fence-agents-4.2.1-129.el8

エラータID: AXSA:2024-8238:06

リリース日: 
2024/06/15 Saturday - 04:28
題名: 
fence-agents-4.2.1-129.el8
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- urllib には、リクエスト内のメソッドを POST などの本文を
受け入れることができるメソッドから GET に変更し、かつ
レスポンスコード 301、302、および 303 を使用して HTTP
リダイレクト応答を返した際に HTTP リクエストの本文を
削除しない問題があるため、近隣ネットワーク上の攻撃者に
より、情報の漏洩を可能とする脆弱性が存在します。
(CVE-2023-45803)

- PyCryptodome および pycryptodomex の OAEP 復号化処理
には、サイドチャネル情報漏洩の問題があるため、Manger
攻撃とこれによる不正な暗号文の復号を可能とする脆弱性が
存在します。(CVE-2023-52323)

- Jinja の xmlattr フィルターには、HTML テンプレート内に
任意の HTML 属性値を挿入できてしまう問題があるため、
リモートの攻撃者により、細工された HTML テンプレート
を介して、クロスサイトスクリプティング攻撃を可能とする
脆弱性が存在します。(CVE-2024-22195)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2023-45803
urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) to `GET` as is required by HTTP RFCs. Although this behavior is not specified in the section for redirects, it can be inferred by piecing together information from different sections and we have observed the behavior in other major HTTP client implementations like curl and web browsers. Because the vulnerability requires a previously trusted service to become compromised in order to have an impact on confidentiality we believe the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies, if this is the case then this vulnerability isn't exploitable. Both of the following conditions must be true to be affected by this vulnerability: 1. Using urllib3 and submitting sensitive information in the HTTP request body (such as form data or JSON) and 2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised. This issue has been addressed in versions 1.26.18 and 2.0.7 and users are advised to update to resolve this issue. Users unable to update should disable redirects for services that aren't expecting to respond with redirects with `redirects=False` and disable automatic redirects with `redirects=False` and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.
CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
CVE-2024-22195
Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting (XSS). The Jinja `xmlattr` filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. fence-agents-4.2.1-129.el8.src.rpm
    MD5: 6406d981967e1c7b922245e62ad46524
    SHA-256: 5f600fb2805f42a425be0da31d2b09b65bf06dbfce303b543fd5dbf1757208c5
    Size: 21.94 MB

Asianux Server 8 for x86_64
  1. fence-agents-aliyun-4.2.1-129.el8.x86_64.rpm
    MD5: a88afc96566efc733f6d516d94ac3571
    SHA-256: 458f59ff59a01226d986886a80510bb67eca6130f6fe625e53c0045beead0c34
    Size: 2.50 MB
  2. fence-agents-all-4.2.1-129.el8.x86_64.rpm
    MD5: 5c9b1c2ebcb08c6442781719d4afb98b
    SHA-256: c09498a068c28c59b4ec103752ec1fe3c8fcc763187317630955266448872396
    Size: 25.21 kB
  3. fence-agents-amt-ws-4.2.1-129.el8.noarch.rpm
