Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2024-0647

Опубликовано: 02 фев. 2024
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2024-0647: rpm security update (MODERATE)

[4.14.3-28.0.2]

  • Import additional patches to fix regressions with CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 patchset [Orabug: 36256318]

[4.14.3-28.0.1]

  • Fixed infinte loop for db_create with error check [Orabug: 36202920]

[4.14.3-28]

  • Backport file handling code from rpm-4.19 to fix CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939

[4.14.3-27]

  • Make brp-python-bytecompile script compatible with Python 3.10+ Resolves: RHEL-6423

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

python3-rpm

4.14.3-28.0.2.el8_9

rpm

4.14.3-28.0.2.el8_9

rpm-apidocs

4.14.3-28.0.2.el8_9

rpm-build

4.14.3-28.0.2.el8_9

rpm-build-libs

4.14.3-28.0.2.el8_9

rpm-cron

4.14.3-28.0.2.el8_9

rpm-devel

4.14.3-28.0.2.el8_9

rpm-libs

4.14.3-28.0.2.el8_9

rpm-plugin-fapolicyd

4.14.3-28.0.2.el8_9

rpm-plugin-ima

4.14.3-28.0.2.el8_9

rpm-plugin-prioreset

4.14.3-28.0.2.el8_9

rpm-plugin-selinux

4.14.3-28.0.2.el8_9

rpm-plugin-syslog

4.14.3-28.0.2.el8_9

rpm-plugin-systemd-inhibit

4.14.3-28.0.2.el8_9

rpm-sign

4.14.3-28.0.2.el8_9

Oracle Linux x86_64

python3-rpm

4.14.3-28.0.2.el8_9

rpm

4.14.3-28.0.2.el8_9

rpm-apidocs

4.14.3-28.0.2.el8_9

rpm-build

4.14.3-28.0.2.el8_9

rpm-build-libs

4.14.3-28.0.2.el8_9

rpm-cron

4.14.3-28.0.2.el8_9

rpm-devel

4.14.3-28.0.2.el8_9

rpm-libs

4.14.3-28.0.2.el8_9

rpm-plugin-fapolicyd

4.14.3-28.0.2.el8_9

rpm-plugin-ima

4.14.3-28.0.2.el8_9

rpm-plugin-prioreset

4.14.3-28.0.2.el8_9

rpm-plugin-selinux

4.14.3-28.0.2.el8_9

rpm-plugin-syslog

4.14.3-28.0.2.el8_9

rpm-plugin-systemd-inhibit

4.14.3-28.0.2.el8_9

rpm-sign

4.14.3-28.0.2.el8_9

Связанные CVE

CVE-2021-35937
CVE-2021-35939
CVE-2021-35938

Ссылки на источники

Связанные уязвимости

rocky логотип

RLSA-2024:0647

rocky
больше 1 года назад

Moderate: rpm security update

oracle-oval логотип

ELSA-2024-0463

oracle-oval
больше 1 года назад

ELSA-2024-0463: rpm security update (MODERATE)

redos логотип

ROS-20240410-21

CVSS3: 6.5
redos
больше 1 года назад

Множественные уязвимости rpm

ubuntu логотип

CVE-2021-35937

CVSS3: 6.4
ubuntu
почти 3 года назад

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

redhat логотип

CVE-2021-35937

CVSS3: 6.3
redhat
около 4 лет назад

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.