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: ipa-server-common-4.6.8-5.el7_9.4.noarch.rpm ipa-server-dns-4.6.8-5.el7_9.4.noarch.rpm python2-ipaserver-4.6.8-5.el7_9.4.noarch.rpm x86_64: ipa-debuginfo-4.6.8-5.el7_9.4.x86_64.rpm ipa-server-4.6.8-5.el7_9.4.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7_9.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ipa-4.6.8-5.el7_9.4.src.rpm noarch: ipa-client-common-4.6.8-5.el7_9.4.noarch.rpm ipa-common-4.6.8-5.el7_9.4.noarch.rpm ipa-python-compat-4.6.8-5.el7_9.4.noarch.rpm ipa-server-common-4.6.8-5.el7_9.4.noarch.rpm ipa-server-dns-4.6.8-5.el7_9.4.noarch.rpm python2-ipaclient-4.6.8-5.el7_9.4.noarch.rpm python2-ipalib-4.6.8-5.el7_9.4.noarch.rpm python2-ipaserver-4.6.8-5.el7_9.4.noarch.rpm ppc64: ipa-client-4.6.8-5.el7_9.4.ppc64.rpm ipa-debuginfo-4.6.8-5.el7_9.4.ppc64.rpm ppc64le: ipa-client-4.6.8-5.el7_9.4.ppc64le.rpm ipa-debuginfo-4.6.8-5.el7_9.4.ppc64le.rpm s390x: ipa-client-4.6.8-5.el7_9.4.s390x.rpm ipa-debuginfo-4.6.8-5.el7_9.4.s390x.rpm x86_64: ipa-client-4.6.8-5.el7_9.4.x86_64.rpm ipa-debuginfo-4.6.8-5.el7_9.4.x86_64.rpm ipa-server-4.6.8-5.el7_9.4.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7_9.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v.7): Source: ipa-4.6.8-5.el7_9.4.src.rpm noarch: ipa-client-common-4.6.8-5.el7_9.4.noarch.rpm ipa-common-4.6.8-5.el7_9.4.noarch.rpm ipa-python-compat-4.6.8-5.el7_9.4.noarch.rpm ipa-server-common-4.6.8-5.el7_9.4.noarch.rpm ipa-server-dns-4.6.8-5.el7_9.4.noarch.rpm python2-ipaclient-4.6.8-5.el7_9.4.noarch.rpm python2-ipalib-4.6.8-5.el7_9.4.noarch.rpm python2-ipaserver-4.6.8-5.el7_9.4.noarch.rpm x86_64: ipa-client-4.6.8-5.el7_9.4.x86_64.rpm ipa-debuginfo-4.6.8-5.el7_9.4.x86_64.rpm ipa-server-4.6.8-5.el7_9.4.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7_9.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-11023 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFC6JdzjgjWX9erEAQguig//U+38Q6eekeznD9bDWYCtQ7nTg6gTMdoV pqEJWG2ofA+cf/o6MJikxllqoaClLe1nx9DwrlvJ2M3jMVQS3QgXU77rUvLFjUEU aWyvLkWFUcI99qllFnI+2R3Bb8tNdwIB8pt0wDv4eTRVSd30xJLiiKObbCs24Lp6 kKnaxcUqHZ8v9EfRQjvD2wJlvEEOxmmR0x39BLK0N7WNOJhX25kuvE0m5S84YWur G+7Nld1zkwf0fThjIfKtncuNdWDohCs7LZP+x8rxXCV4IOOJZiIF9HlxA7TjniTO cKZmNCC1xtOis9qAA5A1rRKz7pPqi0ds+jXD15kGdVDXr86zJlOCXmpjKFWCD65z 9IaUAvC1QdiRnHmZ4sAvuV37TAEf6twiFj+mJWMthhqAqEXundeudPPhX/lhC9nh OpjSMnl9mwEKsWfhX8Z1No7mFtoiL8T8YyjpvCyKNSLBFb/8H3m2QRbwpdZ5BMdj NRMYKRDgK1PYhuZLx6Vgnegb+Iebg+lPLQbf1nX3j86S0z8IalhGXJ5wz3B82tX+ Ky5dvOU6/BJMuzRnQhaOtwXIsVxjhb2vJzn47IpDYLw7R1aVBLwBNlFhinHASWgt ev9CRgxNC0KBOURg/mZVXrEVRehWRo+zpnFgfTUeB+Rc7phNfRRTdJT6t6tvGNnd JqzhgwfKKVI=fySb -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . Critical patch released for Ubuntu 20.04 to mitigate vulnerabilities in user permissionsand enhance system integrity.. ipa Update, Linux Security Advisory, Red Hat Enterprise Linux, Bug Fixes, Security Fix. . LinuxSecurity.com Team

Calendar 2 Mar 16, 2021 Red Hat
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Enterprise Linuxmoderate impact

RHEL 7 RHSA-2017:0388-01 Addressing Moderate ipa Security Vulnerabilities

An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ipa security and bug fix update Advisory ID: RHSA-2017:0388-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0388.html Issue date: 2017-03-02 CVE Names: CVE-2017-2590 ==================================================================== 1. Summary: An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * It was found that IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAscausing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys. (CVE-2017-2590) This issue was discovered by Fraser