Linux Advisory Watch: October 18th, 2019

X41 D-Sec discovered that unbound, a validating, recursive, and caching DNS resolver, did not correctly process some NOTIFY queries. This could lead to remote denial-of-service by application crash.

It was reported that the apache2 update released as DSA 4509-1 incorrectly fixed CVE-2019-10092. Updated apache2 packages are now available to correct this issue. For reference, the relevant part of the original advisory text follows.

Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID

The update for openssl released as DSA 4539-1 introduced a regression where AES-CBC-HMAC-SHA ciphers were not enabled. Updated openssl packages are now available to correct this issue.

The 5.3.6 update contains a number of important fixes across the tree.

The 5.3.6 update contains a number of important fixes across the tree.

The 5.3.6 update contains a number of important fixes across the tree.

Resolves: #1757214, #1757290 - CVE-2019-16884 ---- add patch for cgroupsv2

* Rebase to 1.8.28 * Fixed CVE-2019-14287

Resolves: #1757214, #1757290 - CVE-2019-16884 ---- add patch for cgroupsv2

This update provides the final 1.3.2 release (previously the package was 1.3.2 beta). It also includes the previously-omitted database schema directory (resolving [#1415753](https://bugzilla.redhat.com/show_bug.cgi?id=1415753)) and rddmarc tools, and backports proposed fixes for a [crasher bug](https://bugzilla.redhat.com/show_bug.cgi?id=1673293) and [security issue

Update to latest upstream version.

This update provides the final 1.3.2 release (previously the package was 1.3.2 beta). It also includes the previously-omitted database schema directory (resolving [#1415753](https://bugzilla.redhat.com/show_bug.cgi?id=1415753)) and rddmarc tools, and backports proposed fixes for a [crasher bug](https://bugzilla.redhat.com/show_bug.cgi?id=1673293) and [security issue

Backport security fixes from [PR#145](https://github.com/libming/libming/pull/145) Fixes: CVE-2018-7866, CVE-2018-7873, CVE-2018-7876, CVE-2018-9009, CVE-2018-9132

Patch CVE-2019-12412.

- Rebase radare2 to 3.9.0 - Rebase cutter-re to 1.9.0 - fix CVE-2019-14745 in radare2 on F30

- Rebase radare2 to 3.9.0 - Rebase cutter-re to 1.9.0 - fix CVE-2019-14745 in radare2 on F30

- Update jackson-parent to version 2.10. - Update jackson-bom to version 2.10.0. - Update jackson-annotations to version 2.10.0. - Update jackson-core to version 2.10.0. - Update jackson-databind to version 2.10.0. Resolves CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943.

- Update jackson-parent to version 2.10. - Update jackson-bom to version 2.10.0. - Update jackson-annotations to version 2.10.0. - Update jackson-core to version 2.10.0. - Update jackson-databind to version 2.10.0. Resolves CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943.

- Update jackson-parent to version 2.10. - Update jackson-bom to version 2.10.0. - Update jackson-annotations to version 2.10.0. - Update jackson-core to version 2.10.0. - Update jackson-databind to version 2.10.0. Resolves CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943.

- Update jackson-parent to version 2.10. - Update jackson-bom to version 2.10.0. - Update jackson-annotations to version 2.10.0. - Update jackson-core to version 2.10.0. - Update jackson-databind to version 2.10.0. Resolves CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943.

- Update jackson-parent to version 2.10. - Update jackson-bom to version 2.10.0. - Update jackson-annotations to version 2.10.0. - Update jackson-core to version 2.10.0. - Update jackson-databind to version 2.10.0. Resolves CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943.

Backport security fixes from [PR#145](https://github.com/libming/libming/pull/145) Fixes: CVE-2018-7866, CVE-2018-7873, CVE-2018-7876, CVE-2018-9009, CVE-2018-9132

Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) This is a purely denial-of-service issue, though it is unauthenticated, and is unlikely to trigger by accident.

Update to 2.0.10 to fix security issues.

An update for jenkins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for mediawiki is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for openshift-enterprise-builder-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for openshift is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for jss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

A security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

A security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Red Hat Single Sign-On 7.3.4 adapters are now available for Red Hat JBoss Enterprise Application Platform 7.2 Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

Red Hat Single Sign-On 7.3.4 adapters are now available for Red Hat JBoss Enterprise Application Platform 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Red Hat OpenShift Service Mesh 1.0.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for atomic-openshift kube-apiserver is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for ovirt-web-ui is now available for Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update is now available for Red Hat Fuse Integration Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Red Hat A-MQ Broker 7.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

An update that fixes one vulnerability is now available.

