exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2014-1317-01

Red Hat Security Advisory 2014-1317-01
Posted Oct 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1317-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. It was found that Red Hat CloudForms exposed default routes that were reachable via HTTP requests. An authenticated user could use this flaw to access potentially sensitive controllers and actions that would allow for privilege escalation.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2014-0140, CVE-2014-3642
SHA-256 | b962e7c0e3042f38ba447e5a27fe022040ac9f55d595d2db04814f50dbbae6c1

Red Hat Security Advisory 2014-1317-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: cfme security, bug fix, and enhancement update
Advisory ID: RHSA-2014:1317-01
Product: Red Hat CloudForms
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1317.html
Issue date: 2014-10-02
CVE Names: CVE-2014-0140 CVE-2014-3642
=====================================================================

1. Summary:

Updated cfme packages that fix two security issues, several bugs, and add
various enhancements are now available for Red Hat CloudForms 3.1.

Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

2. Relevant releases/architectures:

CloudForms Management Engine 5.3 - noarch, x86_64

3. Description:

Red Hat CloudForms Management Engine delivers the insight, control, and
automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails, a
model-view-controller (MVC) framework for web application development.
Action Pack implements the controller and the view components.

It was found that Red Hat CloudForms exposed default routes that were
reachable via HTTP(S) requests. An authenticated user could use this flaw
to access potentially sensitive controllers and actions that would allow
for privilege escalation. (CVE-2014-0140)

It was found that Red Hat CloudForms contained an insecure send method that
accepted user-supplied arguments. An authenticated user could use this flaw
to modify the program flow in a way that could result in privilege
escalation. (CVE-2014-3642)

These issues were discovered by Jan Rusnacko of Red Hat Product Security.

This update also fixes several bugs and adds various enhancements.
Documentation for these changes is available in the Release Notes and
Technical Notes documents linked to in the References section.

All cfme users are advised to upgrade to these updated packages, which
contain correct these issues and add these enhancements.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1077359 - CVE-2014-0140 CFME: default routes expose controllers and actions
1092894 - CVE-2014-3642 CFME: dangerous send method in performance.rb

6. Package List:

CloudForms Management Engine 5.3:

