You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa webkitgtk4

Sigurnosni nedostaci programskog paketa webkitgtk4

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4035-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035
Issue date: 2020-09-29
CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506
CVE-2019-8524 CVE-2019-8535 CVE-2019-8536
CVE-2019-8544 CVE-2019-8551 CVE-2019-8558
CVE-2019-8559 CVE-2019-8563 CVE-2019-8571
CVE-2019-8583 CVE-2019-8584 CVE-2019-8586
CVE-2019-8587 CVE-2019-8594 CVE-2019-8595
CVE-2019-8596 CVE-2019-8597 CVE-2019-8601
CVE-2019-8607 CVE-2019-8608 CVE-2019-8609
CVE-2019-8610 CVE-2019-8611 CVE-2019-8615
CVE-2019-8619 CVE-2019-8622 CVE-2019-8623
CVE-2019-8625 CVE-2019-8644 CVE-2019-8649
CVE-2019-8658 CVE-2019-8666 CVE-2019-8669
CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8674 CVE-2019-8676 CVE-2019-8677
CVE-2019-8678 CVE-2019-8679 CVE-2019-8680
CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688
CVE-2019-8689 CVE-2019-8690 CVE-2019-8707
CVE-2019-8710 CVE-2019-8719 CVE-2019-8720
CVE-2019-8726 CVE-2019-8733 CVE-2019-8735
CVE-2019-8743 CVE-2019-8763 CVE-2019-8764
CVE-2019-8765 CVE-2019-8766 CVE-2019-8768
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8821 CVE-2019-8822
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11070 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-10018 CVE-2020-11793
=====================================================================

1. Summary:

An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) – x86_64
Red Hat Enterprise Linux Client Optional (v. 7) – noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) – x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) – noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) – ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) – noarch, ppc64, s390x
Red Hat Enterprise Linux Workstation (v. 7) – x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) – noarch

3. Description:

WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+
platform. These packages provide WebKitGTK+ for GTK+ 3.

The following packages have been upgraded to a later upstream version:
webkitgtk4 (2.28.2). (BZ#1817144)

Security Fix(es):

* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251,
CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571,
CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,
CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,
CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,
CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677,
CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,
CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720,
CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763,
CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,
CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862,
CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885,
CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,
CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1667409 – CVE-2019-6251 webkitgtk: processing maliciously crafted web content lead to URI spoofing
1709289 – CVE-2019-11070 webkitgtk: HTTP proxy setting deanonymization information disclosure
1719199 – CVE-2019-8506 webkitgtk: malicous web content leads to arbitrary code execution
1719209 – CVE-2019-8524 webkitgtk: malicious web content leads to arbitrary code execution
1719210 – CVE-2019-8535 webkitgtk: malicious crafted web content leads to arbitrary code execution
1719213 – CVE-2019-8536 webkitgtk: malicious crafted web content leads to arbitrary code execution
1719224 – CVE-2019-8544 webkitgtk: malicious crafted web content leads to arbitrary we content
1719231 – CVE-2019-8558 webkitgtk: malicious crafted web content leads to arbitrary code execution
1719235 – CVE-2019-8559 webkitgtk: malicious web content leads to arbitrary code execution
1719237 – CVE-2019-8563 webkitgtk: malicious web content leads to arbitrary code execution
1719238 – CVE-2019-8551 webkitgtk: malicious web content leads to cross site scripting
1811721 – CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp
1816678 – CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution
1816684 – CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1816686 – CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1817144 – Rebase WebKitGTK to 2.28
1829369 – CVE-2020-11793 webkitgtk: use-after-free via crafted web content
1876462 – CVE-2020-3885 webkitgtk: Incorrect processing of file URLs
1876463 – CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory
1876465 – CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content
1876468 – CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution
1876470 – CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution
1876472 – CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content
1876473 – CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution
1876476 – CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack
1876516 – CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling
1876518 – CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts
1876521 – CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context
1876522 – CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876523 – CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876536 – CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876537 – CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876540 – CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876542 – CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876543 – CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876545 – CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876548 – CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876549 – CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876550 – CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876552 – CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876553 – CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876554 – CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876555 – CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876556 – CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876590 – CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876591 – CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876592 – CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876593 – CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876594 – CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876607 – CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876608 – CVE-2019-8674 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876609 – CVE-2019-8707 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876610 – CVE-2019-8719 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876611 – CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876612 – CVE-2019-8726 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876613 – CVE-2019-8733 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876614 – CVE-2019-8735 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876615 – CVE-2019-8763 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876616 – CVE-2019-8768 webkitgtk: Browsing history could not be deleted
1876617 – CVE-2019-8769 webkitgtk: Websites could reveal browsing history
1876619 – CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy
1876626 – CVE-2019-8644 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876628 – CVE-2019-8649 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876629 – CVE-2019-8658 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876630 – CVE-2019-8666 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876631 – CVE-2019-8669 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876632 – CVE-2019-8671 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876634 – CVE-2019-8672 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876643 – CVE-2019-8673 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876644 – CVE-2019-8676 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876645 – CVE-2019-8677 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876646 – CVE-2019-8678 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876647 – CVE-2019-8679 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876648 – CVE-2019-8680 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876650 – CVE-2019-8681 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876651 – CVE-2019-8683 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876652 – CVE-2019-8684 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876653 – CVE-2019-8686 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876655 – CVE-2019-8687 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876656 – CVE-2019-8688 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876657 – CVE-2019-8689 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876664 – CVE-2019-8690 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876880 – CVE-2019-6237 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876881 – CVE-2019-8571 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876882 – CVE-2019-8583 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876883 – CVE-2019-8584 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876884 – CVE-2019-8586 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876887 – CVE-2019-8587 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876891 – CVE-2019-8594 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876892 – CVE-2019-8595 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876893 – CVE-2019-8596 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876894 – CVE-2019-8597 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876895 – CVE-2019-8601 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876897 – CVE-2019-8607 webkitgtk: Out-of-bounds read leading to memory disclosure
1876898 – CVE-2019-8608 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876899 – CVE-2019-8609 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876900 – CVE-2019-8610 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877045 – CVE-2019-8615 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877046 – CVE-2019-8611 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877047 – CVE-2019-8619 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877048 – CVE-2019-8622 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877049 – CVE-2019-8623 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
webkitgtk4-2.28.2-2.el7.src.rpm

