ALT-BU-2018-3617-1
Branch c8.1 update bulletin.
Closed vulnerabilities
BDU:2018-00007
Уязвимость библиотеки libgcrypt11, связанная с отсутствием защиты служебных данных, позволяющая нарушителю нарушить конфиденциальность данных
BDU:2019-00237
Уязвимость процесса mainproc.c программы шифрования информации и создания электронных цифровых подписей GNU Privacy Guard, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
BDU:2019-01635
Уязвимость генератора псевдослучайных чисел библиотеки криптографии Libgcrypt, связанная с раскрытием информации, позволяющая нарушителю прогнозировать выходные данные
Modified: 2024-11-21
CVE-2016-6313
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.
- RHSA-2016:2674
- RHSA-2016:2674
- DSA-3649
- DSA-3649
- DSA-3650
- DSA-3650
- 92527
- 92527
- 1036635
- 1036635
- USN-3064-1
- USN-3064-1
- USN-3065-1
- USN-3065-1
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=blob_plain%3Bf=NEWS
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=blob_plain%3Bf=NEWS
- [gnupg-announce] 20160817 [Announce] Security fixes for Libgcrypt and GnuPG 1.4 [CVE-2016-6316]
- [gnupg-announce] 20160817 [Announce] Security fixes for Libgcrypt and GnuPG 1.4 [CVE-2016-6316]
- GLSA-201610-04
- GLSA-201610-04
- GLSA-201612-01
- GLSA-201612-01
Modified: 2024-11-21
CVE-2017-7526
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.
- 99338
- 99338
- 1038915
- 1038915
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7526
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7526
- https://eprint.iacr.org/2017/627
- https://eprint.iacr.org/2017/627
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=78130828e9a140a9de4dafadbc844dbb64cb709a
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=78130828e9a140a9de4dafadbc844dbb64cb709a
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=8725c99ffa41778f382ca97233183bcd687bb0ce
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=8725c99ffa41778f382ca97233183bcd687bb0ce
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=e6a3dc9900433bbc8ad362a595a3837318c28fa9
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=e6a3dc9900433bbc8ad362a595a3837318c28fa9
- [gnupg-announce] 20170629 Libgcrypt 1.7.8 released to fix CVE-2017-7526
- [gnupg-announce] 20170629 Libgcrypt 1.7.8 released to fix CVE-2017-7526
- USN-3733-1
- USN-3733-1
- USN-3733-2
- USN-3733-2
- DSA-3901
- DSA-3901
- DSA-3960
- DSA-3960
Modified: 2024-11-21
CVE-2018-12020
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
- http://openwall.com/lists/oss-security/2018/06/08/2
- http://openwall.com/lists/oss-security/2018/06/08/2
- http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
- http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
- 20190430 OpenPGP and S/MIME signature forgery attacks in multiple email clients
- 20190430 OpenPGP and S/MIME signature forgery attacks in multiple email clients
- [oss-security] 20190430 Spoofing OpenPGP and S/MIME Signatures in Emails (multiple clients)
- [oss-security] 20190430 Spoofing OpenPGP and S/MIME Signatures in Emails (multiple clients)
- 104450
- 104450
- 1041051
- 1041051
- RHSA-2018:2180
- RHSA-2018:2180
- RHSA-2018:2181
- RHSA-2018:2181
- https://dev.gnupg.org/T4012
- https://dev.gnupg.org/T4012
- https://github.com/RUB-NDS/Johnny-You-Are-Fired
- https://github.com/RUB-NDS/Johnny-You-Are-Fired
- https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
- https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- [debian-lts-announce] 20211228 [SECURITY] [DLA 2862-1] python-gnupg security update
- [debian-lts-announce] 20211228 [SECURITY] [DLA 2862-1] python-gnupg security update
- https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
- https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
- USN-3675-1
- USN-3675-1
- USN-3675-2
- USN-3675-2
- USN-3675-3
- USN-3675-3
- USN-3964-1
- USN-3964-1
- DSA-4222
- DSA-4222
- DSA-4223
- DSA-4223
- DSA-4224
- DSA-4224
Closed vulnerabilities
BDU:2016-01507
Уязвимость библиотеки XLST-преобразований LibXLST, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2016-01508
Уязвимость библиотеки XLST-преобразований LibXLST, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
Modified: 2024-11-21
CVE-2015-7995
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
- APPLE-SA-2016-01-19-1
- APPLE-SA-2016-01-19-1
- APPLE-SA-2016-01-19-2
- APPLE-SA-2016-01-19-2
- APPLE-SA-2016-01-25-1
- APPLE-SA-2016-01-25-1
- APPLE-SA-2016-03-21-2
- APPLE-SA-2016-03-21-2
- openSUSE-SU-2016:1439
- openSUSE-SU-2016:1439
- DSA-3605
- DSA-3605
- [oss-security] 20151027 CVE request: libxslt xsltStylePreCompute() type confusion DoS
- [oss-security] 20151027 CVE request: libxslt xsltStylePreCompute() type confusion DoS
- [oss-security] 20151028 Re: CVE request: libxslt xsltStylePreCompute() type confusion DoS
- [oss-security] 20151028 Re: CVE request: libxslt xsltStylePreCompute() type confusion DoS
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- 77325
- 77325
- 1034736
- 1034736
- 1038623
- 1038623
- SSA:2016-148-02
- SSA:2016-148-02
- https://bugzilla.redhat.com/show_bug.cgi?id=1257962
- https://bugzilla.redhat.com/show_bug.cgi?id=1257962
- https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617
- https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
- https://puppet.com/security/cve/cve-2015-7995
- https://puppet.com/security/cve/cve-2015-7995
- https://support.apple.com/HT205729
- https://support.apple.com/HT205729
- https://support.apple.com/HT205731
- https://support.apple.com/HT205731
- https://support.apple.com/HT205732
- https://support.apple.com/HT205732
- https://support.apple.com/HT206168
- https://support.apple.com/HT206168
Modified: 2024-11-21
CVE-2015-9019
In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.