Source:
certmonger-0.75.13-1.el6.src.rpm
cfme-5.2.1.8-1.el6cf.src.rpm
cfme-5.2.2.1-1.el6cf.src.rpm
cfme-5.3.0.0-1.el6cf.alpha2.src.rpm
cfme-5.3.0.0-10.el6cf.alpha5.src.rpm
cfme-5.3.0.0-13.el6cf.alpha6.src.rpm
cfme-5.3.0.0-2.el6cf.alpha2.src.rpm
cfme-5.3.0.0-3.el6cf.alpha2.src.rpm
cfme-5.3.0.0-4.el6cf.alpha2.src.rpm
cfme-5.3.0.0-5.el6cf.alpha3.src.rpm
cfme-5.3.0.0-6.el6cf.alpha3.src.rpm
cfme-5.3.0.0-7.el6cf.alpha4.src.rpm
cfme-5.3.0.0-9.el6cf.alpha5.src.rpm
cfme-5.3.0.15-1.el6cf.src.rpm
cfme-vnc-plugin-1.0.0-2.el6cf.src.rpm
libdnet-1.12-11.el6cf.src.rpm
lshw-B.02.16-4.el6cf.src.rpm
mod_authnz_pam-0.9.2-1.el6.src.rpm
mod_intercept_form_submit-0.9.7-1.el6.src.rpm
mod_lookup_identity-0.9.2-1.el6.src.rpm
netapp-manageability-sdk-4.0P1-3.el6cf.src.rpm
open-vm-tools-9.2.3-5.el6cf.src.rpm
prince-9.0r2-4.el6cf.src.rpm
pyliblzma-0.5.3-7.el6cf.src.rpm
ruby193-rubygem-Platform-0.4.0-4.el6cf.src.rpm
ruby193-rubygem-actionmailer-3.2.17-1.el6cf.src.rpm
ruby193-rubygem-actionpack-3.2.13-5.el6cf.src.rpm
ruby193-rubygem-actionpack-3.2.17-3.el6cf.src.rpm
ruby193-rubygem-actionpack-3.2.17-6.el6cf.src.rpm
ruby193-rubygem-actionwebservice-3.1.0-3.el6cf.src.rpm
ruby193-rubygem-active_hash-1.3.0-2.el6cf.src.rpm
ruby193-rubygem-activemodel-3.2.17-1.el6cf.src.rpm
ruby193-rubygem-activerecord-3.2.13-4.el6cf.src.rpm
ruby193-rubygem-activerecord-3.2.17-1.el6cf.src.rpm
ruby193-rubygem-activerecord-3.2.17-4.el6cf.src.rpm
ruby193-rubygem-activeresource-3.2.17-1.el6cf.src.rpm
ruby193-rubygem-activesupport-3.2.17-1.el6cf.src.rpm
ruby193-rubygem-acts_as_list-0.1.9-1.el6cf.src.rpm
ruby193-rubygem-acts_as_tree-0.1.1-1.el6cf.src.rpm
ruby193-rubygem-addressable-2.2.8-1.el6cf.src.rpm
ruby193-rubygem-akami-1.2.0-1.el6cf.src.rpm
ruby193-rubygem-american_date-1.0.0-1.el6cf.src.rpm
ruby193-rubygem-amq-protocol-1.9.2-3.el6cf.src.rpm
ruby193-rubygem-ancestry-1.2.5-1.el6cf.src.rpm
ruby193-rubygem-arrayfields-4.9.0-1.el6cf.src.rpm
ruby193-rubygem-awesome_print-1.1.0-1.el6cf.src.rpm
ruby193-rubygem-awesome_spawn-1.2.1-1.el6cf.src.rpm
ruby193-rubygem-aws-sdk-1.11.3-1.el6cf.src.rpm
ruby193-rubygem-binary_struct-1.0.1-1.el6cf.src.rpm
ruby193-rubygem-brakeman-2.0.0-1.el6cf.src.rpm
ruby193-rubygem-bullet-4.6.0-1.el6cf.src.rpm
ruby193-rubygem-bundler_ext-0.4.0-1.el6cf.src.rpm
ruby193-rubygem-bunny-1.0.7-1.el6cf.src.rpm
ruby193-rubygem-capybara-2.1.0-1.el6cf.src.rpm
