Skip to content

Security Update 3.0 601

Mukul Sikka edited this page Sep 16, 2024 · 519 revisions

Critical Photon OS Security Update

Summary

Advisory Id : PHSA-2023-3.0-0601

Type : Security

Severity : ['Critical', 'Important', 'Moderate', 'Low']

Issue date : 2023-06-20

Affected Release: 3.0

Details

Updates of ['crash', 'nmap', 'openjdk11'] packages of Photon OS have been released.

Affected Packages

Critical

crash - ['CVE-2018-12699', 'CVE-2014-9939', 'CVE-2017-7226', 'CVE-2017-7614', 'CVE-2017-6969']

nmap - ['CVE-2022-28805']

Important

crash - ['CVE-2014-8485', 'CVE-2017-17125', 'CVE-2017-7301', 'CVE-2017-13716', 'CVE-2017-16827', 'CVE-2017-9742', 'CVE-2017-14745', 'CVE-2017-9748', 'CVE-2018-7643', 'CVE-2017-15938', 'CVE-2017-16831', 'CVE-2017-17124', 'CVE-2017-8398', 'CVE-2017-9752', 'CVE-2017-8396', 'CVE-2014-8502', 'CVE-2005-1705', 'CVE-2014-8501', 'CVE-2017-9756', 'CVE-2019-9077', 'CVE-2017-16828', 'CVE-2017-7223', 'CVE-2017-14729', 'CVE-2017-15996', 'CVE-2017-16832', 'CVE-2018-1000876', 'CVE-2021-37322', 'CVE-2017-7302', 'CVE-2018-18483', 'CVE-2017-9755', 'CVE-2014-8504', 'CVE-2019-9070', 'CVE-2017-9043', 'CVE-2017-9753', 'CVE-2017-14333', 'CVE-2017-17121', 'CVE-2018-20657', 'CVE-2017-7304', 'CVE-2017-8394', 'CVE-2017-12799', 'CVE-2018-19931', 'CVE-2017-17122', 'CVE-2017-9746', 'CVE-2017-9745', 'CVE-2017-9747', 'CVE-2014-8503', 'CVE-2018-7208', 'CVE-2017-9743', 'CVE-2017-8392', 'CVE-2021-20294', 'CVE-2018-6323', 'CVE-2017-8395', 'CVE-2018-12934', 'CVE-2017-16829', 'CVE-2017-15020', 'CVE-2017-9042', 'CVE-2017-9754', 'CVE-2018-5392', 'CVE-2018-6543', 'CVE-2017-7227', 'CVE-2017-7303', 'CVE-2017-7300', 'CVE-2017-8397', 'CVE-2017-12456', 'CVE-2017-9751', 'CVE-2017-17126', 'CVE-2017-16830', 'CVE-2019-9075', 'CVE-2017-9744', 'CVE-2017-9749', 'CVE-2017-16826', 'CVE-2017-7225', 'CVE-2017-8393', 'CVE-2017-9750', 'CVE-2018-12697', 'CVE-2018-12698']

nmap - ['CVE-2020-24342', 'CVE-2022-33099', 'CVE-2019-17498', 'CVE-2020-24369', 'CVE-2020-15888', 'CVE-2019-6706']

openjdk11 - ['CVE-2020-14152', 'CVE-2020-14153', 'CVE-2018-11813']

Moderate

crash - ['CVE-2021-20284', 'CVE-2017-9044', 'CVE-2017-12451', 'CVE-2018-20651', 'CVE-2017-14128', 'CVE-2020-16591', 'CVE-2017-15025', 'CVE-2018-20671', 'CVE-2018-17359', 'CVE-2019-1010204', 'CVE-2017-9778', 'CVE-2017-12448', 'CVE-2018-13033', 'CVE-2018-7569', 'CVE-2019-12972', 'CVE-2018-18701', 'CVE-2017-14930', 'CVE-2018-10372', 'CVE-2017-9040', 'CVE-2017-14129', 'CVE-2018-17985', 'CVE-2017-17080', 'CVE-2018-18606', 'CVE-2017-7209', 'CVE-2017-9954', 'CVE-2017-14529', 'CVE-2018-17794', 'CVE-2017-17123', 'CVE-2017-14130', 'CVE-2014-8484', 'CVE-2017-9041', 'CVE-2018-7570', 'CVE-2017-12453', 'CVE-2020-35495', 'CVE-2018-8945', 'CVE-2018-17358', 'CVE-2018-6872', 'CVE-2017-15225', 'CVE-2018-20002', 'CVE-2017-14933', 'CVE-2017-14974', 'CVE-2020-16590', 'CVE-2021-3487', 'CVE-2017-12455', 'CVE-2018-19932', 'CVE-2020-35494', 'CVE-2021-20197', 'CVE-2017-13710', 'CVE-2018-18607', 'CVE-2017-7224', 'CVE-2017-6966', 'CVE-2018-18700', 'CVE-2020-35496', 'CVE-2017-7299', 'CVE-2020-35493', 'CVE-2011-4355', 'CVE-2018-17360', 'CVE-2017-12450', 'CVE-2017-12967', 'CVE-2018-6759', 'CVE-2019-17451', 'CVE-2019-9072', 'CVE-2017-9038', 'CVE-2017-7210', 'CVE-2019-17450', 'CVE-2019-14250', 'CVE-2018-7642', 'CVE-2018-18605', 'CVE-2017-15023', 'CVE-2017-15939', 'CVE-2018-10373', 'CVE-2017-9955', 'CVE-2018-18309', 'CVE-2017-14940', 'CVE-2017-12452', 'CVE-2017-12458', 'CVE-2018-20623', 'CVE-2018-7568', 'CVE-2019-9073', 'CVE-2017-12454', 'CVE-2017-12449', 'CVE-2018-10535', 'CVE-2018-20673', 'CVE-2018-10534', 'CVE-2020-35507', 'CVE-2019-9071', 'CVE-2017-13757', 'CVE-2005-1704', 'CVE-2017-15024', 'CVE-2014-8738', 'CVE-2017-15021', 'CVE-2017-14938', 'CVE-2017-8421', 'CVE-2020-16593', 'CVE-2017-9039', 'CVE-2017-6965', 'CVE-2017-14934', 'CVE-2019-9074', 'CVE-2017-15022', 'CVE-2017-14932', 'CVE-2020-16592', 'CVE-2018-18484', 'CVE-2019-14444', 'CVE-2017-12459', 'CVE-2017-12457', 'CVE-2017-14939']