    MD5: 884750fd9219c5044560a12d58d8371f
    SHA-256: 1af537e29c4b2715464b64046143027b245115cf0a6c61a71cf59be8e83ba003
    Size: 28.88 kB
  4. fence-agents-apc-4.2.1-129.el8.noarch.rpm
    MD5: 29a8d90573dd28d36e558745e37a3867
    SHA-256: d288a25ddb4e803738f1397f92a277e0c6f353a166533b8b8cd19afd815c5131
    Size: 28.96 kB
  5. fence-agents-apc-snmp-4.2.1-129.el8.noarch.rpm
    MD5: d5001e02bdd33858f4c5ab48fa641cc9
    SHA-256: 7f31ec92996e32ff03b6e5bde02343fd4ccb003bc675f561e88132ea9d2c137f
    Size: 28.93 kB
  6. fence-agents-aws-4.2.1-129.el8.noarch.rpm
    MD5: f89f1011687c88284289d565137be070
    SHA-256: 1f2e0f0091afbe910b22e30507229fb28a7f9c382a68bec6265af28c01b8f2ec
    Size: 6.73 MB
  7. fence-agents-azure-arm-4.2.1-129.el8.noarch.rpm
    MD5: 1e2ca6045f5c9f7c7d204b7cef79040b
    SHA-256: 72deeeadf50308d672a5446ef2f88b4c94f572500eda889db80b001fbde4416b
    Size: 37.46 kB
  8. fence-agents-bladecenter-4.2.1-129.el8.noarch.rpm
    MD5: c4eccda9097fab01bf06fae181f86787
    SHA-256: 5dccd3810295d6804368e012b5f3f8cf9080f6651515b92aa5e2c7db95f1c988
    Size: 28.02 kB
  9. fence-agents-brocade-4.2.1-129.el8.noarch.rpm
    MD5: 156d7902a9a30ed603496dfed98f2d64
    SHA-256: 3c563cdac0e47f7f7e7e7b784fb5b0ee823d91f135cd179e874d5b380511fde0
    Size: 28.13 kB
  10. fence-agents-cisco-mds-4.2.1-129.el8.noarch.rpm
    MD5: d0bb2bd98f63cdc4c127b34bd4e28b66
    SHA-256: f8369d000552b8b9fc99c4b6c9a55f0187680e56a9282a4e0a864427db3d47ff
    Size: 27.95 kB
  11. fence-agents-cisco-ucs-4.2.1-129.el8.noarch.rpm
    MD5: 12fc51caed372ef01205f0107a795096
    SHA-256: 61ef41cadb152f671760b0d6cfdfcae0616dbad8988c5685c7e9be3cc543e399
    Size: 28.62 kB
  12. fence-agents-common-4.2.1-129.el8.noarch.rpm
    MD5: 68be4ac0546fcbbb16b6fe80ad3fdfb0
    SHA-256: ec7fda0221ada08559ca04e25873e95a7a2a337891c3476a1984ecb59d28b95c
    Size: 72.00 kB
  13. fence-agents-compute-4.2.1-129.el8.noarch.rpm
    MD5: 9047163a8c5f1634890d65c75e502265
    SHA-256: f95885705cb33061173a490912dc8df38e043707e5aed22ac56057f48fd53b17
    Size: 35.14 kB
  14. fence-agents-drac5-4.2.1-129.el8.noarch.rpm
    MD5: 9aebb03d40d4b188fa65207b3c0aef52
    SHA-256: 985111d6eee4dadcddb0fa7a28b821312f332ee17e2c78b0f3a5d54d47d65572
    Size: 28.61 kB
  15. fence-agents-eaton-snmp-4.2.1-129.el8.noarch.rpm
    MD5: d77716ba9a5d37c05ab450b9c6fc8144
    SHA-256: f58db2d43cf49afa9b8fbc0a3681ad6a8cc1e927154a5bbfcf2a0f7167a7fb56
    Size: 29.13 kB
  16. fence-agents-emerson-4.2.1-129.el8.noarch.rpm
    MD5: 751ea7db23d64397fe5420d10f580e04
    SHA-256: 74d764c7775e360c0bc8646e0c645790f4119ec1d7f050611cf67d4338093d3a
    Size: 27.54 kB
  17. fence-agents-eps-4.2.1-129.el8.noarch.rpm
    MD5: 90ebb0da30a9cf2a2f99d7dc0f8b02b4
    SHA-256: b982c2773d93626417bf8a5c83ae0490e2afcaaffb856e69caf82f27d22b6737