Tweedale (Red Hat). Bug Fix(es): * Previously, during an Identity Management (IdM) replica installation that runs on domain level "1" or higher, Directory Server was not configured to use TLS encryption. As a consequence, installing a certificate authority (CA) on that replica failed. Directory Server is now configured to use TLS encryption during the replica installation and as a result, the CA installation works as expected. (BZ#1410760) * Previously, the Identity Management (IdM) public key infrastructure (PKI) component was configured to listen on the "::1" IPv6 localhost address. In environments have the the IPv6 protocol disabled, the replica installer was unable to retrieve the Directory Server certificate, and the installation failed. The default listening address of the PKI connector has been updated from the IP address to "localhost". As a result, the PKI connector now listens on the correct addresses in IPv4 and IPv6 environments. (BZ#1416481) * Previously, when installing a certificate authority (CA) on a replica, Identity Management (IdM) was unable to provide third-party CA certificates to the Certificate System CA installer. As a consequence, the installer was unable to connect to the remote master if the remote master used a third-party server certificate, and the installation failed. This updates applies a patch and as a result, installing a CA replica works as expected in the described situation. (BZ#1415158) * When installing a replica, the web server service entry is created on the Identity Management (IdM) master and replicated to all IdM servers. Previously, when installing a replica without a certificate authority (CA), in certain situations the service entry was not replicated to the new replica on time, and the installation failed. The replica installer has been updated and now waits until the web server service entryis replicated. As a result, the replica installation no longer fails in the described situation. (BZ#1416488) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1410760 - ipa-ca-install fails on replica when IPA Master is installed without CA 1413137 - CVE-2017-2590 ipa: Insufficient permission check for ca-del, ca-disable and ca-enable commands 1415158 - ipa-ca-install fails on replica when IPA server is converted from CA-less to CA-full 1416481 - IPA replica install fails with dirsrv errors. 1416488 - replication race condition prevents IPA to install 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: ipa-4.4.0-14.el7_3.6.src.rpm noarch: ipa-client-common-4.4.0-14.el7_3.6.noarch.rpm ipa-common-4.4.0-14.el7_3.6.noarch.rpm ipa-python-compat-4.4.0-14.el7_3.6.noarch.rpm python2-ipaclient-4.4.0-14.el7_3.6.noarch.rpm python2-ipalib-4.4.0-14.el7_3.6.noarch.rpm x86_64: ipa-client-4.4.0-14.el7_3.6.x86_64.rpm ipa-debuginfo-4.4.0-14.el7_3.6.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: ipa-admintools-4.4.0-14.el7_3.6.noarch.rpm ipa-server-common-4.4.0-14.el7_3.6.noarch.rpm ipa-server-dns-4.4.0-14.el7_3.6.noarch.rpm python2-ipaserver-4.4.0-14.el7_3.6.noarch.rpm x86_64: ipa-debuginfo-4.4.0-14.el7_3.6.x86_64.rpm ipa-server-4.4.0-14.el7_3.6.x86_64.rpm ipa-server-trust-ad-4.4.0-14.el7_3.6.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: ipa-4.4.0-14.el7_3.6.src.rpm noarch: ipa-client-common-4.4.0-14.el7_3.6.noarch.rpm ipa-common-4.4.0-14.el7_3.6.noarch.rpm ipa-python-compat-4.4.0-14.el7_3.6.noarch.rpm python2-ipaclient-4.4.0-14.el7_3.6.noarch.rpm python2-ipalib-4.4.0-14.el7_3.6.noarch.rpm x86_64: ipa-client-4.4.0-14.el7_3.6.x86_64.rpm ipa-debuginfo-4.4.0-14.el7_3.6.