An update that solves two vulnerabilities and has three fixes is now available.

An update that fixes 6 vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes 28 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that solves one vulnerability and has three fixes is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes 83 vulnerabilities is now available.

An update that contains security fixes can now be installed.

An update that fixes one vulnerability is now available.

An update that solves one vulnerability and has two fixes is now available.

An update that fixes two vulnerabilities is now available.

An update that solves 17 vulnerabilities and has three fixes is now available.

An update that solves one vulnerability and has one errata is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes 24 vulnerabilities is now available.

Several security issues were fixed in LibTIFF.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in SDL.

Several security issues were fixed in SDL.

Aspell could be made to expose sensitive information if it received a specially crafted input.

Sudo could be made to run commands as root if it called with a specially crafted user ID.

Several security issues were fixed in Python.

Octavia could allow unintended access to network services.

The fix for CVE-2019-10871 broke xpdf. This change has been reverted until a better fix can be developed.

Two buffer allocation issues were identified in poppler. CVE-2019-9959

Several cross-site scripting (XSS) vulnerabilities were discovered in Wordpress, a popular content management framework. An attacker can use these flaws to send malicious scripts to an unsuspecting user.

In sudo, a program that provides limited super user privileges to specific users, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can

The update of libsdl2 released as DLA 1714-1 led to several regressions, as reported by Avital Ostromich. These regressions are caused by libsdl1.2 patches for CVE-2019-7637, CVE-2019-7635, CVE-2019-7638 and CVE-2019-7636 being applied to libsdl2 without adaptations.

The update of libsdl1.2 released as DLA 1713-1 led to a regression, caused by an incomplete fix for CVE-2019-7637. This issue was known upstream and resulted, among others, in windows versions from libsdl1.2 failing to set video mode.

It was discovered that multitouch devices were not being disabled by the "xtrlock" screen locking utility. xtrlock did not block multitouch events so an attacker could still

The update of clamav released as DLA 1953-1 led to permission issues on /var/run/clamav. This caused several users to experience issues restarting the clamav daemon. This regression is caused by a mistakenly backported patch from the stretch package, upon which this update was based.

This update includes the changes in tzdata 2019c for the Perl bindings. For the list of changes, see DLA-1957-1. For Debian 8 "Jessie", this problem has been fixed in version

This update includes the changes in tzdata 2018c. Notable changes are: - Brazil has canceled DST and will stay on standard time indefinitely.

Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These security vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.

ruby-openid performed discovery first, and then verification. This allowed an attacker to change the URL used for discovery and trick the server into connecting to the URL. This server in turn could be a private server not publicly accessible.

A security vulnerability was discovered in lucene-solr, an enterprise search server. The DataImportHandler, an optional but popular module to pull in data

It was discovered that clamav, the open source antivirus engine, is affected by the following security vulnerabilities: CVE-2019-12625

The package sudo before version 1.8.28-1 is vulnerable to privilege escalation.

The package sdl before version 1.2.15-13 is vulnerable to arbitrary code execution.

The package chromium before version 77.0.3865.120-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.

The package unbound before version 1.9.4-1 is vulnerable to denial of service.

kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856) * kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846) * hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506) * kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ [More...]

OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949) * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) (CVE-2019-2975) * OpenJDK: Out of bounds access in optimized String indexof implementation (Hotspot, 8224062) (CVE-2019-2977) * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handl [More...]

OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949) * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) (CVE-2019-2975) * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) (CVE-2019-2978) * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConne [More...]

JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate (CVE-2019-14823) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. SL7 x86_64 jss-4.4.6-3.el7_7.x86_64.rpm jss-debuginfo-4.4.6-3.el7_7.x86_64.rpm jss-javadoc-4.4.6-3.el [More...]

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

The updated packages fix a security vulnerability: Potential bypass of Runas user restrictions. (CVE-2019-14287) References:

Updated libpcap and tcpdump packages fix security vulnerabilities: The libpcap packages have been updated to versions 1.9.1 and tcpdump to 4.9.3, respectively, fixing several buffer overread and overflow issues.

Updated e2fsprogs packages fix security vulnerability: Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary

This kernel update is based on the upstream 5.3.6 and fixes several issues. * a potential kernel crash by using suppress-prefix rule in ipv6 * 3rdparty rtl8723/rtl8821ce drivers have been fixed to work with kernel 5.3 series

Updated nmap packages fix security vulnerability: Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service (CVE-2018-15173).