security/wiki
8
0
Fork 1
generated from sig_core/wiki-template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Deployed 3a5e3ab with MkDocs version: 1.5.3

Browse Source
This commit is contained in:
2023-11-15 23:54:52 +00:00
parent 0f2fc1d173
commit 805b0f14de
5 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
issues/CVE-2023-23583/index.html
View File

@ -607,7 +607,7 @@
<ul>
<li>Fixed in version: <code>4:20231114-1.el9_2.security</code> available November 15, 2023</li>
</ul>
<p>Please refer to our <a href="/packages/microcode_ctl.md">override package of microcode_ctl</a>.</p>
<p>Please refer to our <a href="../../packages/microcode_ctl/">override package of microcode_ctl</a>.</p>
<h2 id="el8">EL8<a class="headerlink" href="#el8" title="Permanent link">&para;</a></h2>
<ul>
<li>Not fixed yet, will fix.</li>

2
issues/CVE-2023-4911/index.html
View File

@ -605,7 +605,7 @@
<li>Mitigated in version: <code>2.34-60.el9_2.security.0.2</code> available October 3, 2023</li>
<li>Fixed in version: <code>glibc-2.34-60.el9_2.7</code> available October 5, 2023</li>
</ul>
<p>Besides the upstream fix, we also retained the mitigation in our <a href="/packages/glibc.md">override package of glibc</a>.</p>
<p>Besides the upstream fix, we also retained the mitigation in our <a href="../../packages/glibc/">override package of glibc</a>.</p>
<h2 id="el8">EL8<a class="headerlink" href="#el8" title="Permanent link">&para;</a></h2>
<ul>
<li>Fixed in version: <code>glibc-0:2.28-225.el8_8.6</code> available October 5, 2023</li>

4
packages/glibc/index.html
View File

@ -620,7 +620,7 @@
<li>In <code>tmpfile(3)</code> use the <code>TMPDIR</code> environment variable (when not running SUID/SGID/setcap) (ALT Linux)</li>
</ul>
<h4 id="known-effective-vulnerability-mitigations-and-fixes">Known-effective vulnerability mitigations and fixes<a class="headerlink" href="#known-effective-vulnerability-mitigations-and-fixes" title="Permanent link">&para;</a></h4>
<p><code>2.34-60.el9_2.security.0.2</code> included mitigations sufficient to avoid security exposure of <a href="https://www.openwall.com/lists/oss-security/2023/10/03/2">CVE-2023-4911</a> and a backport of upstream glibc fix of <a href="https://www.openwall.com/lists/oss-security/2023/09/25/1">CVE-2023-4527</a> that was not yet in upstream EL. In the update to <code>2.34-60.7.el9_2.security.0.3</code>, we retained the mitigations while rebasing on upstream EL's package with upstream fixes for these vulnerabilities (and more).</p>
<p><code>2.34-60.el9_2.security.0.2</code> included mitigations sufficient to avoid security exposure of <a href="../../issues/CVE-2023-4911/">CVE-2023-4911</a> and a backport of upstream glibc fix of <a href="https://www.openwall.com/lists/oss-security/2023/09/25/1">CVE-2023-4527</a> that was not yet in upstream EL. In the update to <code>2.34-60.7.el9_2.security.0.3</code>, we retained the mitigations while rebasing on upstream EL's package with upstream fixes for these vulnerabilities (and more).</p>
<p>In general, inclusion of additional security fixes will be "reverted" if and when those get included in upstream EL packages that we rebase our changes on.</p>
<h3 id="change-log">Change log<a class="headerlink" href="#change-log" title="Permanent link">&para;</a></h3>
<div class="highlight"><pre><span></span><code>* Fri Oct 6 2023 Solar Designer &lt;solar@openwall.com&gt; - 2.34-60.7.el9.security.0.3
@ -673,7 +673,7 @@
<small>
Last update:
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">October 13, 2023</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 15, 2023</span>
</small>

2
packages/microcode_ctl/index.html
View File

@ -599,7 +599,7 @@
</ul>
<h3 id="changes-summary">Changes summary<a class="headerlink" href="#changes-summary" title="Permanent link">&para;</a></h3>
<ul>
<li>Update Intel CPU microcode to microcode-20231114 (fixes <a href="https://www.openwall.com/lists/oss-security/2023/11/14/4">CVE-2023-23583</a>), temporarily dropping most documentation patches</li>
<li>Update Intel CPU microcode to microcode-20231114 (fixes <a href="../../issues/CVE-2023-23583/">CVE-2023-23583</a>), temporarily dropping most documentation patches</li>
</ul>
<h3 id="change-log">Change log<a class="headerlink" href="#change-log" title="Permanent link">&para;</a></h3>
<div class="highlight"><pre><span></span><code>* Tue Nov 14 2023 Solar Designer &lt;solar@openwall.com&gt; - 4:20231114-1

BIN
sitemap.xml.gz
View File

Binary file not shown.