cyrus-sasl-2.1.27-6.el8

エラータID: AXSA:2022-3081:01

リリース日: 
2022/02/23 Wednesday - 16:52
題名: 
cyrus-sasl-2.1.27-6.el8
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- cyrus-sasl には、plugins/sql.c が SQL INSERT または UPDATE 文のパスワードを
適切にエスケープしない問題があり、リモートからの攻撃者によって任意の SQL
コマンドが実行され、特権昇格につながる脆弱性があります。(CVE-2022-24407)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2022-24407
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. cyrus-sasl-2.1.27-6.el8.src.rpm
    MD5: 8f314f96814f3dfd556e0d69bb7cbe7c
    SHA-256: 715d32659fa8a0b1ea2a1da799e067b2d9a72db0e8b7da66163ae0fc6367d80f
    Size: 3.84 MB

Asianux Server 8 for x86_64
  1. cyrus-sasl-2.1.27-6.el8.x86_64.rpm
    MD5: c01f853921b9482d6a0312cadc44001c
    SHA-256: a01d3115ba7b7852de359146814f5ad849e19d8176faee9dd824f69a4b529314
    Size: 95.33 kB
  2. cyrus-sasl-devel-2.1.27-6.el8.x86_64.rpm
    MD5: e4e8e5aae682a466686b6a598ebfe033
    SHA-256: 98779d46eabdee16dd20727e21186206174b014308bc3744dee6794713926ef6
    Size: 127.31 kB
  3. cyrus-sasl-gs2-2.1.27-6.el8.x86_64.rpm
    MD5: edba74074473772a9288ec680b25a86f
    SHA-256: 81b721b6db0bb13512ffa9af830e079d54c364c99028cf45c1859d47671a0bca
    Size: 48.18 kB
  4. cyrus-sasl-gssapi-2.1.27-6.el8.x86_64.rpm
    MD5: b7e207ce1a3e8bf9c18c649860810170
    SHA-256: 58542b16fbd1d00290c1a677695227c40b51f8778b504af28d0261ddb808c9f1
    Size: 48.81 kB
  5. cyrus-sasl-ldap-2.1.27-6.el8.x86_64.rpm
    MD5: d2cf367a9a4333af0064f4f1b90b6a06
    SHA-256: 4c571f186e41df7407b5c2e51cda7737143c34dbd37751521324503b6595ec36
    Size: 43.47 kB
  6. cyrus-sasl-lib-2.1.27-6.el8.x86_64.rpm
    MD5: 4a05dddcd09e49d9b5b5492f97a3d19d
    SHA-256: ba532099f585c9546c5af773812edefd8a70e08e7827ab1d897a2c957a6a7652
    Size: 122.30 kB
  7. cyrus-sasl-md5-2.1.27-6.el8.x86_64.rpm
    MD5: a485b8036c29cc4b5ebdcb07c00016b5
    SHA-256: 3ca5835622c62cadbfd5862e54dcbd7614436c090f6f8f4f46c19a2da8e5441d
    Size: 64.89 kB
  8. cyrus-sasl-ntlm-2.1.27-6.el8.x86_64.rpm
    MD5: 08da9e49ed8b0f4f74f1649f682bf9c5
    SHA-256: 4bb0df2f6ebfb3c2ea3433680608ffc8818dea1363b095f5225bba7bba617079
    Size: 49.14 kB
  9. cyrus-sasl-plain-2.1.27-6.el8.x86_64.rpm
    MD5: 8c40cb00e4c21bc759eee9a11214f906
    SHA-256: f7c86ec657f76717e3d9f16c9997013c3ac912b73276db29495ab027d94dc7b7
    Size: 46.41 kB
  10. cyrus-sasl-scram-2.1.27-6.el8.x86_64.rpm
    MD5: 222f2f2ee248108821b0df7e395f9e29
    SHA-256: d460ca95b4f05ed287190e2dcc8b6048274e57d1a51905365c07c1c0084aef41
    Size: 51.16 kB
  11. cyrus-sasl-sql-2.1.27-6.el8.x86_64.rpm
    MD5: a5259d7e98f96e034fe44ffc422d6488
    SHA-256: 184ed8979a034eafd1da8defb63d8716eee3da86d21954efe85811e1473ef9ac
    Size: 45.38 kB
  12. cyrus-sasl-2.1.27-6.el8.i686.rpm
    MD5: b001d5ecba52d6c161ab4e225a6ebd94
    SHA-256: 792819cf79abfe294643ba3c08834607f5a0064bb63e8eb2d2da2cb540a93825
    Size: 98.68 kB
  13. cyrus-sasl-devel-2.1.27-6.el8.i686.rpm
    MD5: 68854dd0418bd49507ed13c9eeb8c191
    SHA-256: 2e7aeb8b6b40107da0dc00b159a1a2faeb80e355c36e3588f6c42d70abd20dce
    Size: 127.57 kB
  14. cyrus-sasl-gs2-2.1.27-6.el8.i686.rpm
    MD5: e1ecbc10d4f9f63172c5379440583f7f
    SHA-256: b5f6a6908f65129f80f93aebcca837d05bea50faead324c47d5052ddab511495
    Size: 49.25 kB
  15. cyrus-sasl-gssapi-2.1.27-6.el8.i686.rpm
    MD5: b0bbda390f8a3e32c04e03112321ca87
    SHA-256: 8236d74d1e82bb56a678d15f7c7c63d2c41fa17b7caf66b4b5e715396266d092
    Size: 50.07 kB
  16. cyrus-sasl-ldap-2.1.27-6.el8.i686.rpm
    MD5: 70aeb92e86face9a9d3c696b6ef782c6
    SHA-256: 5b91049b90367b7ca23e5cfc21c14381a8a0c04dae2676133c212843d17a20ad
    Size: 44.15 kB
  17. cyrus-sasl-lib-2.1.27-6.el8.i686.rpm
    MD5: 568fc26e3a64a6114d35296e6788b0ed
    SHA-256: 3032ebc27c7762d0b8ca56ef98c104c79e935341ea71f87459112233f7e94e99
    Size: 127.80 kB
  18. cyrus-sasl-md5-2.1.27-6.el8.i686.rpm
    MD5: 4f6f593878ca941af7e824e37cf56707
    SHA-256: 358b2948b401131a39eccea5df37a0981b403d1f13a302d6183a92e525081cdb
    Size: 67.63 kB
  19. cyrus-sasl-ntlm-2.1.27-6.el8.i686.rpm
    MD5: d8a7d57e13ba4ad6c11519ae6aded029
    SHA-256: 11ddb6c1183e6f6e3884077ac40ccefa5911ef9e0c137328541bf50499d535f3
    Size: 50.40 kB
  20. cyrus-sasl-plain-2.1.27-6.el8.i686.rpm
    MD5: 283e5d88d00a6c5c70e2bf34228da03b
    SHA-256: 35ebeef4d1a769f56c327f8289e288c33e85435e1bf15fc2d129e3fdf6a0345b
    Size: 47.27 kB
  21. cyrus-sasl-scram-2.1.27-6.el8.i686.rpm
    MD5: a7d16793da63e80fc249772167807f3d
    SHA-256: 91a01458e54a8492acf158d1085e885f8b8ed85dcc5de75e09e9a30d19687479
    Size: 52.43 kB
  22. cyrus-sasl-sql-2.1.27-6.el8.i686.rpm
    MD5: 9bd7cc46b64f63937897bc8c5f26f1e7
    SHA-256: e8285ba35de5a5ff3dff748cbade21a3a3b28eddbf90793d1a9c9d493472150c
    Size: 46.71 kB