ruby193-rubygem-childprocess-0.3.9-1.el6cf.src.rpm
ruby193-rubygem-chronic-0.3.0-1.el6cf.src.rpm
ruby193-rubygem-churn-0.0.29-1.el6cf.src.rpm
ruby193-rubygem-code_analyzer-0.3.2-1.el6cf.src.rpm
ruby193-rubygem-color-1.4.1-4.el6cf.src.rpm
ruby193-rubygem-colored-1.2-1.el6cf.src.rpm
ruby193-rubygem-crack-0.3.2-1.el6cf.src.rpm
ruby193-rubygem-daemons-1.1.9-2.el6cf.src.rpm
ruby193-rubygem-dalli-2.2.1-1.el6cf.src.rpm
ruby193-rubygem-default_value_for-1.0.7-1.el6cf.src.rpm
ruby193-rubygem-elif-0.1.0-1.el6cf.src.rpm
ruby193-rubygem-eventmachine-1.0.0-1.el6cf.src.rpm
ruby193-rubygem-excon-0.31.0-1.el6cf.src.rpm
ruby193-rubygem-execjs-2.0.2-1.el6cf.src.rpm
ruby193-rubygem-ezcrypto-0.7-1.el6cf.src.rpm
ruby193-rubygem-facade-1.0.5-1.el6cf.src.rpm
ruby193-rubygem-factory_girl-4.1.0-1.el6cf.src.rpm
ruby193-rubygem-fastercsv-1.5.5-2.el6cf.src.rpm
ruby193-rubygem-fattr-2.2.1-1.el6cf.src.rpm
ruby193-rubygem-ffi-1.9.3-1.el6cf.src.rpm
ruby193-rubygem-flay-2.3.0-1.el6cf.src.rpm
ruby193-rubygem-flog-3.2.3-2.el6cf.src.rpm
ruby193-rubygem-fog-1.19.0-1.el6cf.src.rpm
ruby193-rubygem-formatador-0.2.4-1.el6cf.src.rpm
ruby193-rubygem-gssapi-1.1.2-1.el6cf.src.rpm
ruby193-rubygem-gyoku-1.0.0-1.el6cf.src.rpm
ruby193-rubygem-haml-4.0.5-1.el6cf.src.rpm
ruby193-rubygem-haml-rails-0.4-1.el6cf.src.rpm
ruby193-rubygem-handsoap-0.2.5-2.el6cf.src.rpm
ruby193-rubygem-highline-1.6.21-1.el6cf.src.rpm
ruby193-rubygem-hirb-0.7.1-1.el6cf.src.rpm
ruby193-rubygem-hmac-0.4.0-7.el6cf.src.rpm
ruby193-rubygem-hoe-2.12.3-2.el6cf.src.rpm
ruby193-rubygem-httparty-0.10.2-1.el6cf.src.rpm
ruby193-rubygem-httpclient-2.2.7-1.el6cf.src.rpm
ruby193-rubygem-httpi-2.0.2-1.el6cf.src.rpm
ruby193-rubygem-i18n-0.6.9-1.el6cf.src.rpm
ruby193-rubygem-inifile-2.0.2-1.el6cf.src.rpm
ruby193-rubygem-io-extra-1.2.6-1.el6cf.src.rpm
ruby193-rubygem-japgolly-Saikuro-1.1.1.0-1.el6cf.src.rpm
ruby193-rubygem-jbuilder-2.0.7-1.el6cf.src.rpm
ruby193-rubygem-json-1.8.0-3.el6cf.src.rpm
ruby193-rubygem-json_pure-1.8.0-1.el6cf.src.rpm
ruby193-rubygem-libxml-ruby-2.2.2-1.el6cf.src.rpm
ruby193-rubygem-linux_admin-0.7.0-1.el6cf.src.rpm
ruby193-rubygem-linux_admin-0.9.1-1.el6cf.src.rpm
ruby193-rubygem-little-plugger-1.1.3-1.el6cf.src.rpm
ruby193-rubygem-log4r-1.1.8-1.el6cf.src.rpm
ruby193-rubygem-logging-1.6.2-1.el6cf.src.rpm
ruby193-rubygem-mail-2.5.4-1.el6cf.src.rpm
ruby193-rubygem-main-4.7.1-1.el6cf.src.rpm
