NS-SA-2024-0010
2024-04-12 10:37:42
简介
important: libldb/rpm security update
严重级别
important
主题
An update for libldb/rpm is now available for NewStart CGSL MAIN 5.04/CGSL CORE 5.04.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
libldb:
rpm:
Security Fix(es):
libldb: A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.(CVE-2021-20277)
libldb: bugfix
rpm: A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.(CVE-2021-20271)
rpm: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.04.F52B5.
影响组件
影响产品
- CGSL MAIN 5.04
- CGSL CORE 5.04
更新包
{"fix":[{"product":"CGSL MAIN 5.04","pkgs":[{"binary":["pyldb-devel-1.5.4-2.el7_9.x86_64.rpm","libldb-debuginfo-1.5.4-2.el7_9.x86_64.rpm","pyldb-1.5.4-2.el7_9.x86_64.rpm","libldb-devel-1.5.4-2.el7_9.x86_64.rpm","ldb-tools-1.5.4-2.el7_9.x86_64.rpm","libldb-1.5.4-2.el7_9.x86_64.rpm"],"source":"libldb-1.5.4-2.el7_9.src.rpm"},{"binary":["rpm-debuginfo-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm","rpm-sign-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm","rpm-devel-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm","rpm-build-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm","rpm-plugin-systemd-inhibit-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm","rpm-build-libs-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm","rpm-libs-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm","rpm-cron-4.11.3-48.el7_9.cgslv5.0.11.g939b202.noarch.rpm","rpm-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm","rpm-apidocs-4.11.3-48.el7_9.cgslv5.0.11.g939b202.noarch.rpm","rpm-python-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm"],"source":"rpm-4.11.3-48.el7_9.cgslv5.0.11.g939b202.src.rpm"}]},{"product":"CGSL CORE 5.04","pkgs":[{"binary":["pyldb-devel-1.5.4-2.el7_9.x86_64.rpm","libldb-debuginfo-1.5.4-2.el7_9.x86_64.rpm","pyldb-1.5.4-2.el7_9.x86_64.rpm","libldb-devel-1.5.4-2.el7_9.x86_64.rpm","ldb-tools-1.5.4-2.el7_9.x86_64.rpm","libldb-1.5.4-2.el7_9.x86_64.rpm"],"source":"libldb-1.5.4-2.el7_9.src.rpm"},{"binary":["rpm-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-cron-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.noarch.rpm","rpm-lang-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-apidocs-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.noarch.rpm","rpm-build-libs-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-sign-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-debuginfo-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-devel-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-libs-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-build-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-python-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm","rpm-plugin-systemd-inhibit-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm"],"source":"rpm-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.src.rpm"}]}]}
CGSL MAIN 5.04
- libldb-1.5.4-2.el7_9.src.rpm
- pyldb-devel-1.5.4-2.el7_9.x86_64.rpm
- libldb-debuginfo-1.5.4-2.el7_9.x86_64.rpm
- pyldb-1.5.4-2.el7_9.x86_64.rpm
- libldb-devel-1.5.4-2.el7_9.x86_64.rpm
- ldb-tools-1.5.4-2.el7_9.x86_64.rpm
- libldb-1.5.4-2.el7_9.x86_64.rpm
- rpm-4.11.3-48.el7_9.cgslv5.0.11.g939b202.src.rpm
- rpm-debuginfo-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
- rpm-sign-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
- rpm-devel-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
- rpm-build-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
- rpm-plugin-systemd-inhibit-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
- rpm-build-libs-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
- rpm-libs-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
- rpm-cron-4.11.3-48.el7_9.cgslv5.0.11.g939b202.noarch.rpm
- rpm-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
- rpm-apidocs-4.11.3-48.el7_9.cgslv5.0.11.g939b202.noarch.rpm
- rpm-python-4.11.3-48.el7_9.cgslv5.0.11.g939b202.x86_64.rpm
CGSL CORE 5.04
- libldb-1.5.4-2.el7_9.src.rpm
- pyldb-devel-1.5.4-2.el7_9.x86_64.rpm
- libldb-debuginfo-1.5.4-2.el7_9.x86_64.rpm
- pyldb-1.5.4-2.el7_9.x86_64.rpm
- libldb-devel-1.5.4-2.el7_9.x86_64.rpm
- ldb-tools-1.5.4-2.el7_9.x86_64.rpm
- libldb-1.5.4-2.el7_9.x86_64.rpm
- rpm-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.src.rpm
- rpm-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-cron-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.noarch.rpm
- rpm-lang-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-apidocs-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.noarch.rpm
- rpm-build-libs-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-sign-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-debuginfo-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-devel-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-libs-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-build-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-python-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
- rpm-plugin-systemd-inhibit-4.11.3-48.el7_9.cgslv5.0.11.gd75f5b4.lite.x86_64.rpm
CVE
参考