The official site for Saudi CERT
Red Hat Updates
2835
Warning Date
Severity Level
Warning Number
Target Sector
30 March, 2020
● High
2020-1071
All
Description:
Red Hat has released security updates to address vulnerabilities in the following products:
- libvncserver
- Red Hat CodeReady Linux Builder for ARM 64
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support
- Red Hat CodeReady Linux Builder for IBM z Systems
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support
- Red Hat CodeReady Linux Builder for Power, little endian
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support
- Red Hat CodeReady Linux Builder for x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Desktop
- Red Hat Enterprise Linux for Power, little endian
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support
- Red Hat Enterprise Linux for x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux Server - AUS
- Red Hat Enterprise Linux Server - TUS
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
- Red Hat Enterprise Linux Workstation
- thunderbird
- Red Hat Enterprise Linux Desktop
- Red Hat Enterprise Linux for IBM z Systems
- Red Hat Enterprise Linux for Power, big endian
- Red Hat Enterprise Linux for Power, little endian
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support
- Red Hat Enterprise Linux for x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux Server - Update Services for SAP SolutionsLinux Workstation
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
- Red Hat Enterprise Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
- tomcat6
- Red Hat Enterprise Linux for Scientific Computing
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux for Power, big endian
- Red Hat Enterprise Linux Workstation
- Red Hat Enterprise Linux for IBM z Systems
- Red Hat Enterprise Linux Desktop
- Red Hat AMQ Broker 7.6 release and security update
- Red Hat JBoss Middleware
- devtoolset-8-gcc
- Red Hat Software Collections (for RHEL Server for ARM)
- Red Hat Software Collections (for RHEL Workstation)
- Red Hat Software Collections (for RHEL Server for IBM Power LE)
- Red Hat Software Collections (for RHEL Server)
- Red Hat Software Collections (for RHEL Server for IBM Power)
- Red Hat Software Collections (for RHEL Server for System Z)
- Red Hat AMQ Streams 1.4.0 release and security update
- Red Hat JBoss Middleware
- runc
- Red Hat Enterprise Linux Workstation
- Red Hat Enterprise Linux for Power, little endian
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux for IBM z Systems
- samba
- Red Hat Gluster Storage Server for On-premise
- Red Hat Single Sign-On 7.3.7
- Red Hat Single Sign-On
- Red Hat JBoss Enterprise Application Platform 7.3
- JBoss Enterprise Application Platform
- OpenShift Container Platform 4.3.8 openshift-clients
- Red Hat OpenShift Container Platform
- OpenShift Container Platform 4.3.8 openshift-enterprise-template-service-broker-operator-container
- Red Hat OpenShift Container Platform
- OpenShift Container Platform 4.3.8 proglottis/gpgme
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Service Mesh 1.0.10 Jaeger and Kiali
- Red Hat OpenShift Service Mesh
- Red Hat OpenShift Service Mesh 1.0.10 openshift-istio-kiali-rhel7-operator-container
- Red Hat OpenShift Service Mesh
- OpenShift Container Platform 3.11 jenkins-2-plugins
- Red Hat OpenShift Container Platform
- OpenShift Container Platform 4.2 openshift-enterprise-mediawiki-container security update
- Red Hat OpenShift Container Platform
- zsh
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- Ipmitool
- Red Hat Enterprise Linux for x86_64
- Red Hat Enterprise Linux Workstation
- Red Hat Enterprise Linux for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- rh-postgresql10-postgresql
- Red Hat Software Collections (for RHEL Workstation)
- Important: Red Hat Fuse 7.6.0 security update
- Red Hat JBoss Middleware
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Execute arbitrary code -remotely
- Unauthorized disclosure of information
- Unauthorized modification
Best practice and Recommendations:
The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:
- https://access.redhat.com/errata/RHSA-2020:0913
- https://access.redhat.com/errata/RHSA-2020:0914
- https://access.redhat.com/errata/RHSA-2020:0918
- https://access.redhat.com/errata/RHSA-2020:0912
- https://access.redhat.com/errata/RHSA-2020:0919
- https://access.redhat.com/errata/RHSA-2020:0920
- https://access.redhat.com/errata/RHSA-2020:0921
- https://access.redhat.com/errata/RHSA-2020:0922
- https://access.redhat.com/errata/RHSA-2020:0924
- https://access.redhat.com/errata/RHSA-2020:0939
- https://access.redhat.com/errata/RHSA-2020:0942
- https://access.redhat.com/errata/RHSA-2020:0943
- https://access.redhat.com/errata/RHSA-2020:0945
- https://access.redhat.com/errata/RHSA-2020:0946
- https://access.redhat.com/errata/RHSA-2020:0947
- https://access.redhat.com/errata/RHSA-2020:0951
- https://access.redhat.com/errata/RHSA-2020:0952
- https://access.redhat.com/errata/RHSA-2020:0961
- https://access.redhat.com/errata/RHSA-2020:0962
- https://access.redhat.com/errata/RHSA-2020:0928
- https://access.redhat.com/errata/RHSA-2020:0866
Rate the content
Share the page
