Linux Advisory Watch: March 13th, 2020

- update to latest development version 1.9.0b1 - added sudo_logsrvd and sudo_sendlog to files and their appropriate man pages Resolves: rhbz#1787823 - Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz#1796945 - fixes: CVE-2019-18634 - By using ! character in the shadow file instead of a password hash can access to a run as all sudoer account Resolves: rhbz#1786709 -

An update for ose-installer-artifacts-container and ose-installer-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Red Hat OpenShift Service Mesh 1.0.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

An update for the virt:8.1 and virt-devel:8.1 modules is now available for Advanced Virtualization for RHEL 8.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for qemu-kvm-rhev is now available for Red Hat Virtualization Engine 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for sudo is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for python-waitress is now available for Red Hat OpenStack Platform 15 (Stein). Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score,

An update for openstack-octavia is now available for Red Hat OpenStack Platform 15 (Stein). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update that solves three vulnerabilities and has one errata is now available.

An update that fixes one vulnerability is now available.

An update that solves 11 vulnerabilities and has 57 fixes is now available.

An update that fixes three vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes one vulnerability is now available.

It was discovered that there was an out-of-bounds write vulnerability in pdfresurrect, a tool for extracting or scrubbing versioning data from PDF documents.

The package opensc before version 0.20.0-1 is vulnerable to denial of service.

The package chromium before version 80.0.3987.132-1 is vulnerable to access restriction bypass.

The package opensmtpd before version 6.6.4p1-1 is vulnerable to arbitrary command execution.

The package weechat before version 2.7.1-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.

sudo: Stack based buffer overflow when pwfeedback is enabled (CVE-2019-18634) SL6 x86_64 sudo-1.8.6p3-29.el6_10.3.x86_64.rpm sudo-debuginfo-1.8.6p3-29.el6_10.3.x86_64.rpm sudo-debuginfo-1.8.6p3-29.el6_10.3.i686.rpm sudo-devel-1.8.6p3-29.el6_10.3.i686.rpm sudo-devel-1.8.6p3-29.el6_10.3.x86_64.rpm i386 sudo-1.8.6p3-29.el6_10.3.i686.rpm sudo-debuginfo-1.8.6p3-29.e [More...]

xerces-c: XML parser contains a use-after-free error triggered during the scanning of external DTDs (CVE-2018-1311) SL6 x86_64 xerces-c-3.0.1-21.el6_10.i686.rpm xerces-c-3.0.1-21.el6_10.x86_64.rpm xerces-c-debuginfo-3.0.1-21.el6_10.i686.rpm xerces-c-debuginfo-3.0.1-21.el6_10.x86_64.rpm xerces-c-devel-3.0.1-21.el6_10.i686.rpm xerces-c-devel-3.0.1-21.el6_10.x86_64.rpm [More...]

xerces-c: XML parser contains a use-after-free error triggered during the scanning of external DTDs (CVE-2018-1311) SL7 x86_64 xerces-c-3.1.1-10.el7_7.i686.rpm xerces-c-3.1.1-10.el7_7.x86_64.rpm xerces-c-debuginfo-3.1.1-10.el7_7.i686.rpm xerces-c-debuginfo-3.1.1-10.el7_7.x86_64.rpm xerces-c-devel-3.1.1-10.el7_7.i686.rpm xerces-c-devel-3.1.1-10.el7_7.x86_64.rpm noar [More...]

nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605) SL7 x86_64 http-parser-2.7.1-8.el7_7.2.i686.rpm http-parser-2.7.1-8.el7_7.2.x86_64.rpm http-parser-debuginfo-2.7.1-8.el7_7.2.i686.rpm http-parser-debuginfo-2.7.1-8.el7_7.2.x86_64.rpm http-parser-devel-2.7.1-8.el7_7.2.i686.rpm http-parser-devel-2.7.1-8.el7_7.2.x86_64.rpm - Scient [More...]

An update that fixes one vulnerability is now available.

An update that fixes four vulnerabilities is now available.

An update that fixes three vulnerabilities is now available.

The updated package fixes a security vulnerability: A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning. (CVE-2019-20479)

Updated pure-ftpd packages fix security vulnerabilities: An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called,

The updated packages fix several issues including security vulnerabilities: In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive. (CVE-2019-19221)

Updated dojo package fixes security vulnerability: dojox was vulnerable to Cross-site Scripting. This was due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them (CVE-2019-10785).

The updated packages fix a security vulnerability: Mutation XSS in bleach.clean when noscript and raw tag whitelisted. (CVE-2020-6802)

Updated pcre packages fix security vulnerabilities: The pcre package has been updated to version 8.44, fixing an integer overflow and NULL pointer dereference, as well as other bugs. See the upstream changelog for details.

Chromium-browser 80.0.3987.122 fixes security issues: Multiple flaws were found in the way Chromium 79.0.3945.130 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose

Updated weechat packages fix security vulnerability: irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other

Updated ruby-rake package fixes security vulnerability: There is an OS command injection vulnerability in Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character (CVE-2020-8130).

Updated proftpd packages fix security vulnerability: Antonio Morales discovered an use-after-free flaw in the memory pool allocator in ProFTPD. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially

Updated php packages fix bugs and security vulnerabilities: Core: - Fixed bug #71876 (Memory corruption htmlspecialchars(): charset `*' not supported).

The updated packages fix a security vulnerability: GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled.

Updated libsolv packages fix security vulnerability: An out-of-bounds read was discovered in libsolv when the last schema has a length that is less than the length of the input schema. A remote attacker may abuse this flaw to crash an application that uses libsolv

The updated package fixes security vulnerabilities: Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. (CVE-2019-14275)

Updated firejail package fixes security vulnerabilities: Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions

The updated packages fix a security vulnerability: OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/ IlmThreadPool.cpp, as demonstrated by exrmultiview. (CVE-2018-18443)

- Updated from 4.12.0 to 4.12.1 - Device quarantine for alternate pci assignment methods [XSA-306] - x86: Machine Check Error on Page Size Change DoS [XSA-304, CVE-2018-12207] - TSX Asynchronous Abort speculative side channel [XSA-305, CVE-2019-11135] - VCPUOP_initialise DoS [XSA-296, CVE-2019-18420] (rhbz#1771368)

This update provides the binutils 2.33.1 and fixes atleast the following security issues: An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a