ruby193-rubygem-map-6.5.1-1.el6cf.src.rpm
ruby193-rubygem-metric_fu-3.0.0-1.el6cf.src.rpm
ruby193-rubygem-mime-types-1.20.1-1.el6cf.src.rpm
ruby193-rubygem-minitest-3.2.0-3.el6cf.src.rpm
ruby193-rubygem-more_core_extensions-1.2.0-1.el6cf.src.rpm
ruby193-rubygem-multi_json-1.7.7-1.el6cf.src.rpm
ruby193-rubygem-multi_xml-0.5.2-1.el6cf.src.rpm
ruby193-rubygem-net-ldap-0.7.0-1.el6cf.src.rpm
ruby193-rubygem-net-ping-1.7.4-2.el6cf.src.rpm
ruby193-rubygem-net-scp-1.1.2-1.el6cf.src.rpm
ruby193-rubygem-net-sftp-2.0.5-7.el6cf.src.rpm
ruby193-rubygem-net-ssh-2.9.1-1.el6cf.src.rpm
ruby193-rubygem-netrc-0.7.7-3.el6cf.src.rpm
ruby193-rubygem-nokogiri-1.5.6-3.el6cf.src.rpm
ruby193-rubygem-nori-2.1.0-1.el6cf.src.rpm
ruby193-rubygem-open4-1.3.0-4.el6cf.src.rpm
ruby193-rubygem-outfielding-jqplot-rails-1.0.8-1.el6cf.src.rpm
ruby193-rubygem-ovirt_metrics-1.0.1-1.el6cf.src.rpm
ruby193-rubygem-parallel-0.5.21-1.el6cf.src.rpm
ruby193-rubygem-pdf-writer-1.1.8-1.el6cf.src.rpm
ruby193-rubygem-pg-0.12.2-5.el6cf.src.rpm
ruby193-rubygem-princely-1.2.6-1.el6cf.src.rpm
ruby193-rubygem-progressbar-0.11.0-2.el6cf.src.rpm
ruby193-rubygem-prototype-rails-3.2.1-1.el6cf.src.rpm
ruby193-rubygem-qpid_messaging-0.20.2-2.el6cf.src.rpm
ruby193-rubygem-rack-1.4.5-3.el6cf.src.rpm
ruby193-rubygem-rack-test-0.6.2-1.el6cf.src.rpm
ruby193-rubygem-rails-3.2.17-1.el6cf.src.rpm
ruby193-rubygem-rails_best_practices-1.13.8-1.el6cf.src.rpm
ruby193-rubygem-railties-3.2.17-1.el6cf.src.rpm
ruby193-rubygem-rake-10.1.0-1.el6cf.src.rpm
ruby193-rubygem-rake-compiler-0.8.3-2.el6cf.src.rpm
ruby193-rubygem-rbovirt-0.0.17-3.el6cf.src.rpm
ruby193-rubygem-rbvmomi-1.2.3-4.el6cf.src.rpm
ruby193-rubygem-rdoc-3.12.2-4.el6cf.src.rpm
ruby193-rubygem-reek-1.3.1-1.el6cf.src.rpm
ruby193-rubygem-rest-client-1.6.7-5.el6cf.src.rpm
ruby193-rubygem-roodi-2.2.0-1.el6cf.src.rpm
ruby193-rubygem-rspec-2.12.0-1.el6cf.src.rpm
ruby193-rubygem-rspec-core-2.12.2-1.el6cf.src.rpm
ruby193-rubygem-rspec-expectations-2.12.1-1.el6cf.src.rpm
ruby193-rubygem-rspec-fire-1.3.0-1.el6cf.src.rpm
ruby193-rubygem-rspec-mocks-2.12.1-1.el6cf.src.rpm
ruby193-rubygem-rspec-rails-2.12.1-1.el6cf.src.rpm
ruby193-rubygem-ruby-graphviz-1.0.9-1.el6cf.src.rpm
ruby193-rubygem-ruby-plsql-0.4.1-1.el6cf.src.rpm
ruby193-rubygem-ruby-prof-0.13.0-1.el6cf.src.rpm
ruby193-rubygem-ruby-progressbar-0.0.10-1.el6cf.src.rpm
