In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversaries, it can be used to gain privileged permissions on a system or network leading to high impact on Confidentiality, Integrity, and Availability.

CVE-2022-35292

SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and completely compromise the application.

CVE-2022-39801

Under certain conditions, the application SAP BusinessObjects Business Intelligence Platform (Version Management System) - versions 420, 430, exposes sensitive information to an actor over the network with high privileges that is not explicitly authorized to have access to that information, leading to a high impact on Confidentiality.

CVE-2022-35295

Red Hat Security Advisory 2022-6443-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include buffer overflow and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-6443-01

Red Hat Security Advisory 2022-6460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:6460-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6460  
Issue date:        2022-09-13  
CVE Names:         CVE-2022-21123 CVE-2022-21125 CVE-2022-21166   
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux  
operating system.

Security Fix(es):

* Incomplete cleanup of multi-core shared buffers (aka SBDR)  
(CVE-2022-21123)

* Incomplete cleanup of microarchitectural fill buffers (aka SBDS)  
(CVE-2022-21125)

* Incomplete cleanup in specific special register write operations (aka  
DRPW) (CVE-2022-21166)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Bad page state in process qemu-kvm  pfn:68a74600 (BZ#2081013)

* slub corruption during  LPM of hnv interface (BZ#2081250)

* Affinity broken due to vector space exhaustion (BZ#2084646)

* 'rmmod pmt_telemetry' panics on ADL-P IOTG (BZ#2091079)

* Unable to boot RHEL-8.6 on Brazos max. config (Install is success)  
(BZ#2092241)

* kernel crash after reboot of T14/G2 AMD laptop (mt7921e module)  
(BZ#2095654)

* mt7921: free resources on pci_probe error path (BZ#2101684)

* NLM should be more defensive if underlying FS changes fl_owner  
(BZ#2102099)

* RHEL8/async-pf Guest call trace when reboot after postcopy migration with  
high stress workload (BZ#2105340)

* execve exit tracepoint not called (BZ#2106662)

* QProcess dead lock on kernel-4.18.0-358 (BZ#2107643)

* KVM fix guest FPU uABI size to kvm_xsave (BZ#2107652)

* KVM selftests fail to compile (BZ#2107655)

* Some monitor have no display with AMD W6400 when boot into OS.  
(BZ#2109826)

* Percpu counter usage is gradually getting increasing during podman  
container recreation. (BZ#2110039)

* multipath failed to recover after EEH hit on flavafish adapter on  
Denali(qla2xxx/flavafish/RHEL8.6/Denali) (BZ#2110768)

* soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110772)

* trouble re-assigning MACs to VFs, ice stricter than other drivers  
(BZ#2111936)

* Intel MPI 2019.0 - mpirun stuck on latest kernel (BZ#2112030)

* Multicast packets are not received by all VFs on the same port even  
though they have the same VLAN (BZ#2117026)

* Hyper-V 2019 Dynamic Memory Problem hv_balloon (BZ#2117050)

* kernel BUG at kernel/sched/deadline.c:1561! (BZ#2117410)

* ALSA (sound) driver - update Intel SOF kcontrol code (BZ#2117732)

* bridge over bond over ice ports has no connection (BZ#2118580)

* Fix max VLANs available for VF (BZ#2118581)

* offline selftest failed (BZ#2118582)

* INTEL NVMUpdate utility ver 3.20 is failing to update firmware on  
E810-XXVDA4T (WPC) (BZ#2118583)

* VM configured with failover interface will coredump after been migrating  
from source host to target host(only iavf driver) (BZ#2118705)

* Fix max VLANs available for untrusted VF (BZ#2118707)

* Softlockup on infinite loop in task_get_css() for a CSS_DYING cpuset  
(BZ#2120776)

Enhancement(s):

* KVM Sapphire Rapids (SPR) AMX Instructions (BZ#2088287)

* KVM Sapphire Rapids (SPR) AMX Instructions part2 (BZ#2088288)

* ice: Driver Update (BZ#2102359)

* iavf: Driver Update (BZ#2102360)

* iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2112983)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)  
2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)  
2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:  
kernel-4.18.0-372.26.1.el8_6.src.rpm

aarch64:  
bpftool-4.18.0-372.26.1.el8_6.aarch64.rpm  
bpftool-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-core-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-cross-headers-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debug-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debug-core-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debug-devel-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debug-modules-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debug-modules-extra-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-devel-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-headers-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-modules-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-modules-extra-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-tools-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-tools-libs-4.18.0-372.26.1.el8_6.aarch64.rpm  
perf-4.18.0-372.26.1.el8_6.aarch64.rpm  
perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
python3-perf-4.18.0-372.26.1.el8_6.aarch64.rpm  
python3-perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm

noarch:  
kernel-abi-stablelists-4.18.0-372.26.1.el8_6.noarch.rpm  
kernel-doc-4.18.0-372.26.1.el8_6.noarch.rpm

ppc64le:  
bpftool-4.18.0-372.26.1.el8_6.ppc64le.rpm  
bpftool-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-core-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-cross-headers-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debug-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debug-core-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debug-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debug-modules-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debug-modules-extra-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-headers-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-modules-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-modules-extra-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-tools-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-tools-libs-4.18.0-372.26.1.el8_6.ppc64le.rpm  
perf-4.18.0-372.26.1.el8_6.ppc64le.rpm  
perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
python3-perf-4.18.0-372.26.1.el8_6.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm

s390x:  
bpftool-4.18.0-372.26.1.el8_6.s390x.rpm  
bpftool-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-core-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-cross-headers-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-debug-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-debug-core-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-debug-devel-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-debug-modules-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-debug-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-debuginfo-common-s390x-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-devel-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-headers-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-modules-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-tools-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-zfcpdump-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-zfcpdump-core-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-zfcpdump-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-zfcpdump-devel-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-zfcpdump-modules-4.18.0-372.26.1.el8_6.s390x.rpm  
kernel-zfcpdump-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm  
perf-4.18.0-372.26.1.el8_6.s390x.rpm  
perf-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm  
python3-perf-4.18.0-372.26.1.el8_6.s390x.rpm  
python3-perf-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm

x86_64:  
bpftool-4.18.0-372.26.1.el8_6.x86_64.rpm  
bpftool-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-core-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-cross-headers-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debug-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debug-core-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debug-devel-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debug-modules-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debug-modules-extra-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-devel-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-headers-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-modules-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-modules-extra-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-tools-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-tools-libs-4.18.0-372.26.1.el8_6.x86_64.rpm  
perf-4.18.0-372.26.1.el8_6.x86_64.rpm  
perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
python3-perf-4.18.0-372.26.1.el8_6.x86_64.rpm  
python3-perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:  
bpftool-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
kernel-tools-libs-devel-4.18.0-372.26.1.el8_6.aarch64.rpm  
perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm  
python3-perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm

ppc64le:  
bpftool-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
kernel-tools-libs-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm  
perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm

x86_64:  
bpftool-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
kernel-tools-libs-devel-4.18.0-372.26.1.el8_6.x86_64.rpm  
perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm  
python3-perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-21123  
https://access.redhat.com/security/cve/CVE-2022-21125  
https://access.redhat.com/security/cve/CVE-2022-21166  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyCB1NzjgjWX9erEAQjx1g/+KpIc2rESQgtzICCW50Ha+ZjaOZiuIgGV  
1wDzgsyj7JRxGOIhGY3edJp7sdtoT0+CoWTdjENZrNhQlQ9UhRSpJ+8vdGy5WooO  
fwwKBffteRMEl8YTO/U8fstclEKXK3MB93ZxEHgS0L3UQY/AUU5XqSzB4a4rV9RJ  
DpFQcnw3dHIrtMKHs4HMrm8+Q8ezq9UmVbl472ecnfmNXfHDhOmUGGlUrT22SX9p  
Zn/UXCiWZxIt+Vh2uTrIgs4hiSJPAqD/lGHjLQpaR26uciZnndLui2s4W91F7yN4  
ZifRDwrSAMtsRoln7Z8HL6H59tw4vHwAY1rD5ATwk9EqhRtaetE+v0hzM+BRBhri  
dpZnKUhMiUDNTUKqmpbBZjh4IuSKI6AkaQenFnMQWTp027B6o0EjhqpiEdLaA0R/  
pYewm2OKbulyoUeVhC5GOMX6g8ckGa5h2o4Fr+fkaptELQN1VniYEu88O7pRqaqR  
lW3MrcYIEowDxyiMLehgtIxjyawzfmi0fficXzCf8xEXm8fmqlrXu4lfhKV4g3WI  
Y9j8INFYc4inopUBsQM1zXWV00nCDxAvaYPhOYI0VjO11jxOCOcBheOlwS1sseOv  
Bjram7oqf2DuVSINeTAgbHMLMA4AGEcNMsOAN/mwdq6ZBpEYmCf48pvZwQscW7qv  
a685GRAjoyY=  
=4AwP  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6460-01

Red Hat Security Advisory 2022-6432-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a privilege escalation vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update  
Advisory ID:       RHSA-2022:6432-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6432  
Issue date:        2022-09-13  
CVE Names:         CVE-2022-1729   
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.6  
Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update  
Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64  
Red Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64  
Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64  
Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64  
Red Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64  
Red Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux  
operating system.