nmap - ['CVE-2020-24371', 'CVE-2021-44647', 'CVE-2021-43519', 'CVE-2020-24370', 'CVE-2020-15945']

openjdk11 - ['CVE-2022-21277', 'CVE-2022-21624', 'CVE-2022-21476', 'CVE-2022-21291', 'CVE-2022-21496', 'CVE-2022-21619', 'CVE-2022-21426', 'CVE-2022-21540', 'CVE-2022-21341', 'CVE-2023-21843', 'CVE-2022-21293', 'CVE-2022-21366', 'CVE-2021-35559', 'CVE-2023-21954', 'CVE-2023-21939', 'CVE-2022-21296', 'CVE-2022-21294', 'CVE-2021-35550', 'CVE-2023-21967', 'CVE-2021-35567', 'CVE-2022-21299', 'CVE-2022-21628', 'CVE-2021-35561', 'CVE-2021-35586', 'CVE-2022-21271', 'CVE-2019-10219', 'CVE-2023-21835', 'CVE-2021-35565', 'CVE-2022-21283', 'CVE-2023-21930', 'CVE-2022-21434', 'CVE-2022-21340', 'CVE-2022-21541', 'CVE-2022-21626', 'CVE-2022-21305', 'CVE-2022-21360', 'CVE-2022-21618', 'CVE-2022-21282', 'CVE-2021-35556']

Low

crash - ['CVE-2020-35448', 'CVE-2014-8737']

openjdk11 - ['CVE-2021-2369', 'CVE-2021-2341', 'CVE-2022-21248', 'CVE-2023-21938', 'CVE-2021-35603', 'CVE-2023-21968', 'CVE-2022-39399', 'CVE-2022-21443', 'CVE-2023-21937']

Solution

Update the affected packages (tdnf update package)

Updated Packages Information

crash-8.0.2-1.ph3.x86_64.rpm | size : 4.7M , sha256 : 976fe363d3383ea4a2c3cd1fe336c17d9d75fbe4d365738e059e7b8974629946 , build time : Mon, 19 Jun 2023 22:53:26 UTC

crash-devel-8.0.2-1.ph3.x86_64.rpm | size : 64K , sha256 : 8e6c79edda000d8f58159a6362afa56d0ff9bd8fb7d3afa67df217f42b4c3db8 , build time : Mon, 19 Jun 2023 22:53:26 UTC

nmap-7.91-2.ph3.x86_64.rpm | size : 5.8M , sha256 : 7a46e8eeb71744be077305f7bb35f0a75b9a8e449fec76d6a63f7ecb149daff5 , build time : Mon, 19 Jun 2023 22:52:23 UTC

nmap-ncat-7.91-2.ph3.x86_64.rpm | size : 112K , sha256 : 57861fd066ae484b7f75187207e53871a7bba67b158cd5e836461da65d1af1b1 , build time : Mon, 19 Jun 2023 22:52:23 UTC

openjdk11-11.0.20-1.ph3.x86_64.rpm | size : 185M , sha256 : 45ac4642814db9f59b3267617d36e416ef4ac22dedf77982865d7fa807bdb22a , build time : Mon, 19 Jun 2023 23:03:05 UTC

openjdk11-doc-11.0.20-1.ph3.x86_64.rpm | size : 5.6M , sha256 : 05e49e6161b457192a179d2b22fd4236bd0e6afb96f0c6fd7f71da72f7cc5f91 , build time : Mon, 19 Jun 2023 23:03:05 UTC

openjdk11-src-11.0.20-1.ph3.x86_64.rpm | size : 52M , sha256 : e9fc22a532f4b12bbc087c10e9cb474a2f62cf0557b86257ebe050ae3b049d3f , build time : Mon, 19 Jun 2023 23:03:05 UTC

Clone this wiki locally