ALT-BU-2020-3682-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-10710
A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, such as root, to retrieve the Candlepin plaintext password.
Package zoneminder updated to version 1.34.5-alt1 for branch sisyphus in task 247267.
Closed bugs
Добавить в зависимости perl-Digest-SHA
Closed vulnerabilities
Modified: 2024-11-21
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
Modified: 2024-11-21
CVE-2020-12459
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
- https://access.redhat.com/security/cve/CVE-2020-12459
- https://bugzilla.redhat.com/show_bug.cgi?id=1829724
- https://github.com/grafana/grafana/issues/8283
- FEDORA-2020-d109a1d1d9
- FEDORA-2020-c6b0c7ebbb
- https://security.netapp.com/advisory/ntap-20200518-0004/
- https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277
- https://access.redhat.com/security/cve/CVE-2020-12459
- https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277
- https://security.netapp.com/advisory/ntap-20200518-0004/
- FEDORA-2020-c6b0c7ebbb
- FEDORA-2020-d109a1d1d9
- https://github.com/grafana/grafana/issues/8283
- https://bugzilla.redhat.com/show_bug.cgi?id=1829724