FERRAMENTAS LINUX: Atualização moderada de segurança da Red Hat para o Red Hat Ansible Tower, aviso RedHat: RHSA-2020-4255: 01

quarta-feira, 14 de outubro de 2020

Atualização moderada de segurança da Red Hat para o Red Hat Ansible Tower, aviso RedHat: RHSA-2020-4255: 01

 

Confira !

Versão do runner Red Hat Ansible Tower 3.6 (CVE-2019-18874) 2. Descrição: * Versão python-psutil atualizada para 5.6.6 dentro do contêiner ansible-runner (CVE-2019-18874)

----- BEGIN PGP ASSIGNED MESSAGE -----

Hash: SHA256


========================================================== =====================

                   Aviso de segurança da Red Hat


Sinopse: Moderado: atualização de segurança - versão runner Red Hat Ansible Tower 3.6 (CVE-2019-18874)

ID consultivo: RHSA-2020: 4255-01

Produto: Red Hat Ansible Tower

URL de aviso: https://access.redhat.com/errata/RHSA-2020:4255

Data de emissão: 2014-10-14

Nomes CVE: CVE-2017-12652 CVE-2018-20843 CVE-2019-5094 

                   CVE-2019-5188 CVE-2019-5482 CVE-2019-11719 

                   CVE-2019-11727 CVE-2019-11756 CVE-2019-12450 

                   CVE-2019-12749 CVE-2019-14822 CVE-2019-14866 

                   CVE-2019-14973 CVE-2019-15903 CVE-2019-16935 

                   CVE-2019-17006 CVE-2019-17023 CVE-2019-17498 

                   CVE-2019-17546 CVE-2019-18874 CVE-2019-19126 

                   CVE-2019-19956 CVE-2019-20386 CVE-2019-20388 

                   CVE-2020-5313 CVE-2020-6829 CVE-2020-7595 

                   CVE-2020-12243 CVE-2020-12400 CVE-2020-12401 

                   CVE-2020-12402 CVE-2020-12403 CVE-2020-14365 

========================================================== =====================


1. Resumo:


Versão runner do Red Hat Ansible Tower 3.6 (CVE-2019-18874)


2. Descrição:


* Versão python-psutil atualizada para 5.6.6 dentro do contêiner ansible-runner

(CVE-2019-18874)


3. Solução:


Para obter informações sobre como atualizar a Ansible Tower, consulte a Ansible Tower

Guia de atualização e migração:

https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/

index.html


4. Bugs corrigidos (https://bugzilla.redhat.com/):


1772014 - CVE-2019-18874 python-psutil: double free devido ao manuseio incorreto do refcount


5. Referências:


https://access.redhat.com/security/cve/CVE-2017-12652

https://access.redhat.com/security/cve/CVE-2018-20843

https://access.redhat.com/security/cve/CVE-2019-5094

https://access.redhat.com/security/cve/CVE-2019-5188

https://access.redhat.com/security/cve/CVE-2019-5482

https://access.redhat.com/security/cve/CVE-2019-11719

https://access.redhat.com/security/cve/CVE-2019-11727

https://access.redhat.com/security/cve/CVE-2019-11756

https://access.redhat.com/security/cve/CVE-2019-12450

https://access.redhat.com/security/cve/CVE-2019-12749

https://access.redhat.com/security/cve/CVE-2019-14822

https://access.redhat.com/security/cve/CVE-2019-14866

https://access.redhat.com/security/cve/CVE-2019-14973

https://access.redhat.com/security/cve/CVE-2019-15903

https://access.redhat.com/security/cve/CVE-2019-16935

https://access.redhat.com/security/cve/CVE-2019-17006

https://access.redhat.com/security/cve/CVE-2019-17023

https://access.redhat.com/security/cve/CVE-2019-17498

https://access.redhat.com/security/cve/CVE-2019-17546

https://access.redhat.com/security/cve/CVE-2019-18874

https://access.redhat.com/security/cve/CVE-2019-19126

https://access.redhat.com/security/cve/CVE-2019-19956

https://access.redhat.com/security/cve/CVE-2019-20386

https://access.redhat.com/security/cve/CVE-2019-20388

https://access.redhat.com/security/cve/CVE-2020-5313

https://access.redhat.com/security/cve/CVE-2020-6829

https://access.redhat.com/security/cve/CVE-2020-7595

https://access.redhat.com/security/cve/CVE-2020-12243

https://access.redhat.com/security/cve/CVE-2020-12400

https://access.redhat.com/security/cve/CVE-2020-12401

https://access.redhat.com/security/cve/CVE-2020-12402

https://access.redhat.com/security/cve/CVE-2020-12403

https://access.redhat.com/security/cve/CVE-2020-14365

https://access.redhat.com/security/updates/classification/#moderate


6. Contato:


O contato de segurança da Red Hat é . Mais contato

detalhes em https://access.redhat.com/security/team/contact/


Copyright 2020 Red Hat, Inc.

----- BEGIN PGP SIGNATURE -----

Versão: GnuPG v1


iQIVAwUBX4b4vdzjgjWX9erEAQjk / hAApmlcS3Idp8diNh7ru3 + 06bEjVkPtOyrZ

dc6N3l7kQCYemU1Pkl6i17nNdDjojh2wHku3s7WFXfOmvpkfLlgTKykqmKTZ2pGd

InriBhIYXxxq / XKOHr + 9BwshJ + PaXqEaoLea1wvJw7WmbY2zJfUCzu6DAugjg + DO

OvkOcA1hDbTkrFFH + SzhPpvsjB / xrfJecJxhj7LCZnmRvr3 + fpdoMkEgfbEzjkXP

WeQVpAidrUhgt4 + N9UuVqLYzbrV2sQHgda / A4W / XYJPD5uC + hSGWmhyiETdxPCAo

GbXV / 11vySFaMxD912cxMUU35V0AW9LCOn1goA2bZt9WFW2poL3u6RmY / lRArtKH

53i3jU4PPevSaqjUSlIhkojWc9Ce1LaIRGlN8xXJuX6wX7d + Hs5VNuNMObhM0LO /

cBwSRDlEYj7YNXtTj7SiZC / a1OT + Nn96a23mxzfcl + 2eXOKf0hPwCDU3nxSIVUKP

PR7ic / T / f46fi / v + ILMocuMAF / 7j9eABnQf7f3uoB7lLUwML9mXvLpqXbNtAOmlN

aevFw43HBY3E8uHCb3Zw18SDzNXun40HQ0YQ3jjVumCWfpFh6dbtxm3S55YrpK / U

3cAm9qD + mS + u8GcJzc52o + kaI1wu5uuCMXQDb50kj + kyqPdC6 + Upehasxscm12UB

fQ + WwvltUZg =

= C1 / t

----- FIM DA ASSINATURA PGP -----


-

RHSA-announce mailing list

RHSA-announce@redhat.com

https://www.redhat.com/mailman/listinfo/rhsa-announce


Fonte

Até a próxima !!

Nenhum comentário:

Postar um comentário