[CLSA-2022:1671123868] rpm: Fix of 2 CVEs
Type:
security
Severity:
Moderate
Release date:
2022-12-15
Description:
- CVE-2021-35939: validate intermediate symlinks during installation - CVE-2021-35938: set file metadata via fd-based ops for everything but symlinks - Fix file descriptor leak recently introduced in rpmPackageFilesInstall()
Updated packages:
  • python3-rpm-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:3035fb787a3d40c549d532b9a8cc974704e5a952
  • rpm-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:5d08daf34d1a35dad87b5923e2fdfd867614d8ce
  • rpm-apidocs-4.14.3-19.el8.tuxcare.els2.noarch.rpm
    sha:6cd77830f69e2ec62722972938b7c0b341ee2205
  • rpm-build-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:4a226aaef217eb003167afcbce3c3f1a6c51bdfa
  • rpm-build-libs-4.14.3-19.el8.tuxcare.els2.i686.rpm
    sha:cd2840b04d1bfa230ec1b3cfe4786e982e074337
  • rpm-build-libs-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:8bd54207a8ead4f3641c21148117d18792568978
  • rpm-cron-4.14.3-19.el8.tuxcare.els2.noarch.rpm
    sha:e4d2399356fff95e7871d33383ba604591ecefe6
  • rpm-devel-4.14.3-19.el8.tuxcare.els2.i686.rpm
    sha:8b74ba5343d7282c1e75e1f8c0444334fa5646c5
  • rpm-devel-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:d35e76ddcc5f824043dc85314cbac8640a1989a9
  • rpm-libs-4.14.3-19.el8.tuxcare.els2.i686.rpm
    sha:051b1fa5b046eaddd0c146d46156a679a4d1cd79
  • rpm-libs-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:928b886c910dbb8d6b612cb45569e662e48f50c5
  • rpm-plugin-fapolicyd-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:d4a2dd01c0a33e2fadf22f735cdc54e2fb91ec8a
  • rpm-plugin-ima-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:46f403368599b0216c54d00d3b5d952e2638ff82
  • rpm-plugin-prioreset-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:01d3462c551f2b2c9c04274be1061efe466163f7
  • rpm-plugin-selinux-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:3c52a442b7aceb275df6c0499dc5e01143635b3b
  • rpm-plugin-syslog-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:632b5af3b5423585c9691770b5cd8a3001b2b5a1
  • rpm-plugin-systemd-inhibit-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:39da4a867b936487262bc1a9e14bc6a54eeeb8ee
  • rpm-sign-4.14.3-19.el8.tuxcare.els2.x86_64.rpm
    sha:235a5b822662b1ba3255f1914a642eea30b103a7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.