dnf security and bug fix update
エラータID: AXSA:2022-2892:01
リリース日:
2022/01/05 Wednesday - 09:53
題名:
dnf security and bug fix update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目に対処しました。
[Security Fix]
- libdnf には署名の検証に問題があり、攻撃者が RPM パッケージのヘッダ情報を変更し、
ユーザーやシステムを欺いてそのパッケージをインストールできる場合、コード実行が
可能になる脆弱性があります。(CVE-2021-3445)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-3445
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability.
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability.
追加情報:
N/A
ダウンロード:
SRPMS
- dnf-plugins-core-4.0.21-3.el8.src.rpm
MD5: ec53aabb9a323c0aec174ce332eac804
SHA-256: 3b71b263e59fbc5bc187595127f8990450056187246a5c92dd76730a76e37b2a
Size: 373.16 kB - dnf-4.7.0-4.el8.src.rpm
MD5: 8a2ae4157b272fd43ceceb124ad6190c
SHA-256: ee37f33e323224156ed63612940f9dbbe8f2896fb5853716731d6317eede32fa
Size: 2.03 MB - libdnf-0.63.0-3.el8.ML.1.src.rpm
MD5: 951c750066f950cece125a2dcb6a57e7
SHA-256: a5826d0e2fb86ecaaf7ab99d53687e42d3f0595439532e45a1d207518f0ad56e
Size: 1.11 MB
Asianux Server 8 for x86_64
- dnf-plugins-core-4.0.21-3.el8.noarch.rpm
MD5: 84dbf610d953537239707a88ff265ea7
SHA-256: df9323ab7f1756a77073b97b76a267d6e05093cf87ff344f111a1d698c896efd
Size: 68.93 kB - python3-dnf-plugin-post-transaction-actions-4.0.21-3.el8.noarch.rpm
MD5: a2c332c1ec017dfb53025f79d94fed47
SHA-256: 675a11723c69ece892d925524f7f57222dcd563d769dd06db873ef717b4c80d1
Size: 53.52 kB - python3-dnf-plugin-versionlock-4.0.21-3.el8.noarch.rpm
MD5: 3aed175a3cbff1e60af403b0603f23fc
SHA-256: f2f1c794d6991b997c28559408e0355dc51f3a129ae60a4f3d72d8d8257d67d8
Size: 61.41 kB - python3-dnf-plugins-core-4.0.21-3.el8.noarch.rpm
MD5: 186961d58c25ff77ac1e7e0f81255936
SHA-256: c8625996b28469254bc382cc20d829f895c46a329aa1e18f07a326f2d560eb19
Size: 233.00 kB - yum-utils-4.0.21-3.el8.noarch.rpm
MD5: a224a7b27207d363faef5f822366352c
SHA-256: e4deb6a6c52ca7b51deab5b2671b12bf1e90a4a3ee40146588fe14da8023dee2
Size: 71.44 kB - dnf-4.7.0-4.el8.noarch.rpm
MD5: aa3558630fd3c71e6aa389745a5a9c5c
SHA-256: 6ab2d4c7cee3db3f03ba58d642fe5e85d7d30143f028cbfc9cc8a8fa7a6158bd
Size: 542.82 kB - dnf-automatic-4.7.0-4.el8.noarch.rpm
MD5: d8e3d50a45816addd69d9a77825352ce
SHA-256: 79f0876fc9152870222027b8e32266b4cb17919f4c9b09aea57c7111e8390fcd
Size: 148.63 kB - dnf-data-4.7.0-4.el8.noarch.rpm
MD5: 76bd8beb86095c5214e7c7288e2eb088
SHA-256: 5f9cfaaf8b5b42820aafd2e5c3c89f8cd275a8749b38aaefdf9f2eb16dda06c2
Size: 152.78 kB - python3-dnf-4.7.0-4.el8.noarch.rpm
MD5: 477b7a3797dc03cd979b2ae1f53df9d4
SHA-256: b3c68bdf235da3a93aa4d0ce1cdb0fc0c41be40cf1d7bcf22d760c8412c241dd
Size: 543.71 kB - yum-4.7.0-4.el8.noarch.rpm
MD5: 63f51f3c990ea8972e1aa87b6024717c
SHA-256: a61b2bdb70a7455911c3da9af7bf65e4a49a6f68dd2eebeaf3e6d92478c71307
Size: 202.20 kB - libdnf-0.63.0-3.el8.ML.1.x86_64.rpm
MD5: 9a0a598ced3f9f30d407acd4506f25ef
SHA-256: 8d4153fd0eb0ce2c5fd67b20282e74ee480bd120fa74579f781ecdc8b9591336
Size: 698.90 kB - libdnf-devel-0.63.0-3.el8.ML.1.x86_64.rpm
MD5: 1ef53599d56e261f1e7552f79f37271c
SHA-256: 4a8fb63f76e3f5906a539cd226e2eb3eb16f64f8bafea7b325740bb831cac95a
Size: 64.12 kB - python3-hawkey-0.63.0-3.el8.ML.1.x86_64.rpm
MD5: 41acd46b6fb1d777542e2117bcb614b9
SHA-256: 7399b9f43e08a05b96eec5c134b0022a55ba1a8c3320c3d19fab030d37f71179
Size: 115.21 kB - python3-libdnf-0.63.0-3.el8.ML.1.x86_64.rpm
MD5: 66b0cb9590771ee2f33663275b92afe3
SHA-256: 5adbcdd76257e33d26037367bf8e4caa4db335c4aaac14821833be8054351bc3
Size: 776.38 kB - libdnf-0.63.0-3.el8.ML.1.i686.rpm
MD5: 736c03e789455da7ea56d4c8860bbf2e
SHA-256: 7aa9aad22077c226244bc2548e9899fd951dd3c02345ade5f94dc3877243dc42
Size: 754.14 kB - libdnf-devel-0.63.0-3.el8.ML.1.i686.rpm
MD5: b52e05a356ab6c2f324721226541f7fe
SHA-256: aaa7b0ae3c80d90fa2026d58515127c67aa3d90ebd08b3c283e310d9850555ce
Size: 64.15 kB
English