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): noarch: ipa-admintools-4.4.0-14.el7_3.6.noarch.rpm ipa-server-common-4.4.0-14.el7_3.6.noarch.rpm ipa-server-dns-4.4.0-14.el7_3.6.noarch.rpm python2-ipaserver-4.4.0-14.el7_3.6.noarch.rpm x86_64: ipa-debuginfo-4.4.0-14.el7_3.6.x86_64.rpm ipa-server-4.4.0-14.el7_3.6.x86_64.rpm ipa-server-trust-ad-4.4.0-14.el7_3.6.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ipa-4.4.0-14.el7_3.6.src.rpm aarch64: ipa-client-4.4.0-14.el7_3.6.aarch64.rpm ipa-debuginfo-4.4.0-14.el7_3.6.aarch64.rpm noarch: ipa-admintools-4.4.0-14.el7_3.6.noarch.rpm ipa-client-common-4.4.0-14.el7_3.6.noarch.rpm ipa-common-4.4.0-14.el7_3.6.noarch.rpm ipa-python-compat-4.4.0-14.el7_3.6.noarch.rpm ipa-server-common-4.4.0-14.el7_3.6.noarch.rpm ipa-server-dns-4.4.0-14.el7_3.6.noarch.rpm python2-ipaclient-4.4.0-14.el7_3.6.noarch.rpm python2-ipalib-4.4.0-14.el7_3.6.noarch.rpm python2-ipaserver-4.4.0-14.el7_3.6.noarch.rpm ppc64: ipa-client-4.4.0-14.el7_3.6.ppc64.rpm ipa-debuginfo-4.4.0-14.el7_3.6.ppc64.rpm ppc64le: ipa-client-4.4.0-14.el7_3.6.ppc64le.rpm ipa-debuginfo-4.4.0-14.el7_3.6.ppc64le.rpm s390x: ipa-client-4.4.0-14.el7_3.6.s390x.rpm ipa-debuginfo-4.4.0-14.el7_3.6.s390x.rpm x86_64: ipa-client-4.4.0-14.el7_3.6.x86_64.rpm ipa-debuginfo-4.4.0-14.el7_3.6.x86_64.rpm ipa-server-4.4.0-14.el7_3.6.x86_64.rpm ipa-server-trust-ad-4.4.0-14.el7_3.6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ipa-4.4.0-14.el7_3.6.src.rpm noarch: ipa-admintools-4.4.0-14.el7_3.6.noarch.rpm ipa-client-common-4.4.0-14.el7_3.6.noarch.rpm ipa-common-4.4.0-14.el7_3.6.noarch.rpm ipa-python-compat-4.4.0-14.el7_3.6.noarch.rpm ipa-server-common-4.4.0-14.el7_3.6.noarch.rpm ipa-server-dns-4.4.0-14.el7_3.6.noarch.rpm python2-ipaclient-4.4.0-14.el7_3.6.noarch.rpm python2-ipalib-4.4.0-14.el7_3.6.noarch.rpm python2-ipaserver-4.4.0-14.el7_3.6.noarch.rpm x86_64: ipa-client-4.4.0-14.el7_3.6.x86_64.rpm ipa-debuginfo-4.4.0-14.el7_3.6.x86_64.rpm ipa-server-4.4.0-14.el7_3.6.x86_64.rpm ipa-server-trust-ad-4.4.0-14.el7_3.6.x86_64.rpm These packages are GPGsigned by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2590 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYuIQFXlSAg2UNWIIRApIlAJ0f4aEIwePPgIHUosmcDiwtWFVHzwCgnDJF mo0rvm3jXAHkL3ouYd21vV4=JN8s -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Oracle announces an update for Java SE, targeting low-risk vulnerabilities and introducing several performance enhancements for version 8.. ipa update, Red Hat security advisory, authentication solutions, security fixes, identity management. . LinuxSecurity.com Team

Calendar 2 Mar 02, 2017 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatebug fix

Red Hat Enterprise Linux 6 RHSA-2015:1462-01 Moderate IPA Security Update

Updated ipa packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ipa security and bug fix update Advisory ID: RHSA-2015:1462-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:1462.html Issue date: 2015-07-22 Updated on: 2015-03-04 CVE Names: CVE-2010-5312 CVE-2012-6662 ==================================================================== 1. Summary: Updated ipa packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Two cross-site scripting (XSS) flaws were found in jQuery, which impacted the Identity Management web administrative interface, and could allow an authenticated user to inject arbitrary HTML or web script into the interface. (CVE-2010-5312,CVE-2012-6662) Note: The IdM version provided by this update no longer uses jQuery. Bug fixes: * The ipa-server-install, ipa-replica-install, and ipa-client-install utilities are not supported on machines running in FIPS-140 mode. Previously, IdM did not warn users about this. Now, IdM does not allow running the utilities in FIPS-140 mode, and displays an explanatory