    Size: 28.18 kB
  18. fence-agents-gce-4.2.1-129.el8.noarch.rpm
    MD5: 484bce4479d2cd8317b7befa60ac485f
    SHA-256: 0dbf95a89d6789a7256acc35de34a10e0952db70c4c2e0b855be7858458eb0a9
    Size: 252.27 kB
  19. fence-agents-heuristics-ping-4.2.1-129.el8.noarch.rpm
    MD5: 73f2e97ee1cb2e6bf90a84f8645f45b8
    SHA-256: 14dbcfd25c582e6d8098588a511a73b98c68086034c99141888266d946a14afb
    Size: 28.41 kB
  20. fence-agents-hpblade-4.2.1-129.el8.noarch.rpm
    MD5: 3df2b5d0ccd421422ce7c3a942e33e3e
    SHA-256: 46bc74a6a2b57402d88f50eb1bd5fc936f45088656a9e841a1966e1f06f61acb
    Size: 28.14 kB
  21. fence-agents-ibmblade-4.2.1-129.el8.noarch.rpm
    MD5: 9468a2b010fda2493639cb901912bfe3
    SHA-256: b7247154dc65aeca78d9ac0dbbfba5a4ab5d69c4d98626a8d55e409584f44ebf
    Size: 27.67 kB
  22. fence-agents-ibm-powervs-4.2.1-129.el8.noarch.rpm
    MD5: d7885d68e6190e3383991bbcc6f69d56
    SHA-256: a8fd50d22daeb555d2d22b1e0aa1cd46cd86809202318d372dcbe29e518fd6d3
    Size: 28.65 kB
  23. fence-agents-ibm-vpc-4.2.1-129.el8.noarch.rpm
    MD5: 830f942fa1a8b323340b07c83cad1a4b
    SHA-256: 1434607e71588bed604a14281e6f114216fc9647ec14acbe6abfa8772b0974fa
    Size: 29.11 kB
  24. fence-agents-ifmib-4.2.1-129.el8.noarch.rpm
    MD5: 67548dcd43b494569097db6251737387
    SHA-256: 3dd91d07a68b6fb914dff8b5eeeb93b03a88ce9be71e50afb08e1e4fcb570de2
    Size: 28.28 kB
  25. fence-agents-ilo2-4.2.1-129.el8.noarch.rpm
    MD5: 3c84afb4b442b28465f42b5db3ab8b56
    SHA-256: f4ecb8e34fb10ee5a8934e9d35d5a5d9cf72d1c1157d8b4cc4adefd69ebbc32e
    Size: 30.24 kB
  26. fence-agents-ilo-moonshot-4.2.1-129.el8.noarch.rpm
    MD5: 9fa9d791fa53ecb5b6e19e8228f4981a
    SHA-256: ef206ff797e1a039ba28974e740e4edc18d9e68a9561b6ca29dda998697e0eb4
    Size: 27.46 kB
  27. fence-agents-ilo-mp-4.2.1-129.el8.noarch.rpm
    MD5: 1f84816365607c50db419ceb219fc8f7
    SHA-256: 480246d4840225f7450906d38c8873116445f377b1da2df90fd5da8d92ba312b
    Size: 27.25 kB
  28. fence-agents-ilo-ssh-4.2.1-129.el8.noarch.rpm
    MD5: 2a5c76b0814bc784d40f295cc4704418
    SHA-256: 66d66b3a0d80b846dc39f5e7081e25847ac54136349eb92c2c0f80b138b04df1
    Size: 33.96 kB
  29. fence-agents-intelmodular-4.2.1-129.el8.noarch.rpm
    MD5: 690630fd9f11228672c77a97c23a748f
    SHA-256: e30c3f7d018dd101674390796a781ed060b6ab9a8a7f04dd32d5d9945e7655f1
    Size: 28.09 kB
  30. fence-agents-ipdu-4.2.1-129.el8.noarch.rpm
    MD5: 741358b165a9ebccd02aa3f44c2dab60
    SHA-256: 47af09106025a3661c147fe6c35652af205337a39c1cbbe463903fc836c5b1a6
    Size: 28.30 kB
  31. fence-agents-ipmilan-4.2.1-129.el8.noarch.rpm
    MD5: 909305191e00dee2b9f6cfa338b43020
    SHA-256: de765bff17f2321a024fbf1c77aed0e21a3fddda73cf3227175a79b47184c3e5
    Size: 41.79 kB
  32. fence-agents-kdump-4.2.1-129.el8.x86_64.rpm
