FERRAMENTAS LINUX: Atualização moderada de segurança da Red Hat para o Red Hat Ansible Tower, aviso RedHat: RHSA-2020-4254: 01

quarta-feira, 14 de outubro de 2020

Atualização moderada de segurança da Red Hat para o Red Hat Ansible Tower, aviso RedHat: RHSA-2020-4254: 01

Confira !!


Versão do runner Red Hat Ansible Tower 3.7 (CVE-2019-18874) 2. Descrição: * Versão python-psutil atualizada para 5.6.6 dentro do contêiner ansible-runner (CVE-2019-18874)

----- BEGIN PGP ASSIGNED MESSAGE -----

Hash: SHA256


========================================================== =====================

                   Aviso de segurança da Red Hat


Sinopse: Moderada: atualização de segurança - versão runner Red Hat Ansible Tower 3.7 (CVE-2019-18874)

ID consultivo: RHSA-2020: 4254-01

Produto: Red Hat Ansible Tower

URL de aviso: https://access.redhat.com/errata/RHSA-2020:4254

Data de emissão: 2014-10-14

Nomes CVE: CVE-2017-12652 CVE-2018-20843 CVE-2019-5094 

                   CVE-2019-5188 CVE-2019-5482 CVE-2019-11719 

                   CVE-2019-11727 CVE-2019-11756 CVE-2019-12450 

                   CVE-2019-12749 CVE-2019-14822 CVE-2019-14866 

                   CVE-2019-14973 CVE-2019-15903 CVE-2019-16935 

                   CVE-2019-17006 CVE-2019-17023 CVE-2019-17498 

                   CVE-2019-17546 CVE-2019-18874 CVE-2019-19126 

                   CVE-2019-19956 CVE-2019-20386 CVE-2019-20388 

                   CVE-2020-5313 CVE-2020-6829 CVE-2020-7595 

                   CVE-2020-12243 CVE-2020-12400 CVE-2020-12401 

                   CVE-2020-12402 CVE-2020-12403 CVE-2020-14365 

========================================================== =====================


1. Resumo:


Versão runner do Red Hat Ansible Tower 3.7 (CVE-2019-18874)


2. Descrição:


* Versão python-psutil atualizada para 5.6.6 dentro do contêiner ansible-runner

(CVE-2019-18874)


3. Solução:


Para obter informações sobre como atualizar a Ansible Tower, consulte a Ansible Tower

Guia de atualização e migração:

https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/

index.html


4. Bugs corrigidos (https://bugzilla.redhat.com/):


1772014 - CVE-2019-18874 python-psutil: double free devido ao manuseio incorreto do refcount


5. Referências:


https://access.redhat.com/security/cve/CVE-2017-12652

https://access.redhat.com/security/cve/CVE-2018-20843

https://access.redhat.com/security/cve/CVE-2019-5094

https://access.redhat.com/security/cve/CVE-2019-5188

https://access.redhat.com/security/cve/CVE-2019-5482

https://access.redhat.com/security/cve/CVE-2019-11719

https://access.redhat.com/security/cve/CVE-2019-11727

https://access.redhat.com/security/cve/CVE-2019-11756

https://access.redhat.com/security/cve/CVE-2019-12450

https://access.redhat.com/security/cve/CVE-2019-12749

https://access.redhat.com/security/cve/CVE-2019-14822

https://access.redhat.com/security/cve/CVE-2019-14866

https://access.redhat.com/security/cve/CVE-2019-14973

https://access.redhat.com/security/cve/CVE-2019-15903

https://access.redhat.com/security/cve/CVE-2019-16935

https://access.redhat.com/security/cve/CVE-2019-17006

https://access.redhat.com/security/cve/CVE-2019-17023

https://access.redhat.com/security/cve/CVE-2019-17498

https://access.redhat.com/security/cve/CVE-2019-17546

https://access.redhat.com/security/cve/CVE-2019-18874

https://access.redhat.com/security/cve/CVE-2019-19126

https://access.redhat.com/security/cve/CVE-2019-19956

https://access.redhat.com/security/cve/CVE-2019-20386

https://access.redhat.com/security/cve/CVE-2019-20388

https://access.redhat.com/security/cve/CVE-2020-5313

https://access.redhat.com/security/cve/CVE-2020-6829

https://access.redhat.com/security/cve/CVE-2020-7595

https://access.redhat.com/security/cve/CVE-2020-12243

https://access.redhat.com/security/cve/CVE-2020-12400

https://access.redhat.com/security/cve/CVE-2020-12401

https://access.redhat.com/security/cve/CVE-2020-12402

https://access.redhat.com/security/cve/CVE-2020-12403

https://access.redhat.com/security/cve/CVE-2020-14365

https://access.redhat.com/security/updates/classification/#moderate


6. Contato:


O contato de segurança da Red Hat é . Mais contato

detalhes em https://access.redhat.com/security/team/contact/


Copyright 2020 Red Hat, Inc.

----- BEGIN PGP SIGNATURE -----

Versão: GnuPG v1


iQIVAwUBX4b3jtzjgjWX9erEAQjRtA / + NuWhg8wJyyX3K9r + pNveW / nQ5035IIJ0

T9qelqFlkxoGgUQE2bL + a58naneN4iyfnadC / eFL / 39AJRF5jfiuctGZngY5Tyva

2aboBMg6P + zHW30YPBJrXiPAVyD46 + N5 / xGqaiY6G1w2NseBGrCmojfi4towIy + 6

HOlaQE6vrb3DGnT4Yda14qqjvZm0mrZKii7 + wQWYLkQYYbbEiTQ9LlNl9u4Gor9K

SO4C1l1Y + H1DUMYOlr7liImnIVhIB7jMrZYAbQCSyOTYRw62S2Zu1LJ + 6IVzyOlx

6SU2xNT0d22iW0cMpcdzAAdwBhZqshxSp39MBdoVkvQyIemUsxfIp1V93u4n8mPB

qHnEV27f1D1UeTIxiyMvDIaJPAdt2ptYMmR9QT31fxNZBwjGoNNqF2CtqlHQ2zpU

CnMsxTZAGnGyINE80Gye / kXixIoMilVQ9UPuMEX4UgIh + hY36HwmwkbqeRciB3L7

UoZt ++ XFPFStHrv7VI / 69tjwkQ660Y81CQC8j3ny / AL1U4Fkgn8x2FoaqaRBlr + C

OLn1IWZTvcwvJhHV6N1CIsK3kkwNmpIvTbxFY16jB9JPHkvJd8PA / JjG9ODgPzHq

jh + M6jbrYBw4d43eiBIwAVR8gLG0Fa57eX5uEGHUtTiVeF26xE + QvHhH58nYuCce

k2HRS + OVADU =

= MG4c

----- FIM DA ASSINATURA PGP -----


-

RHSA-announce mailing list

RHSA-announce@redhat.com

https://www.redhat.com/mailman/listinfo/rhsa-announce


Fonte

Até a próxima !!

Nenhum comentário:

Postar um comentário