message. (BZ#1131571) * If an Active Directory (AD) server was specified or discovered automatically when running the ipa-client-install utility, the utility produced a traceback instead of informing the user that an IdM server is expected in this situation. Now, ipa-client-install detects the AD server and fails with an explanatory message. (BZ#1132261) * When IdM servers were configured to require the TLS protocol version 1.1 (TLSv1.1) or later in the httpd server, the ipa utility failed. With this update, running ipa works as expected with TLSv1.1 or later. (BZ#1154687) * In certain high-load environments, the Kerberos authentication step of the IdM client installer can fail. Previously, the entire client installation failed in this situation. This update modifies ipa-client-install to prefer the TCP protocol over the UDP protocol and to retry the authentication attempt in case of failure. (BZ#1161722) * If ipa-client-install updated or created the /etc/nsswitch.conf file, the sudo utility could terminate unexpectedly with a segmentation fault. Now, ipa-client-install puts a new line character at the end of nsswitch.conf if it modifies the last line of the file, fixing this bug. (BZ#1185207) * The ipa-client-automount utility failed with the "UNWILLING_TO_PERFORM" LDAP error when the nsslapd-minssf Red Hat Directory Server configuration parameter was set to "1". This update modifies ipa-client-automount to use encrypted connection for LDAP searches by default, and the utility now finishes successfully even with nsslapd-minssf specified. (BZ#1191040) * If installing an IdM server failed after the Certificate Authority (CA) installation,the "ipa-server-install --uninstall" command did not perform a proper cleanup. After the user issued "ipa-server-install --uninstall" and then attempted to install the server again, the installation failed. Now, "ipa-server-install --uninstall" removes the CA-related files in the described situation, and ipa-server-install no longer fails with the mentioned error message. (BZ#1198160) * Running ipa-client-install added the "sss" entry to the sudoers line in nsswitch.conf even if "sss" was already configured and the entry was present in the file. Duplicate "sss" then caused sudo to become unresponsive. Now, ipa-client-install no longer adds "sss" if it is already present in nsswitch.conf. (BZ#1198339) * After running ipa-client-install, it was not possible to log in using SSH under certain circumstances. Now, ipa-client-install no longer corrupts the sshd_config file, and the sshd service can start as expected, and logging in using SSH works in the described situation. (BZ#1201454) * An incorrect definition of the dc attribute in the /usr/share/ipa/05rfc2247.ldif file caused bogus error messages to be returned during migration. The attribute has been fixed, but the bug persists if the copy-schema-to-ca.py script was run on Red Hat Enterprise Linux 6.6 prior to running it on Red Hat Enterprise Linux 6.7. To work around this problem, manually copy /usr/share/ipa/schema/05rfc2247.ldif to /etc/dirsrv/slapd-PKI-IPA/schema/ and restart IdM. (BZ#1220788) All ipa users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1132261 - ipa-client-install failing produces a traceback instead of useful error message 1146870 - ipa-client-install fails with "KerbTransport instance has no attribute '__conn'"traceback 1154687 - POODLE: force using safe ciphers (non-SSLv3) in IPA client and server 1166041 - CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option 1166064 - CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget 1185207 - ipa-client dont end new line character in /etc/nsswitch.conf 1198339 - ipa-client-install adds extra sss to sudoers in nsswitch.conf 1201454 - ipa breaks sshd config 1205660 - ipa-client rpm should require keyutils 1207649 - host certificate not issued to client during ipa-client-install 1220788 - request to backport ticket 3578 to RHEL6. Provoking migration to 7.1 issues. 