ruby193-rubygem-ruby2ruby-2.0.6-1.el6cf.src.rpm
ruby193-rubygem-ruby_parser-3.1.3-2.el6cf.src.rpm
ruby193-rubygem-rubyforge-2.0.4-3.el6cf.src.rpm
ruby193-rubygem-rubyntlm-0.4.0-1.el6cf.src.rpm
ruby193-rubygem-rubyrep-1.2.0-6.el6cf.src.rpm
ruby193-rubygem-rubywbem-0.1.0-2.el6cf.src.rpm
ruby193-rubygem-rubyzip-0.9.5-1.el6cf.src.rpm
ruby193-rubygem-rufus-lru-1.0.5-1.el6cf.src.rpm
ruby193-rubygem-rufus-scheduler-2.0.19-2.el6cf.src.rpm
ruby193-rubygem-ruport-1.7.0-2.el6cf.src.rpm
ruby193-rubygem-savon-2.2.0-1.el6cf.src.rpm
ruby193-rubygem-secure_headers-1.1.1-1.el6cf.src.rpm
ruby193-rubygem-selenium-webdriver-2.32.1-2.el6cf.src.rpm
ruby193-rubygem-sexp_processor-4.2.1-1.el6cf.src.rpm
ruby193-rubygem-shindo-0.3.4-7.el6cf.src.rpm
ruby193-rubygem-shoulda-matchers-1.0.0-1.el6cf.src.rpm
ruby193-rubygem-simple-rss-1.2.3-8.el6cf.src.rpm
ruby193-rubygem-simplecov-0.7.1-6.el6cf.src.rpm
ruby193-rubygem-simplecov-html-0.7.1-2.el6cf.src.rpm
ruby193-rubygem-simplecov-rcov-0.2.3-1.el6cf.src.rpm
ruby193-rubygem-simplecov-rcov-text-0.0.2-1.el6cf.src.rpm
ruby193-rubygem-slim-1.3.9-1.el6cf.src.rpm
ruby193-rubygem-snmp-1.1.0-6.el6cf.src.rpm
ruby193-rubygem-soap4r-1.6.0-2.el6cf.src.rpm
ruby193-rubygem-state_machine-1.1.2-8.el6cf.src.rpm
ruby193-rubygem-syntax-1.0.0-8.el6cf.src.rpm
ruby193-rubygem-temple-0.6.5-1.el6cf.src.rpm
ruby193-rubygem-terminal-table-1.4.5-1.el6cf.src.rpm
ruby193-rubygem-test-spec-0.10.0-7.el6cf.src.rpm
ruby193-rubygem-test-unit-2.4.5-5.el6cf.src.rpm
ruby193-rubygem-thin-1.3.1-5.el6cf.src.rpm
ruby193-rubygem-timecop-0.5.3-1.el6cf.src.rpm
ruby193-rubygem-transaction-simple-1.4.0-5.el6cf.src.rpm
ruby193-rubygem-trollop-1.16.2-2.el6cf.src.rpm
ruby193-rubygem-uglifier-2.4.0-1.el6cf.src.rpm
ruby193-rubygem-uniform_notifier-1.2.0-1.el6cf.src.rpm
ruby193-rubygem-uuidtools-2.1.3-3.el6cf.src.rpm
ruby193-rubygem-vcr-2.4.0-1.el6cf.src.rpm
ruby193-rubygem-wasabi-3.1.0-1.el6cf.src.rpm
ruby193-rubygem-webmock-1.11.0-1.el6cf.src.rpm
ruby193-rubygem-websocket-1.0.7-1.el6cf.src.rpm
ruby193-rubygem-winrm-1.1.3-1.el6cf.src.rpm
ruby193-rubygem-winrm-1.1.3-2.el6cf.src.rpm
ruby193-rubygem-winrm-1.1.3-4.el6cf.src.rpm
ruby193-rubygem-xml-simple-1.0.12-1.el6cf.src.rpm
ruby193-rubygem-xpath-2.0.0-1.el6cf.src.rpm
ruby193-rubygem-ziya-2.3.0-2.el6cf.src.rpm
selinux-policy-3.7.19-244.el6.src.rpm
sneakernet_ca-0.1-2.el6cf.src.rpm
sssd-1.11.6-3.el6.src.rpm