    MD5: 1ce037ef05645dddddccaa7f7d520373
    SHA-256: f6ccf7bfa5007f2840886be5ef0c76655e39c244c209c8c4fb9b9f8dd93c5a87
    Size: 40.31 kB
  33. fence-agents-kubevirt-4.2.1-129.el8.x86_64.rpm
    MD5: 2716fda04c3d8b2dda2134f693be33ae
    SHA-256: cd3b45697193b2032c43f741b02a69471cb8db1f4cf1954735d3f0cda46ac1cb
    Size: 4.46 MB
  34. fence-agents-lpar-4.2.1-129.el8.noarch.rpm
    MD5: 081e97fb56d3a2d9632977e6100cb221
    SHA-256: 1b0266177d9002044c38f1f19c905bfe34e2a3d30a647dceb28e954df981ae78
    Size: 28.52 kB
  35. fence-agents-mpath-4.2.1-129.el8.noarch.rpm
    MD5: 49a0fa2a89d933bc936fabf3c0b2afe8
    SHA-256: 7d38570f993c8526789adb71fd783736141d599ff4c03c5bf29bd935a13bb7ff
    Size: 30.68 kB
  36. fence-agents-openstack-4.2.1-129.el8.x86_64.rpm
    MD5: 01fb305edf11ab5a4798165fa7b33115
    SHA-256: 6307b944cd6ef97cfcff53cf66d35d6ba66fde843511934553b3d374b84d45f7
    Size: 29.62 kB
  37. fence-agents-redfish-4.2.1-129.el8.x86_64.rpm
    MD5: 31c7ce2691ae4b06f84aa3ccc1c696a2
    SHA-256: e537e1fe76bd754c86a21890e18185db358f82e3a0cca4d190e6ab448054c8b8
    Size: 28.55 kB
  38. fence-agents-rhevm-4.2.1-129.el8.noarch.rpm
    MD5: 13a5089048846b43efb65bd37cd11e28
    SHA-256: d32b5c4fbdd8988fd0ecdf2119339d870cd0798f1276a25d574f94463375a140
    Size: 28.89 kB
  39. fence-agents-rsa-4.2.1-129.el8.noarch.rpm
    MD5: 8dacbe42d82b573ff271eb20c031ddf3
    SHA-256: f19ebba305bf2a034dbee2c99b0d3b92c9118a89895bc8e92b232b253eab28c1
    Size: 27.59 kB
  40. fence-agents-rsb-4.2.1-129.el8.noarch.rpm
    MD5: 7587bc347b8c83db8b2a9b7f932a1ada
    SHA-256: e73227653be305f41375b9da2fe68b3af02f5455a5d95cc3b000f6d1e44556a9
    Size: 27.62 kB
  41. fence-agents-sbd-4.2.1-129.el8.noarch.rpm
    MD5: 0ccfcf1b5786a70f66a148f9bd699dce
    SHA-256: 7b49140f6c320632c6bfab0345168a86eed40ed71fa37eebff68a78291b14a2a
    Size: 29.38 kB
  42. fence-agents-scsi-4.2.1-129.el8.noarch.rpm
    MD5: 571fd854981a942cba27bf276cd49b7f
    SHA-256: 6edf60f224eca2babbb2b82611d47c9eb34aa0e812e724190cee9d8c66d1818d
    Size: 33.18 kB
  43. fence-agents-virsh-4.2.1-129.el8.noarch.rpm
    MD5: 459ecc65a71e25a64f8f8dd4ac6cc6ed
    SHA-256: 3a3f537a362b90dae48dbebb4c550fc991697fd0752fd014bf1553f1e44dbf05
    Size: 28.23 kB
  44. fence-agents-vmware-rest-4.2.1-129.el8.noarch.rpm
    MD5: 786b8666aa39f7861df04b67532b5bbe
    SHA-256: e3aa32b18dd8488ccb659479e0181ff90e9fb4ab6bde5ce77015e5bd41a178f3
    Size: 28.79 kB
  45. fence-agents-vmware-soap-4.2.1-129.el8.noarch.rpm
    MD5: b7c5624a153b894f1af11e494da60e09
    SHA-256: 131e4ea1f0a8546915ce79a9fba702ca48f46d2c50205cbf8dcaf44c503f44f4
    Size: 29.82 kB
  46. fence-agents-wti-4.2.1-129.el8.noarch.rpm
    MD5: 4097b02ff5e030cd03607cc8c5964a8d
    SHA-256: 6b4cbb6ab7e4334faef5547c4416c30893dee4edfbe3fd22dbe22347101c2f06
    Size: 29.22 kB