Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-5003

Опубликовано: 13 нояб. 2020
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2020-5003: fence-agents security and bug fix update (LOW)

[4.2.1-41.2]

  • Upgrade bundled python-httplib2 to fix CVE-2020-11078 Resolves: rhbz#1850114

[4.2.1-41.1]

  • fence_lpar: fix issue with long username, hostname, etc not working when the command run by the agent exceeds 80 characters

  • fence_evacuate: enable evacuation of instances using private flavors

    Resolves: rhbz#1860545 Resolves: rhbz#1862024

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

fence-agents-all

4.2.1-41.el7_9.2

fence-agents-amt-ws

4.2.1-41.el7_9.2

fence-agents-apc

4.2.1-41.el7_9.2

fence-agents-apc-snmp

4.2.1-41.el7_9.2

fence-agents-bladecenter

4.2.1-41.el7_9.2

fence-agents-brocade

4.2.1-41.el7_9.2

fence-agents-cisco-mds

4.2.1-41.el7_9.2

fence-agents-cisco-ucs

4.2.1-41.el7_9.2

fence-agents-common

4.2.1-41.el7_9.2

fence-agents-compute

4.2.1-41.el7_9.2

fence-agents-drac5

4.2.1-41.el7_9.2

fence-agents-eaton-snmp

4.2.1-41.el7_9.2

fence-agents-emerson

4.2.1-41.el7_9.2

fence-agents-eps

4.2.1-41.el7_9.2

fence-agents-heuristics-ping

4.2.1-41.el7_9.2

fence-agents-hpblade

4.2.1-41.el7_9.2

fence-agents-ibmblade

4.2.1-41.el7_9.2

fence-agents-ifmib

4.2.1-41.el7_9.2

fence-agents-ilo-moonshot

4.2.1-41.el7_9.2

fence-agents-ilo-mp

4.2.1-41.el7_9.2

fence-agents-ilo-ssh

4.2.1-41.el7_9.2

fence-agents-ilo2

4.2.1-41.el7_9.2

fence-agents-intelmodular

4.2.1-41.el7_9.2

fence-agents-ipdu

4.2.1-41.el7_9.2

fence-agents-ipmilan

4.2.1-41.el7_9.2

fence-agents-kdump

4.2.1-41.el7_9.2

fence-agents-lpar

4.2.1-41.el7_9.2

fence-agents-mpath

4.2.1-41.el7_9.2

fence-agents-redfish

4.2.1-41.el7_9.2

fence-agents-rhevm

4.2.1-41.el7_9.2

fence-agents-rsa

4.2.1-41.el7_9.2

fence-agents-rsb

4.2.1-41.el7_9.2

fence-agents-sbd

4.2.1-41.el7_9.2

fence-agents-scsi

4.2.1-41.el7_9.2

fence-agents-virsh

4.2.1-41.el7_9.2

fence-agents-vmware-rest

4.2.1-41.el7_9.2

fence-agents-vmware-soap

4.2.1-41.el7_9.2

fence-agents-wti

4.2.1-41.el7_9.2

Oracle Linux x86_64

fence-agents-all

4.2.1-41.el7_9.2

fence-agents-amt-ws

4.2.1-41.el7_9.2

fence-agents-apc

4.2.1-41.el7_9.2

fence-agents-apc-snmp

4.2.1-41.el7_9.2

fence-agents-bladecenter

4.2.1-41.el7_9.2

fence-agents-brocade

4.2.1-41.el7_9.2

fence-agents-cisco-mds

4.2.1-41.el7_9.2

fence-agents-cisco-ucs

4.2.1-41.el7_9.2

fence-agents-common

4.2.1-41.el7_9.2

fence-agents-compute

4.2.1-41.el7_9.2

fence-agents-drac5

4.2.1-41.el7_9.2

fence-agents-eaton-snmp

4.2.1-41.el7_9.2

fence-agents-emerson

4.2.1-41.el7_9.2

fence-agents-eps

4.2.1-41.el7_9.2

fence-agents-heuristics-ping

4.2.1-41.el7_9.2

fence-agents-hpblade

4.2.1-41.el7_9.2

fence-agents-ibmblade

4.2.1-41.el7_9.2

fence-agents-ifmib

4.2.1-41.el7_9.2

fence-agents-ilo-moonshot

4.2.1-41.el7_9.2

fence-agents-ilo-mp

4.2.1-41.el7_9.2

fence-agents-ilo-ssh

4.2.1-41.el7_9.2

fence-agents-ilo2

4.2.1-41.el7_9.2

fence-agents-intelmodular

4.2.1-41.el7_9.2

fence-agents-ipdu

4.2.1-41.el7_9.2

fence-agents-ipmilan

4.2.1-41.el7_9.2

fence-agents-kdump

4.2.1-41.el7_9.2

fence-agents-lpar

4.2.1-41.el7_9.2

fence-agents-mpath

4.2.1-41.el7_9.2

fence-agents-redfish

4.2.1-41.el7_9.2

fence-agents-rhevm

4.2.1-41.el7_9.2

fence-agents-rsa

4.2.1-41.el7_9.2

fence-agents-rsb

4.2.1-41.el7_9.2

fence-agents-sbd

4.2.1-41.el7_9.2

fence-agents-scsi

4.2.1-41.el7_9.2

fence-agents-virsh

4.2.1-41.el7_9.2

fence-agents-vmware-rest

4.2.1-41.el7_9.2

fence-agents-vmware-soap

4.2.1-41.el7_9.2

fence-agents-wti

4.2.1-41.el7_9.2

Связанные CVE

CVE-2020-11078

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2020-11078

CVSS3: 6.8
ubuntu
больше 5 лет назад

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0.

redhat логотип

CVE-2020-11078

CVSS3: 6.8
redhat
больше 5 лет назад

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0.

nvd логотип

CVE-2020-11078

CVSS3: 6.8
nvd
больше 5 лет назад

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0.

debian логотип

CVE-2020-11078

CVSS3: 6.8
debian
больше 5 лет назад

In httplib2 before version 0.18.0, an attacker controlling unescaped p ...

github логотип

GHSA-gg84-qgv9-w4pq

CVSS3: 6.8
github
больше 5 лет назад

CRLF injection in httplib2