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ipa-3.0.0-47.el6.src.rpm i386: ipa-client-3.0.0-47.el6.i686.rpm ipa-debuginfo-3.0.0-47.el6.i686.rpm ipa-python-3.0.0-47.el6.i686.rpm x86_64: ipa-client-3.0.0-47.el6.x86_64.rpm ipa-debuginfo-3.0.0-47.el6.x86_64.rpm ipa-python-3.0.0-47.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: ipa-admintools-3.0.0-47.el6.i686.rpm ipa-debuginfo-3.0.0-47.el6.i686.rpm ipa-server-3.0.0-47.el6.i686.rpm ipa-server-selinux-3.0.0-47.el6.i686.rpm ipa-server-trust-ad-3.0.0-47.el6.i686.rpm x86_64: ipa-admintools-3.0.0-47.el6.x86_64.rpm ipa-debuginfo-3.0.0-47.el6.x86_64.rpm ipa-server-3.0.0-47.el6.x86_64.rpm ipa-server-selinux-3.0.0-47.el6.x86_64.rpm ipa-server-trust-ad-3.0.0-47.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ipa-3.0.0-47.el6.src.rpm x86_64: ipa-client-3.0.0-47.el6.x86_64.rpm ipa-debuginfo-3.0.0-47.el6.x86_64.rpm ipa-python-3.0.0-47.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: ipa-admintools-3.0.0-47.el6.x86_64.rpm ipa-debuginfo-3.0.0-47.el6.x86_64.rpm ipa-server-3.0.0-47.el6.x86_64.rpm ipa-server-selinux-3.0.0-47.el6.x86_64.rpm ipa-server-trust-ad-3.0.0-47.el6.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: ipa-3.0.0-47.el6.src.rpm i386: ipa-admintools-3.0.0-47.el6.i686.rpm ipa-client-3.0.0-47.el6.i686.rpm ipa-debuginfo-3.0.0-47.el6.i686.rpm ipa-python-3.0.0-47.el6.i686.rpm ipa-server-3.0.0-47.el6.i686.rpm ipa-server-selinux-3.0.0-47.el6.i686.rpm ipa-server-trust-ad-3.0.0-47.el6.i686.rpm ppc64: ipa-admintools-3.0.0-47.el6.ppc64.rpm ipa-client-3.0.0-47.el6.ppc64.rpm ipa-debuginfo-3.0.0-47.el6.ppc64.rpm ipa-python-3.0.0-47.el6.ppc64.rpm s390x: ipa-admintools-3.0.0-47.el6.s390x.rpm ipa-client-3.0.0-47.el6.s390x.rpm ipa-debuginfo-3.0.0-47.el6.s390x.rpm ipa-python-3.0.0-47.el6.s390x.rpm x86_64: ipa-admintools-3.0.0-47.el6.x86_64.rpm ipa-client-3.0.0-47.el6.x86_64.rpm ipa-debuginfo-3.0.0-47.el6.x86_64.rpm ipa-python-3.0.0-47.el6.x86_64.rpm ipa-server-3.0.0-47.el6.x86_64.rpm ipa-server-selinux-3.0.0-47.el6.x86_64.rpm ipa-server-trust-ad-3.0.0-47.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ipa-3.0.0-47.el6.src.rpm i386: ipa-admintools-3.0.0-47.el6.i686.rpm ipa-client-3.0.0-47.el6.i686.rpm ipa-debuginfo-3.0.0-47.el6.i686.rpm ipa-python-3.0.0-47.el6.i686.rpm ipa-server-3.0.0-47.el6.i686.rpm ipa-server-selinux-3.0.0-47.el6.i686.rpm ipa-server-trust-ad-3.0.0-47.el6.i686.rpm x86_64: ipa-admintools-3.0.0-47.el6.x86_64.rpm ipa-client-3.0.0-47.el6.x86_64.rpm ipa-debuginfo-3.0.0-47.el6.x86_64.rpm ipa-python-3.0.0-47.el6.x86_64.rpm ipa-server-3.0.0-47.el6.x86_64.rpm ipa-server-selinux-3.0.0-47.el6.x86_64.rpm ipa-server-trust-ad-3.0.0-47.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2010-5312 https://access.redhat.com/security/cve/CVE-2012-6662 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. -----BEGIN PGPSIGNATURE----- Version: GnuPG v1 iD8DBQFVrzjnXlSAg2UNWIIRAtT7AKCup3+WO9Cqa2r4DcQr6y/LJeanuACeNSYJ 6wxvJ5dE/oWXQoP6BG+HiiY=Q4Qc -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Canonical has released a kernel patch to resolve three vulnerabilities and significant issues with moderate severity, providing crucial enhancements for system administrators.. Red Hat IPA Fix, Moderate Security Update, Linux Security Advisory. . LinuxSecurity.com Team

Calendar 2 Jul 22, 2015 Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here