Red Hat Updates
1871Warning Date
Severity Level
Warning Number
Target Sector
11 August, 2020
● High
2020-1621
All
Description:
Red Hat has released security updates to address vulnerabilities in the following products:
- bind
- Red Hat Enterprise Linux Server - AUS 6.6 x86_64
- Red Hat JBoss Enterprise Application Platform 6.4
- JBoss Enterprise Application Platform Text-Only Advisories x86_64
- JBoss Enterprise Application Platform 6.4 for RHEL 7 x86_64
- JBoss Enterprise Application Platform 6.4 for RHEL 7 ppc64
- JBoss Enterprise Application Platform 6.4 for RHEL 6 x86_64
- JBoss Enterprise Application Platform 6.4 for RHEL 6 ppc64
- JBoss Enterprise Application Platform 6.4 for RHEL 6 i386
- JBoss Enterprise Application Platform 6.4 for RHEL 5 x86_64
- JBoss Enterprise Application Platform 6.4 for RHEL 5 i386
- JBoss Enterprise Application Platform 6 for RHEL 7 x86_64
- JBoss Enterprise Application Platform 6 for RHEL 7 ppc64
- JBoss Enterprise Application Platform 6 for RHEL 6 x86_64
- libvncserver
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.2 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64
- java-1.8.0-ibm
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- java-1.7.1-ibm
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Execute arbitrary code
- Unauthorized disclosure of information
Best practice and Recommendations:
The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:
- https://access.redhat.com/errata/RHSA-2020:3378
- https://access.redhat.com/errata/RHSA-2020:3379
- https://access.redhat.com/errata/RHSA-2020:3382
- https://access.redhat.com/errata/RHSA-2020:3383
- https://access.redhat.com/errata/RHSA-2020:3385
- https://access.redhat.com/errata/RHSA-2020:3386
- https://access.redhat.com/errata/RHSA-2020:3387
- https://access.redhat.com/errata/RHSA-2020:3388