Modified: 2024-11-21
CVE-2016-1683
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.
- http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
- http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-6
- APPLE-SA-2016-07-18-6
- openSUSE-SU-2016:1430
- openSUSE-SU-2016:1430
- openSUSE-SU-2016:1433
- openSUSE-SU-2016:1433
- openSUSE-SU-2016:1496
- openSUSE-SU-2016:1496
- DSA-3590
- DSA-3590
- DSA-3605
- DSA-3605
- 90876
- 90876
- 91826
- 91826
- 1035981
- 1035981
- USN-2992-1
- USN-2992-1
- RHSA-2016:1190
- RHSA-2016:1190
- https://bugzilla.redhat.com/show_bug.cgi?id=1340016
- https://bugzilla.redhat.com/show_bug.cgi?id=1340016
- https://crbug.com/583156
- https://crbug.com/583156
- https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242
- https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242
- FEDORA-2019-320d5295fc
- FEDORA-2019-320d5295fc
- GLSA-201607-07
- GLSA-201607-07
- https://support.apple.com/HT206899
- https://support.apple.com/HT206899
- https://support.apple.com/HT206901
- https://support.apple.com/HT206901
- https://support.apple.com/HT206902
- https://support.apple.com/HT206902
- https://support.apple.com/HT206903
- https://support.apple.com/HT206903
- https://support.apple.com/HT206904
- https://support.apple.com/HT206904
- https://support.apple.com/HT206905
- https://support.apple.com/HT206905
Modified: 2024-11-21
CVE-2016-1684
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document.
- http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
- http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-6
- APPLE-SA-2016-07-18-6
- openSUSE-SU-2016:1430
- openSUSE-SU-2016:1430
- openSUSE-SU-2016:1433
- openSUSE-SU-2016:1433
- openSUSE-SU-2016:1496
- openSUSE-SU-2016:1496
- DSA-3590
- DSA-3590
- DSA-3605
- DSA-3605
- 90876
- 90876
- 1035981
- 1035981
- USN-2992-1
- USN-2992-1
- RHSA-2016:1190
- RHSA-2016:1190
- https://bugzilla.redhat.com/show_bug.cgi?id=1340017
- https://bugzilla.redhat.com/show_bug.cgi?id=1340017
- https://crbug.com/583171
- https://crbug.com/583171
- https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d
- https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d
- FEDORA-2019-320d5295fc
- FEDORA-2019-320d5295fc
- GLSA-201607-07
- GLSA-201607-07
- https://support.apple.com/HT206899
- https://support.apple.com/HT206899
- https://support.apple.com/HT206901
- https://support.apple.com/HT206901
- https://support.apple.com/HT206902
- https://support.apple.com/HT206902
- https://support.apple.com/HT206903
- https://support.apple.com/HT206903
- https://support.apple.com/HT206904
- https://support.apple.com/HT206904
- https://support.apple.com/HT206905
- https://support.apple.com/HT206905
Modified: 2024-11-21
CVE-2016-4607
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-6
- APPLE-SA-2016-07-18-6
- 91834
- 91834
- 1036348
- 1036348
- FEDORA-2019-320d5295fc
- FEDORA-2019-320d5295fc
- https://support.apple.com/HT206899
- https://support.apple.com/HT206899
- https://support.apple.com/HT206901
- https://support.apple.com/HT206901
- https://support.apple.com/HT206902
- https://support.apple.com/HT206902
- https://support.apple.com/HT206903
- https://support.apple.com/HT206903
- https://support.apple.com/HT206904
- https://support.apple.com/HT206904
- https://support.apple.com/HT206905
- https://support.apple.com/HT206905
Modified: 2024-11-21
CVE-2016-4609
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612.
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-6
- APPLE-SA-2016-07-18-6
- 91826
- 91826
- 1036348
- 1036348
- [debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update
- [debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update
- FEDORA-2019-320d5295fc
- FEDORA-2019-320d5295fc
- https://support.apple.com/HT206899
- https://support.apple.com/HT206899
- https://support.apple.com/HT206901
- https://support.apple.com/HT206901
- https://support.apple.com/HT206902
- https://support.apple.com/HT206902
- https://support.apple.com/HT206903
- https://support.apple.com/HT206903
- https://support.apple.com/HT206904
- https://support.apple.com/HT206904
- https://support.apple.com/HT206905
- https://support.apple.com/HT206905
Modified: 2024-11-21
CVE-2017-5029
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
- RHSA-2017:0499
- RHSA-2017:0499
- DSA-3810
- DSA-3810
- 96767
- 96767
- 1038157
- 1038157
- https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
- https://crbug.com/676623
- https://crbug.com/676623
- https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5
- https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5
Closed bugs
[FR] обновить до 1.1.29