Security Fix(es):

* kernel: race condition in perf_event_open leads to privilege escalation  
(CVE-2022-1729)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Posix ACL object is leaked in several places upon setattr and fsetxattr  
syscalls (BZ#2106587)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2086753 - CVE-2022-1729 kernel: race condition in perf_event_open leads to privilege escalation

6. Package List:

Red Hat Enterprise Linux Server AUS (v. 7.6):

Source:  
kernel-3.10.0-957.97.1.el7.src.rpm

noarch:  
kernel-abi-whitelists-3.10.0-957.97.1.el7.noarch.rpm  
kernel-doc-3.10.0-957.97.1.el7.noarch.rpm

x86_64:  
bpftool-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-devel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-common-x86_64-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-devel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-headers-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-libs-3.10.0-957.97.1.el7.x86_64.rpm  
perf-3.10.0-957.97.1.el7.x86_64.rpm  
perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server E4S (v. 7.6):

Source:  
kernel-3.10.0-957.97.1.el7.src.rpm

noarch:  
kernel-abi-whitelists-3.10.0-957.97.1.el7.noarch.rpm  
kernel-doc-3.10.0-957.97.1.el7.noarch.rpm

ppc64le:  
kernel-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-bootwrapper-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-debug-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-debug-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-devel-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-headers-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-tools-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-tools-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-tools-libs-3.10.0-957.97.1.el7.ppc64le.rpm  
perf-3.10.0-957.97.1.el7.ppc64le.rpm  
perf-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm  
python-perf-3.10.0-957.97.1.el7.ppc64le.rpm  
python-perf-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm

x86_64:  
kernel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-devel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-common-x86_64-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-devel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-headers-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-libs-3.10.0-957.97.1.el7.x86_64.rpm  
perf-3.10.0-957.97.1.el7.x86_64.rpm  
perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server TUS (v. 7.6):

Source:  
kernel-3.10.0-957.97.1.el7.src.rpm

noarch:  
kernel-abi-whitelists-3.10.0-957.97.1.el7.noarch.rpm  
kernel-doc-3.10.0-957.97.1.el7.noarch.rpm

x86_64:  
bpftool-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debug-devel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-common-x86_64-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-devel-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-headers-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-libs-3.10.0-957.97.1.el7.x86_64.rpm  
perf-3.10.0-957.97.1.el7.x86_64.rpm  
perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 7.6):

x86_64:  
kernel-debug-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-common-x86_64-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-libs-devel-3.10.0-957.97.1.el7.x86_64.rpm  
perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional E4S (v. 7.6):

ppc64le:  
kernel-debug-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-debug-devel-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-tools-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm  
kernel-tools-libs-devel-3.10.0-957.97.1.el7.ppc64le.rpm  
perf-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm  
python-perf-debuginfo-3.10.0-957.97.1.el7.ppc64le.rpm

x86_64:  
kernel-debug-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-common-x86_64-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-libs-devel-3.10.0-957.97.1.el7.x86_64.rpm  
perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional TUS (v. 7.6):

x86_64:  
kernel-debug-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-debuginfo-common-x86_64-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
kernel-tools-libs-devel-3.10.0-957.97.1.el7.x86_64.rpm  
perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm  
python-perf-debuginfo-3.10.0-957.97.1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1729  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyCBxdzjgjWX9erEAQhKxA/9Hw1hyZk5zX6OsPzqT/n32YbvIfWh/RWC  
fCC7NzSsHPDZNyDnStFsU4TmbJOiJv33dW2vnUFNJeBBPfjMJLNi+qW8Ahbfb7oq  
njo8hr/JzaNHrWUlQwOC+Y5GMDdzfBb0Dj5eNVSze+3/jzoKEeeQs63I3F5wpKzg  
xNRPcnqWm32nN6xAE+6Tt7S73OZVkec+T9Qhl50jDIIYLe50wph1Hb5Ipg07u+k3  
h+OiwdZH+MHyMMNWAONnaik/7sr+5/sZINufl3SDdATs1PA5kCtcdseXRarKYhh6  
Uw+LZMNNdwX7m/zy1Aq+XI9sK+UZcTE0Er/YPB5huhoMqJjDq2IDiUDypYN6LALH  
5Q+lCK31zVt51qM4PGsic/t2yZPb3NbOhuVZwMLnTycdMtiEbvhc1TUbQW4f+8f5  
9f4ynSGsmN+okW8pTIc75MCP6p9fv7i/LknmBeKFpj78gBnJ+CyeH29n1mV0+qgI  
e+tfx7nO0zPbMw4n5FlQ3wiHWnayg2kk3Uc11wGH7E7D/f5BAyzrtEa7W0W6K3g/  
MZUidAcIqa3PIkrcbYqk+LEV83X0L9z12F8DSrJKQScY4Mi3pwXOebBquQ99GKAi  
pjq3CmNUJQSOFP7Mj9bOrKjeXJIOVbcKHRIk+EgcRPoOMBRgZiR6yvMzspj0Akd2  
utx/DwGeYqU=  
=mygj  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6432-01

