NS-SA-2021-0020
2021-03-09 13:05:16
简介
important: glib2/openssl security update
严重级别
important
主题
An update for glib2/openssl is now available for NewStart CGSL MAIN 5.04/CGSL CORE 5.04.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
glib2: GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system.
openssl: OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols.
Security Fix(es):
glib2: file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.(CVE-2019-12450)
glib2: bugfix
openssl: A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability.(CVE-2020-1971)
openssl: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.04.F29B5.
影响组件
影响产品
- CGSL MAIN 5.04
- CGSL CORE 5.04
更新包
{"fix":[{"product":"CGSL MAIN 5.04","pkgs":[{"binary":["glib2-static-2.56.1-7.el7.cgslv5.x86_64.rpm","glib2-debuginfo-2.56.1-7.el7.cgslv5.x86_64.rpm","glib2-doc-2.56.1-7.el7.cgslv5.noarch.rpm","glib2-devel-2.56.1-7.el7.cgslv5.x86_64.rpm","glib2-2.56.1-7.el7.cgslv5.x86_64.rpm","glib2-tests-2.56.1-7.el7.cgslv5.x86_64.rpm","glib2-fam-2.56.1-7.el7.cgslv5.x86_64.rpm"],"source":"glib2-2.56.1-7.el7.cgslv5.src.rpm"},{"binary":["openssl-static-1.0.2k-21.el7_9.cgslv5.x86_64.rpm","openssl-1.0.2k-21.el7_9.cgslv5.x86_64.rpm","openssl-libs-1.0.2k-21.el7_9.cgslv5.x86_64.rpm","openssl-debuginfo-1.0.2k-21.el7_9.cgslv5.x86_64.rpm","openssl-devel-1.0.2k-21.el7_9.cgslv5.x86_64.rpm","openssl-perl-1.0.2k-21.el7_9.cgslv5.x86_64.rpm"],"source":"openssl-1.0.2k-21.el7_9.cgslv5.src.rpm"}]},{"product":"CGSL CORE 5.04","pkgs":[{"binary":["glib2-fam-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.x86_64.rpm","glib2-debuginfo-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.x86_64.rpm","glib2-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.x86_64.rpm","glib2-libs-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.x86_64.rpm","glib2-devel-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.x86_64.rpm","glib2-tests-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.x86_64.rpm","glib2-doc-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.noarch.rpm","glib2-static-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.x86_64.rpm"],"source":"glib2-2.56.1-7.el7.cgslv5.0.1.ge75fbd6.lite.src.rpm"},{"binary":["openssl-static-1.0.2k-21.el7_9.cgslv5.0.1.gf2445a0.lite.x86_64.rpm","openssl-perl-1.0.2k-21.el7_9.cgslv5.0.1.gf2445a0.lite.x86_64.rpm","openssl-libs-1.0.2k-21.el7_9.cgslv5.0.1.gf2445a0.lite.x86_64.rpm","openssl-debuginfo-1.0.2k-21.el7_9.cgslv5.0.1.gf2445a0.lite.x86_64.rpm","openssl-devel-1.0.2k-21.el7_9.cgslv5.0.1.gf2445a0.lite.x86_64.rpm","openssl-1.0.2k-21.el7_9.cgslv5.0.1.gf2445a0.lite.x86_64.rpm","openssl-crypto-1.0.2k-21.el7_9.cgslv5.0.1.gf2445a0.lite.x86_64.rpm"],"source":"openssl-1.0.2k-21.el7_9.cgslv5.0.1.gf2445a0.lite.src.rpm"}]}]}
CVE
参考