ID

VAR-201609-0597

CVE

CVE-2016-2183

TITLE

OpenSSL Information disclosure vulnerability

DESCRIPTION

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. SSL/TLS Protocol is prone to an information-disclosure vulnerability Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. TLS (Transport Layer Security) is a set of protocols used to provide confidentiality and data integrity between two communication applications. SSH (full name Secure Shell) is a set of security protocols based on the application layer and transport layer developed by the Network Working Group of the Internet Engineering Task Force (IETF). IPSec (full name Internet Protocol Security) is a set of IP security protocols established by the IPSec group of the Internet Engineering Task Force (IETF). Both DES and Triple DES are encryption algorithms. There are information leakage vulnerabilities in the DES and Triple DES encryption algorithms used in the TLS, SSH, and IPSec protocols and other protocols and products. This vulnerability stems from configuration errors in network systems or products during operation. OpenSSL Security Advisory [22 Sep 2016] ======================================== OCSP Status Request extension unbounded memory growth (CVE-2016-6304) ===================================================================== Severity: High A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected. Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support. OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team. SSL_peek() hang on empty record (CVE-2016-6305) =============================================== Severity: Moderate OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack. OpenSSL 1.1.0 users should upgrade to 1.1.0a This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team. SWEET32 Mitigation (CVE-2016-2183) ================================== Severity: Low SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default. OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team. OOB write in MDC2_Update() (CVE-2016-6303) ========================================== Severity: Low An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption. The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms. OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team. Malformed SHA512 ticket DoS (CVE-2016-6302) =========================================== Severity: Low If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash. The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism. OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team. OOB write in BN_bn2dec() (CVE-2016-2182) ======================================== Severity: Low The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed. OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team. OOB read in TS_OBJ_print_bio() (CVE-2016-2180) ============================================== Severity: Low The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented. OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team. Pointer arithmetic undefined behaviour (CVE-2016-2177) ====================================================== Severity: Low Avoid some undefined pointer arithmetic A common idiom in the codebase is to check limits in the following manner: "p + len > limit" Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE "len" here could be from some externally supplied data (e.g. from a TLS message). The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour. For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit. OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. Constant time flag not preserved in DSA signing (CVE-2016-2178) =============================================================== Severity: Low Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key. OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida. DTLS buffered message DoS (CVE-2016-2179) ========================================= Severity: Low In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion. OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team. DTLS replay protection DoS (CVE-2016-2181) ========================================== Severity: Low A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection. OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team. Certificate message OOB reads (CVE-2016-6306) ============================================= Severity: Low In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms. The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication. OpenSSL 1.1.0 is not affected. OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team. Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307) ========================================================================== Severity: Low A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if: 1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests. Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service. This issue does not affect DTLS users. OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team. Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308) ============================================================================= Severity: Low This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS. A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if: 1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests. Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service. This issue does not affect TLS users. OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team. Note ==== As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade. Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . Security Fix(es): * A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. (CVE-2016-2183) 3. Bugs fixed (https://bugzilla.redhat.com/): 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 5. ========================================================================== Ubuntu Security Notice USN-3179-1 January 25, 2017 openjdk-8 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.10 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in OpenJDK 8. Software Description: - openjdk-8: Open Source Java implementation Details: Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes them to be used only if no non-legacy algorithms can be negotiated. (CVE-2016-2183) It was discovered that OpenJDK accepted ECSDA signatures using non-canonical DER encoding. An attacker could use this to modify or expose sensitive data. (CVE-2016-5546) It was discovered that OpenJDK did not properly verify object identifier (OID) length when reading Distinguished Encoding Rules (DER) records, as used in x.509 certificates and elsewhere. (CVE-2016-5547) It was discovered that covert timing channel vulnerabilities existed in the DSA and ECDSA implementations in OpenJDK. A remote attacker could use this to expose sensitive information. (CVE-2016-5548, CVE-2016-5549) It was