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.

\# -\*- coding: UTF-8 -\*- from django.urls import path from django.views.i18n import JavaScriptCatalog import sql.instance\_database import sql.query\_privileges import sql.sql\_optimize from common import auth, config, workflow, dashboard, check from common.twofa import totp from sql import views, sql\_workflow, sql\_analyze, query, slowlog, instance, instance\_account, db\_diagnostic, \\ resource\_group, binlog, data\_dictionary, archiver, audit\_log, user from sql.utils import tasks from common.utils import ding\_api urlpatterns \= \[ path('', views.index), path('jsi18n/', JavaScriptCatalog.as\_view(), name\='javascript-catalog'), path('index/', views.index), path('login/', views.login, name\='login'), path('login/2fa/', views.twofa, name\='twofa'), path('logout/', auth.sign\_out), path('signup/', auth.sign\_up), path('sqlworkflow/', views.sqlworkflow), path('submitsql/', views.submit\_sql), path('editsql/', views.submit\_sql), path('submitotherinstance/', views.submit\_sql), path('detail/<int:workflow\_id>/', views.detail, name\='detail'), path('autoreview/', sql\_workflow.submit), path('passed/', sql\_workflow.passed), path('execute/', sql\_workflow.execute), path('timingtask/', sql\_workflow.timing\_task), path('alter\_run\_date/', sql\_workflow.alter\_run\_date), path('cancel/', sql\_workflow.cancel), path('rollback/', views.rollback), path('sqlanalyze/', views.sqlanalyze), path('sqlquery/', views.sqlquery), path('slowquery/', views.slowquery), path('sqladvisor/', views.sqladvisor), path('slowquery\_advisor/', views.sqladvisor), path('queryapplylist/', views.queryapplylist), path('queryapplydetail/<int:apply\_id>/', views.queryapplydetail, name\='queryapplydetail'), path('queryuserprivileges/', views.queryuserprivileges), path('dbdiagnostic/', views.dbdiagnostic), path('workflow/', views.workflows), path('workflow/<int:audit\_id>/', views.workflowsdetail), path('dbaprinciples/', views.dbaprinciples), path('dashboard/', dashboard.pyecharts), path('group/', views.group), path('grouprelations/<int:group\_id>/', views.groupmgmt), path('instance/', views.instance), path('instanceaccount/', views.instanceaccount), path('database/', views.database), path('instanceparam/', views.instance\_param), path('binlog2sql/', views.binlog2sql), path('my2sql/', views.my2sql), path('schemasync/', views.schemasync), path('archive/', views.archive), path('archive/<int:id>/', views.archive\_detail, name\='archive\_detail'), path('config/', views.config), path('audit/', views.audit), path('audit\_sqlquery/', views.audit\_sqlquery), path('audit\_sqlworkflow/', views.audit\_sqlworkflow), path('authenticate/', auth.authenticate\_entry), path('sqlworkflow\_list/', sql\_workflow.sql\_workflow\_list), path('sqlworkflow\_list\_audit/', sql\_workflow.sql\_workflow\_list\_audit), path('sqlworkflow/detail\_content/', sql\_workflow.detail\_content), path('sqlworkflow/backup\_sql/', sql\_workflow.backup\_sql), path('simplecheck/', sql\_workflow.check), path('getWorkflowStatus/', sql\_workflow.get\_workflow\_status), path('del\_sqlcronjob/', tasks.del\_schedule), path('inception/osc\_control/', sql\_workflow.osc\_control), path('sql\_analyze/generate/', sql\_analyze.generate), path('sql\_analyze/analyze/', sql\_analyze.analyze), path('workflow/list/', workflow.lists), path('workflow/log/', workflow.log), path('config/change/', config.change\_config), path('check/inception/', check.inception), path('check/go\_inception/', check.go\_inception), path('check/email/', check.email), path('check/instance/', check.instance), path('group/group/', resource\_group.group), path('group/addrelation/', resource\_group.addrelation), path('group/relations/', resource\_group.associated\_objects), path('group/instances/', resource\_group.instances), path('group/unassociated/', resource\_group.unassociated\_objects), path('group