Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2015-2504

Опубликовано: 23 нояб. 2015
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2015-2504: libreport security update (MODERATE)

[2.0.9-25.0.1]

  • Add Fix-for-bug-21110293.patch [bug 21110293]
  • Add oracle-enterprise.patch and oracle-enterprise-po.patch
  • Remove libreport-plugin-rhtsupport pkg

[2.0.9-25]

  • save all files changed by the reporter in the reporting GUI
  • Fixes CVE-2015-5302
  • Resolves: #1282143

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

libreport

2.0.9-25.0.1.el6_7

libreport-cli

2.0.9-25.0.1.el6_7

libreport-compat

2.0.9-25.0.1.el6_7

libreport-devel

2.0.9-25.0.1.el6_7

libreport-filesystem

2.0.9-25.0.1.el6_7

libreport-gtk

2.0.9-25.0.1.el6_7

libreport-gtk-devel

2.0.9-25.0.1.el6_7

libreport-newt

2.0.9-25.0.1.el6_7

libreport-plugin-bugzilla

2.0.9-25.0.1.el6_7

libreport-plugin-kerneloops

2.0.9-25.0.1.el6_7

libreport-plugin-logger

2.0.9-25.0.1.el6_7

libreport-plugin-mailx

2.0.9-25.0.1.el6_7

libreport-plugin-reportuploader

2.0.9-25.0.1.el6_7

libreport-plugin-ureport

2.0.9-25.0.1.el6_7

libreport-python

2.0.9-25.0.1.el6_7

Oracle Linux i686

libreport

2.0.9-25.0.1.el6_7

libreport-cli

2.0.9-25.0.1.el6_7

libreport-compat

2.0.9-25.0.1.el6_7

libreport-devel

2.0.9-25.0.1.el6_7

libreport-filesystem

2.0.9-25.0.1.el6_7

libreport-gtk

2.0.9-25.0.1.el6_7

libreport-gtk-devel

2.0.9-25.0.1.el6_7

libreport-newt

2.0.9-25.0.1.el6_7

libreport-plugin-bugzilla

2.0.9-25.0.1.el6_7

libreport-plugin-kerneloops

2.0.9-25.0.1.el6_7

libreport-plugin-logger

2.0.9-25.0.1.el6_7

libreport-plugin-mailx

2.0.9-25.0.1.el6_7

libreport-plugin-reportuploader

2.0.9-25.0.1.el6_7

libreport-plugin-ureport

2.0.9-25.0.1.el6_7

libreport-python

2.0.9-25.0.1.el6_7

Связанные CVE

CVE-2015-5302

Ссылки на источники

Связанные уязвимости

redhat логотип

CVE-2015-5302

redhat
почти 10 лет назад

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.

nvd логотип

CVE-2015-5302

nvd
больше 9 лет назад

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.

github логотип

GHSA-mvfv-hmwr-6c9m

github
больше 3 лет назад

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.

oracle-oval логотип

ELSA-2015-2505

oracle-oval
почти 10 лет назад

ELSA-2015-2505: abrt and libreport security update (MODERATE)