discovered that the URLStreamHandler class in OpenJDK did not properly parse user information from a URL. A remote attacker could use this to expose sensitive information. (CVE-2016-5552) It was discovered that the URLClassLoader class in OpenJDK did not properly check access control context when downloading class files. A remote attacker could use this to expose sensitive information. (CVE-2017-3231) It was discovered that the Remote Method Invocation (RMI) implementation in OpenJDK performed deserialization of untrusted inputs. A remote attacker could use this to execute arbitrary code. (CVE-2017-3241) It was discovered that the Java Authentication and Authorization Service (JAAS) component of OpenJDK did not properly perform user search LDAP queries. An attacker could use a specially constructed LDAP entry to expose or modify sensitive information. (CVE-2017-3252) It was discovered that the PNGImageReader class in OpenJDK did not properly handle iTXt and zTXt chunks. (CVE-2017-3253) It was discovered that integer overflows existed in the SocketInputStream and SocketOutputStream classes of OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-3261) It was discovered that the atomic field updaters in the java.util.concurrent.atomic package in OpenJDK did not properly restrict access to protected field members. An attacker could use this to specially craft a Java application or applet that could bypass Java sandbox restrictions. (CVE-2017-3272) It was discovered that a vulnerability existed in the class construction implementation in OpenJDK. An attacker could use this to specially craft a Java application or applet that could bypass Java sandbox restrictions. (CVE-2017-3289) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: openjdk-8-jdk 8u121-b13-0ubuntu1.16.10.2 openjdk-8-jdk-headless 8u121-b13-0ubuntu1.16.10.2 openjdk-8-jre 8u121-b13-0ubuntu1.16.10.2 openjdk-8-jre-headless 8u121-b13-0ubuntu1.16.10.2 openjdk-8-jre-jamvm 8u121-b13-0ubuntu1.16.10.2 openjdk-8-jre-zero 8u121-b13-0ubuntu1.16.10.2 Ubuntu 16.04 LTS: openjdk-8-jdk 8u121-b13-0ubuntu1.16.04.2 openjdk-8-jdk-headless 8u121-b13-0ubuntu1.16.04.2 openjdk-8-jre 8u121-b13-0ubuntu1.16.04.2 openjdk-8-jre-headless 8u121-b13-0ubuntu1.16.04.2 openjdk-8-jre-jamvm 8u121-b13-0ubuntu1.16.04.2 openjdk-8-jre-zero 8u121-b13-0ubuntu1.16.04.2 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.1-ibm security update Advisory ID: RHSA-2017:0336-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0336.html Issue date: 2017-02-28 CVE Names: CVE-2016-2183 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3259 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 ===================================================================== 1. Summary: An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Supplementary (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Supplementary (v. 7) - x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 7) - x86_64 3. Description: IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP1. Security Fix(es): * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of IBM Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1413554 - CVE-2017-3272 OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344) 1413562 - CVE-2017-3289 OpenJDK: insecure class construction (Hotspot, 8167104) 1413583 - CVE-2017-3253 OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988) 1413653 - CVE-2017-3261 OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147) 1413717 - CVE-2017-3231 OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934) 1413764 - CVE-2016-5547 OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705) 1413882 - CVE-2016-5552 OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223) 1413906 - CVE-2017-3252 OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743) 1413911 - CVE-2016-5546 OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714) 1413920 - CVE-2016-5548 OpenJDK: DSA implementation timing attack (Libraries, 8168728) 1413923 - CVE-2016-5549 OpenJDK: ECDSA implementation timing attack (Libraries, 8168724) 1413955 - CVE-2017-3241 OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802) 1414163 - CVE-2017-3259 Oracle JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.i686.rpm x86_64: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.i686.rpm ppc64: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.ppc64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.ppc64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.ppc64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.1.el6_8.ppc64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.ppc64.rpm s390x: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.s390x.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.s390x.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.s390x.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.1.el6_8.s390x.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.s390x.rpm x86_64: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.1.el6_8.i686.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.i686.rpm x86_64: java-1.7.1-ibm-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Client Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.i686.rpm java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.i686.rpm java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 7): ppc64: java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.ppc.rpm java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.ppc64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.2.el7.ppc64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.ppc.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.ppc64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.2.el7.ppc64.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.2.el7.ppc.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.2.el7.ppc64.rpm ppc64le: java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.ppc64le.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.2.el7.ppc64le.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.ppc64le.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.2.el7.ppc64le.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.2.el7.ppc64le.rpm s390x: java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.s390.rpm java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.s390x.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.2.el7.s390x.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.s390.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.s390x.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.2.el7.s390x.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.2.el7.s390x.rpm x86_64: java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.i686.rpm java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.i686.rpm java-1.7.1-ibm-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.1-1jpp.2.el7.