/auditors/', resource\_group.auditors), path('group/changeauditors/', resource\_group.changeauditors), path('group/user\_all\_instances/', resource\_group.user\_all\_instances), path('instance/list/', instance.lists), path('instance/user/list', instance\_account.users), path('instance/user/create/', instance\_account.create), path('instance/user/edit/', instance\_account.edit), path('instance/user/grant/', instance\_account.grant), path('instance/user/reset\_pwd/', instance\_account.reset\_pwd), path('instance/user/lock/', instance\_account.lock), path('instance/user/delete/', instance\_account.delete), path('instance/database/list/', sql.instance\_database.databases), path('instance/database/create/', sql.instance\_database.create), path('instance/database/edit/', sql.instance\_database.edit), path('instance/schemasync/', instance.schemasync), path('instance/instance\_resource/', instance.instance\_resource), path('instance/describetable/', instance.describe), path('data\_dictionary/', views.data\_dictionary), path('data\_dictionary/table\_list/', data\_dictionary.table\_list), path('data\_dictionary/table\_info/', data\_dictionary.table\_info), path('data\_dictionary/export/', data\_dictionary.export), path('param/list/', instance.param\_list), path('param/history/', instance.param\_history), path('param/edit/', instance.param\_edit), path('query/', query.query), path('query/querylog/', query.querylog), path('query/querylog\_audit/', query.querylog\_audit), path('query/favorite/', query.favorite), path('query/explain/', sql.sql\_optimize.explain), path('query/applylist/', sql.query\_privileges.query\_priv\_apply\_list), path('query/userprivileges/', sql.query\_privileges.user\_query\_priv), path('query/applyforprivileges/', sql.query\_privileges.query\_priv\_apply), path('query/modifyprivileges/', sql.query\_privileges.query\_priv\_modify), path('query/privaudit/', sql.query\_privileges.query\_priv\_audit), path('binlog/list/', binlog.binlog\_list), path('binlog/binlog2sql/', binlog.binlog2sql), path('binlog/my2sql/', binlog.my2sql), path('binlog/del\_log/', binlog.del\_binlog), path('slowquery/review/', slowlog.slowquery\_review), path('slowquery/review\_history/', slowlog.slowquery\_review\_history), path('slowquery/optimize\_sqladvisor/', sql.sql\_optimize.optimize\_sqladvisor), path('slowquery/optimize\_sqltuning/', sql.sql\_optimize.optimize\_sqltuning), path('slowquery/optimize\_soar/', sql.sql\_optimize.optimize\_soar), path('slowquery/optimize\_sqltuningadvisor/', sql.sql\_optimize.optimize\_sqltuningadvisor), path('slowquery/report/', slowlog.report), path('db\_diagnostic/process/', db\_diagnostic.process), path('db\_diagnostic/create\_kill\_session/', db\_diagnostic.create\_kill\_session), path('db\_diagnostic/kill\_session/', db\_diagnostic.kill\_session), path('db\_diagnostic/tablesapce/', db\_diagnostic.tablesapce), path('db\_diagnostic/trxandlocks/', db\_diagnostic.trxandlocks), path('db\_diagnostic/innodb\_trx/', db\_diagnostic.innodb\_trx), path('archive/list/', archiver.archive\_list), path('archive/apply/', archiver.archive\_apply), path('archive/audit/', archiver.archive\_audit), path('archive/switch/', archiver.archive\_switch), path('archive/once/', archiver.archive\_once), path('archive/log/', archiver.archive\_log), path('4admin/sync\_ding\_user/', ding\_api.sync\_ding\_user), path('audit/log/', audit\_log.audit\_log), path('audit/input/', audit\_log.audit\_input), path('user/list/', user.lists), path('user/qrcode/<str:data>/', totp.generate\_qrcode), \]

CVE-2022-38538: Archery/urls.py at v1.8.5 · hhyo/Archery

Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply.

CVE-2022-38539: Archery/urls.py at v1.8.5 · hhyo/Archery

Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface.

CVE-2022-38537: Archery/urls.py at v1.8.5 · hhyo/Archery

Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface.

Tag

#sap