cyrus-sasl-2.1.26-24.el7

エラータID: AXSA:2022-3085:02

リリース日: 
2022/02/24 Thursday - 13:17
題名: 
cyrus-sasl-2.1.26-24.el7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- cyrus-sasl には、plugins/sql.c が SQL INSERT または UPDATE 文のパスワードを
適切にエスケープしない問題があり、リモートからの攻撃者によって任意の SQL
コマンドが実行され、特権昇格につながる脆弱性があります。(CVE-2022-24407)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2022-24407
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. cyrus-sasl-2.1.26-24.el7.src.rpm
    MD5: 19d33492fe9b6f846b1de5c3cd73a825
    SHA-256: 6db4fc337f827fa188b3c883bcd61bbacbed8122fe3b155d6da68475a14a4a43
    Size: 1.70 MB

Asianux Server 7 for x86_64
  1. cyrus-sasl-2.1.26-24.el7.x86_64.rpm
    MD5: 0f5f750bf2665c497004aa4ed0d0284a
    SHA-256: 0511ecbcda5a957ddd3ea261fa190760c6e31fdbdadec28b10fc18d4459ba7e8
    Size: 87.32 kB
  2. cyrus-sasl-devel-2.1.26-24.el7.x86_64.rpm
    MD5: de89cb10df055188e46187acadeaaf8f
    SHA-256: aeb4132597bcf339faed4d15f7c40ecf28d1dbaf86f91eb1387794d8441328df
    Size: 309.15 kB
  3. cyrus-sasl-gssapi-2.1.26-24.el7.x86_64.rpm
    MD5: bd895ca55ad6613c1d7652d2a1caa51b
    SHA-256: da402d5867388905375dc4693d8753742e236bd427fff1b59ee49b44b88782ec
    Size: 40.50 kB
  4. cyrus-sasl-lib-2.1.26-24.el7.x86_64.rpm
    MD5: 8560e5c6dd2cd8ad0c4725a0c53ee9eb
    SHA-256: 8c4c8addf8eb3311474fc3101e156bf5bcee86b4ffa63e02d54a16ee43671cd0
    Size: 154.68 kB
  5. cyrus-sasl-md5-2.1.26-24.el7.x86_64.rpm
    MD5: 10fd707cc58da9aa84d31e99699d9d35
    SHA-256: 081b9c9fb95f852c9c5991a0fc7a945adf222e9b185f879e5133feec8eb5d1d5
    Size: 55.88 kB
  6. cyrus-sasl-plain-2.1.26-24.el7.x86_64.rpm
    MD5: dae28990f8df43371ce20dfac37c45ad
    SHA-256: c82dddb27b886c9931f5ca256c1f7392f20a11dafc0bc5b9ba1d4f8233915f76
    Size: 38.09 kB
  7. cyrus-sasl-scram-2.1.26-24.el7.x86_64.rpm
    MD5: 50fc08830064ca84755e9301cc106017
    SHA-256: 2d89dbf4c42742548f3f12d8e51f2dfa5514327d0efb70abe79936ba69109112
    Size: 42.00 kB
  8. cyrus-sasl-2.1.26-24.el7.i686.rpm
    MD5: b2449f6895ffc5a19bc8cd5724436239
    SHA-256: a1894e3b9ea4644c34e57127303e49b4f30d679e760f21f3140f9f70fc7cc865
    Size: 86.31 kB
  9. cyrus-sasl-devel-2.1.26-24.el7.i686.rpm
    MD5: 33bd0795924f7573bb96024325924e27
    SHA-256: 7c78554e8a6772fa728a08114b2b2e4a0d2c11fecba25cdb620d48b81926b449
    Size: 309.10 kB
  10. cyrus-sasl-gssapi-2.1.26-24.el7.i686.rpm
    MD5: 18f3d8c68432bf583422102a4ed745ca
    SHA-256: d16e4c66322ebc927c93df4dc5427ccd2de138ac2d77f136e7f4b48064358171
    Size: 40.14 kB
  11. cyrus-sasl-lib-2.1.26-24.el7.i686.rpm
    MD5: d9975d2f205bd4e2de592126b4a2714a
    SHA-256: c4a3b911de299d6bfee04bf3791d400736e33180039fa529f7c9f41b3d42fb73
    Size: 153.62 kB
  12. cyrus-sasl-md5-2.1.26-24.el7.i686.rpm
    MD5: 2d0cdef390583cafb4b1282803004693
    SHA-256: 9bb89aac454f60e1fc00e9564d96ad3340c68056a6274a654b600c22cfe243f0
    Size: 55.34 kB
  13. cyrus-sasl-plain-2.1.26-24.el7.i686.rpm
    MD5: b58692f405c9ac4ba4fb42b208fe38cb
    SHA-256: 432ee89cefce6559661a8c5de6f2e320293698a39d7f2b817163923e26e67d7b
    Size: 37.95 kB
  14. cyrus-sasl-scram-2.1.26-24.el7.i686.rpm
    MD5: 44c28a1a5678e057cddb038f76980fc4
    SHA-256: 6ea186aa89b1c596ef447b6329592e95013e79dda8fe6ad8c7d7bff8947bbeaf
    Size: 41.30 kB