x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm

x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
webkitgtk4-2.28.2-2.el7.src.rpm

x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm

x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
webkitgtk4-2.28.2-2.el7.src.rpm

ppc64:
webkitgtk4-2.28.2-2.el7.ppc.rpm
webkitgtk4-2.28.2-2.el7.ppc64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm

ppc64le:
webkitgtk4-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm

s390x:
webkitgtk4-2.28.2-2.el7.s390.rpm
webkitgtk4-2.28.2-2.el7.s390x.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm

x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm

ppc64:
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm

s390x:
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-devel-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
webkitgtk4-2.28.2-2.el7.src.rpm

x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-6237
https://access.redhat.com/security/cve/CVE-2019-6251
https://access.redhat.com/security/cve/CVE-2019-8506
https://access.redhat.com/security/cve/CVE-2019-8524
https://access.redhat.com/security/cve/CVE-2019-8535
https://access.redhat.com/security/cve/CVE-2019-8536
https://access.redhat.com/security/cve/CVE-2019-8544
https://access.redhat.com/security/cve/CVE-2019-8551
https://access.redhat.com/security/cve/CVE-2019-8558
https://access.redhat.com/security/cve/CVE-2019-8559
https://access.redhat.com/security/cve/CVE-2019-8563
https://access.redhat.com/security/cve/CVE-2019-8571
https://access.redhat.com/security/cve/CVE-2019-8583
https://access.redhat.com/security/cve/CVE-2019-8584
https://access.redhat.com/security/cve/CVE-2019-8586
https://access.redhat.com/security/cve/CVE-2019-8587
https://access.redhat.com/security/cve/CVE-2019-8594
https://access.redhat.com/security/cve/CVE-2019-8595
https://access.redhat.com/security/cve/CVE-2019-8596
https://access.redhat.com/security/cve/CVE-2019-8597
https://access.redhat.com/security/cve/CVE-2019-8601
https://access.redhat.com/security/cve/CVE-2019-8607
https://access.redhat.com/security/cve/CVE-2019-8608
https://access.redhat.com/security/cve/CVE-2019-8609
https://access.redhat.com/security/cve/CVE-2019-8610
https://access.redhat.com/security/cve/CVE-2019-8611
https://access.redhat.com/security/cve/CVE-2019-8615
https://access.redhat.com/security/cve/CVE-2019-8619
https://access.redhat.com/security/cve/CVE-2019-8622
https://access.redhat.com/security/cve/CVE-2019-8623
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8644
https://access.redhat.com/security/cve/CVE-2019-8649
https://access.redhat.com/security/cve/CVE-2019-8658
https://access.redhat.com/security/cve/CVE-2019-8666
https://access.redhat.com/security/cve/CVE-2019-8669
https://access.redhat.com/security/cve/CVE-2019-8671
https://access.redhat.com/security/cve/CVE-2019-8672
https://access.redhat.com/security/cve/CVE-2019-8673
https://access.redhat.com/security/cve/CVE-2019-8674
https://access.redhat.com/security/cve/CVE-2019-8676
https://access.redhat.com/security/cve/CVE-2019-8677
https://access.redhat.com/security/cve/CVE-2019-8678
https://access.redhat.com/security/cve/CVE-2019-8679
https://access.redhat.com/security/cve/CVE-2019-8680
https://access.redhat.com/security/cve/CVE-2019-8681
https://access.redhat.com/security/cve/CVE-2019-8683
https://access.redhat.com/security/cve/CVE-2019-8684
https://access.redhat.com/security/cve/CVE-2019-8686
https://access.redhat.com/security/cve/CVE-2019-8687
https://access.redhat.com/security/cve/CVE-2019-8688
https://access.redhat.com/security/cve/CVE-2019-8689
https://access.redhat.com/security/cve/CVE-2019-8690
https://access.redhat.com/security/cve/CVE-2019-8707
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8719
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8726
https://access.redhat.com/security/cve/CVE-2019-8733
https://access.redhat.com/security/cve/CVE-2019-8735
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8763
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8765
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8768
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8821
https://access.redhat.com/security/cve/CVE-2019-8822
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11070
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z
rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01
RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM
XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK
R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1
PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467
eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX
rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ
1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe
PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr
w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh
PKg+HFNkMjk=
=dS3G
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa dbus

Otkriven je sigurnosni nedostatak u programskom paketu dbus za operacijski sustav RHEL. Otkriveni nedostatak potencijalnim napadačima omogućuje zaobilaženje sigurnosnih ograničenja....

Close