تحديثات Red Hat
2834تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
30 مارس, 2020
● عالي
2020-1071
الكل
الوصف:
أصدرت Red Hat عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- libvncserver
- Red Hat CodeReady Linux Builder for ARM 64
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support
- Red Hat CodeReady Linux Builder for IBM z Systems
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support
- Red Hat CodeReady Linux Builder for Power, little endian
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support
- Red Hat CodeReady Linux Builder for x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Desktop
- Red Hat Enterprise Linux for Power, little endian
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support
- Red Hat Enterprise Linux for x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux Server - AUS
- Red Hat Enterprise Linux Server - TUS
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
- Red Hat Enterprise Linux Workstation
- thunderbird
- Red Hat Enterprise Linux Desktop
- Red Hat Enterprise Linux for IBM z Systems
- Red Hat Enterprise Linux for Power, big endian
- Red Hat Enterprise Linux for Power, little endian
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support
- Red Hat Enterprise Linux for x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux Server - Update Services for SAP SolutionsLinux Workstation
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
- Red Hat Enterprise Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
- tomcat6
- Red Hat Enterprise Linux for Scientific Computing
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux for Power, big endian
- Red Hat Enterprise Linux Workstation
- Red Hat Enterprise Linux for IBM z Systems
- Red Hat Enterprise Linux Desktop
- Red Hat AMQ Broker 7.6 release and security update
- Red Hat JBoss Middleware
- devtoolset-8-gcc
- Red Hat Software Collections (for RHEL Server for ARM)
- Red Hat Software Collections (for RHEL Workstation)
- Red Hat Software Collections (for RHEL Server for IBM Power LE)
- Red Hat Software Collections (for RHEL Server)
- Red Hat Software Collections (for RHEL Server for IBM Power)
- Red Hat Software Collections (for RHEL Server for System Z)
- Red Hat AMQ Streams 1.4.0 release and security update
- Red Hat JBoss Middleware
- runc
- Red Hat Enterprise Linux Workstation
- Red Hat Enterprise Linux for Power, little endian
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux for IBM z Systems
- samba
- Red Hat Gluster Storage Server for On-premise
- Red Hat Single Sign-On 7.3.7
- Red Hat Single Sign-On
- Red Hat JBoss Enterprise Application Platform 7.3
- JBoss Enterprise Application Platform
- OpenShift Container Platform 4.3.8 openshift-clients
- Red Hat OpenShift Container Platform
- OpenShift Container Platform 4.3.8 openshift-enterprise-template-service-broker-operator-container
- Red Hat OpenShift Container Platform
- OpenShift Container Platform 4.3.8 proglottis/gpgme
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Service Mesh 1.0.10 Jaeger and Kiali
- Red Hat OpenShift Service Mesh
- Red Hat OpenShift Service Mesh 1.0.10 openshift-istio-kiali-rhel7-operator-container
- Red Hat OpenShift Service Mesh
- OpenShift Container Platform 3.11 jenkins-2-plugins
- Red Hat OpenShift Container Platform
- OpenShift Container Platform 4.2 openshift-enterprise-mediawiki-container security update
- Red Hat OpenShift Container Platform
- zsh
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- Ipmitool
- Red Hat Enterprise Linux for x86_64
- Red Hat Enterprise Linux Workstation
- Red Hat Enterprise Linux for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- rh-postgresql10-postgresql
- Red Hat Software Collections (for RHEL Workstation)
- Important: Red Hat Fuse 7.6.0 security update
- Red Hat JBoss Middleware
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- هجمة حجب الخدمة (DoS attack)
- تنفيذ برمجيات خبيثة عن بعد
- الكشف والإفصاح غير المصرح به للمعلومات
- تعديل غير مصرح به
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرتRed Hat توضيحًا لهذه التحديثات:
- https://access.redhat.com/errata/RHSA-2020:0913
- https://access.redhat.com/errata/RHSA-2020:0914
- https://access.redhat.com/errata/RHSA-2020:0918
- https://access.redhat.com/errata/RHSA-2020:0912
- https://access.redhat.com/errata/RHSA-2020:0919
- https://access.redhat.com/errata/RHSA-2020:0920
- https://access.redhat.com/errata/RHSA-2020:0921
- https://access.redhat.com/errata/RHSA-2020:0922
- https://access.redhat.com/errata/RHSA-2020:0924
- https://access.redhat.com/errata/RHSA-2020:0939
- https://access.redhat.com/errata/RHSA-2020:0942
- https://access.redhat.com/errata/RHSA-2020:0943
- https://access.redhat.com/errata/RHSA-2020:0945
- https://access.redhat.com/errata/RHSA-2020:0946
- https://access.redhat.com/errata/RHSA-2020:0947
- https://access.redhat.com/errata/RHSA-2020:0951
- https://access.redhat.com/errata/RHSA-2020:0952
- https://access.redhat.com/errata/RHSA-2020:0961
- https://access.redhat.com/errata/RHSA-2020:0962
- https://access.redhat.com/errata/RHSA-2020:0928
- https://access.redhat.com/errata/RHSA-2020:0866