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.1-1jpp.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-2183 https://access.redhat.com/security/cve/CVE-2016-5546 https://access.redhat.com/security/cve/CVE-2016-5547 https://access.redhat.com/security/cve/CVE-2016-5548 https://access.redhat.com/security/cve/CVE-2016-5549 https://access.redhat.com/security/cve/CVE-2016-5552 https://access.redhat.com/security/cve/CVE-2017-3231 https://access.redhat.com/security/cve/CVE-2017-3241 https://access.redhat.com/security/cve/CVE-2017-3252 https://access.redhat.com/security/cve/CVE-2017-3253 https://access.redhat.com/security/cve/CVE-2017-3259 https://access.redhat.com/security/cve/CVE-2017-3261 https://access.redhat.com/security/cve/CVE-2017-3272 https://access.redhat.com/security/cve/CVE-2017-3289 https://access.redhat.com/security/updates/classification/#critical https://developer.ibm.com/javasdk/support/security-vulnerabilities/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYtT+VXlSAg2UNWIIRAlsUAKC/YVMsT2MtkXqUC3tLLKKz44xx5gCgwDER EwgATWRMA0TtHHTG3g1+yS8= =8vwr -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2017-5461) This update refreshes the NSS package to version 3.28.4 which includes the latest CA certificate bundle. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.16. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHBA-2021:0309 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.16-x86_64 The image digest is sha256:3e855ad88f46ad1b7f56c312f078ca6adaba623c5d4b360143f9f82d2f349741 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.16-s390x The image digest is sha256:2335685cda334ecf9e12c056b148c483fb81412fbfc96c885dc669d775e1f1ee (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.16-ppc64le The image digest is sha256:953ccacf79467b3e8ebfb8def92013f1574d75e24b3ea9a455aa8931f7f17b88 All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor. Security Fix(es): * SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) * openshift/builder: privilege escalation during container image builds via mounted secrets (CVE-2021-3344) * openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250 (CVE-2021-20198) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1873004 - [downstream] Should indicate the version info instead of the commit info 1887759 - [release 4.6] Gather MachineConfigPools 1889676 - [release 4.6] Gather top installplans and their count 1889865 - operator-registry image needs clean up in /tmp 1890274 - [4.6] External IP doesn't work if the IP address is not assigned to a node 1890452 - Adding BYOK disk encryption through DES 1891697 - Handle missing labels as empty. 1891892 - The windows oc.exe binary does not have version metadata 1893409 - [release-4.6] MCDPivotError alert/metric missing 1893738 - Examining agones helm chart resources results in "Oh no!" 1894916 - [4.6] Panic output due to timeouts in openshift-apiserver 1896919 - start creating new-style Secrets for AWS 1898672 - Pod gets stuck in ContainerCreating state with exhausted Whereabouts IPAM range with a daemonset 1899107 - [4.6] ironic-api used by metal3 is over provisioned and consumes a lot of RAM 1899535 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster 1901602 - Extra reboot during 4.5 -> 4.6 upgrade 1901605 - CNO blocks editing Kuryr options 1903649 - Automated cleaning is disabled by default 1903887 - dns daemonset rolls out slowly in large clusters 1904091 - Missing registry v1 protocol usage metric on telemetry 1904577 - [4.6] Local storage operator doesn't include correctly populate LocalVolumeDiscoveryResult in console 1905031 - (release-4.6) Collect spec config for clusteroperator resources 1905195 - [release-4.6] Detecting broken connections to the Kube API takes up to 15 minutes 1905573 - [4.6] Changing the bound token service account issuer invalids previously issued bound tokens 1905788 - Role name missing on create role binding form 1906332 - update discovery burst to reflect lots of CRDs on openshift clusters 1906741 - KeyError: 'nodeName' on NP deletion 1906796 - [SA] verify-image-signature using service account does not work 1907827 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber 1907830 - "Evaluating rule failed" for "record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum" and "record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum" 1909673 - scale up / down buttons available on pod details side panel 1912388 - [OVN]: `make check` broken on 4.6 1912430 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap 1913109 - oc debug of an init container no longer works 1913645 - Improved Red Hat image and crashlooping OpenShift pod collection 1915560 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing 1916096 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable. 1916100 - [oVirt] Consume 23-10 ovirt sdk - csi operator 1916347 - Updating scheduling component builder & base images to be consistent with ART 1916857 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change 1916907 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use 1917240 - [4.6] Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service 1917498 - Regression OLM uses scoped client for CRD installation 1917547 - oc adm catalog mirror does not mirror the index image itself 1917548 - [4.6] Cannot filter the platform/arch of the index image 1917549 - Failed to mirror operator catalog - error: destination registry required 1917550 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option 1917609 - [4.6z] Deleting an exgw causes pods to no longer route to other exgws 1918194 - with sharded ingresscontrollers, all shards reload when any endpoint changes 1918202 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks) 1918525 - OLM enters infinite loop if Pending CSV replaces itself 1918779 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state 1918792 - [BUG] Thanos having possible memory leak consuming huge amounts of node's memory and killing them 1918961 - [IPI on vsphere] Executing 'openshift-installer destroy cluster' leaves installer tag categories in vsphere 1920764 - CVE-2021-20198 openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250 1920873 - Failure to upgrade operator when a Service is included in a Bundle 1920995 - kuryr-cni pods using unreasonable amount of CPU 1921450 - CVE-2021-3344 openshift/builder: privilege escalation during container image builds via mounted secrets 1921473 - test-cmd is failing on volumes.sh pretty consistently 1921599 - OCP 4.5 to 4.6 upgrade for "aws-ebs-csi-driver-operator" fails when "defaultNodeSelector" is set 5. Software Description: - nss: Network Security Service library Details: It was discovered that NSS incorrectly handled certain empty SSLv2 messages. This update causes NSS to limit use of the same symmetric key. (CVE-2016-2183) It was discovered that NSS incorrectly handled Base64 decoding

AFFECTED PRODUCTS