noarch:
python-sssdconfig-1.11.6-3.el6.noarch.rpm
ruby193-rubygem-Platform-0.4.0-4.el6cf.noarch.rpm
ruby193-rubygem-actionmailer-3.2.17-1.el6cf.noarch.rpm
ruby193-rubygem-actionpack-3.2.13-5.el6cf.noarch.rpm
ruby193-rubygem-actionpack-3.2.17-3.el6cf.noarch.rpm
ruby193-rubygem-actionpack-3.2.17-6.el6cf.noarch.rpm
ruby193-rubygem-actionwebservice-3.1.0-3.el6cf.noarch.rpm
ruby193-rubygem-active_hash-1.3.0-2.el6cf.noarch.rpm
ruby193-rubygem-activemodel-3.2.17-1.el6cf.noarch.rpm
ruby193-rubygem-activerecord-3.2.13-4.el6cf.noarch.rpm
ruby193-rubygem-activerecord-3.2.17-1.el6cf.noarch.rpm
ruby193-rubygem-activerecord-3.2.17-4.el6cf.noarch.rpm
ruby193-rubygem-activeresource-3.2.17-1.el6cf.noarch.rpm
ruby193-rubygem-activesupport-3.2.17-1.el6cf.noarch.rpm
ruby193-rubygem-acts_as_list-0.1.9-1.el6cf.noarch.rpm
ruby193-rubygem-acts_as_tree-0.1.1-1.el6cf.noarch.rpm
ruby193-rubygem-addressable-2.2.8-1.el6cf.noarch.rpm
ruby193-rubygem-akami-1.2.0-1.el6cf.noarch.rpm
ruby193-rubygem-american_date-1.0.0-1.el6cf.noarch.rpm
ruby193-rubygem-amq-protocol-1.9.2-3.el6cf.noarch.rpm
ruby193-rubygem-ancestry-1.2.5-1.el6cf.noarch.rpm
ruby193-rubygem-arrayfields-4.9.0-1.el6cf.noarch.rpm
ruby193-rubygem-awesome_print-1.1.0-1.el6cf.noarch.rpm
ruby193-rubygem-awesome_spawn-1.2.1-1.el6cf.noarch.rpm
ruby193-rubygem-aws-sdk-1.11.3-1.el6cf.noarch.rpm
ruby193-rubygem-binary_struct-1.0.1-1.el6cf.noarch.rpm
ruby193-rubygem-brakeman-2.0.0-1.el6cf.noarch.rpm
ruby193-rubygem-bullet-4.6.0-1.el6cf.noarch.rpm
ruby193-rubygem-bundler_ext-0.4.0-1.el6cf.noarch.rpm
ruby193-rubygem-bunny-1.0.7-1.el6cf.noarch.rpm
ruby193-rubygem-capybara-2.1.0-1.el6cf.noarch.rpm
ruby193-rubygem-childprocess-0.3.9-1.el6cf.noarch.rpm
ruby193-rubygem-chronic-0.3.0-1.el6cf.noarch.rpm
ruby193-rubygem-churn-0.0.29-1.el6cf.noarch.rpm
ruby193-rubygem-code_analyzer-0.3.2-1.el6cf.noarch.rpm
ruby193-rubygem-color-1.4.1-4.el6cf.noarch.rpm
ruby193-rubygem-colored-1.2-1.el6cf.noarch.rpm
ruby193-rubygem-crack-0.3.2-1.el6cf.noarch.rpm
ruby193-rubygem-daemons-1.1.9-2.el6cf.noarch.rpm
ruby193-rubygem-dalli-2.2.1-1.el6cf.noarch.rpm
ruby193-rubygem-default_value_for-1.0.7-1.el6cf.noarch.rpm
ruby193-rubygem-elif-0.1.0-1.el6cf.noarch.rpm
ruby193-rubygem-excon-0.31.0-1.el6cf.noarch.rpm
ruby193-rubygem-execjs-2.0.2-1.el6cf.noarch.rpm
ruby193-rubygem-ezcrypto-0.7-1.el6cf.noarch.rpm
ruby193-rubygem-facade-1.0.5-1.el6cf.noarch.rpm
ruby193-rubygem-factory_girl-4.1.0-1.el6cf.noarch.rpm
ruby193-rubygem-fastercsv-1.5.5-2.el6cf.noarch.rpm
ruby193-rubygem-fattr-2.2.1-1.el6cf.noarch.rpm
ruby193-rubygem-flay-2.3.0-1.el6cf.noarch.rpm
ruby193-rubygem-flog-3.2.3-2.el6cf.noarch.rpm
ruby193-rubygem-fog-1.19.0-1.el6cf.noarch.rpm
ruby193-rubygem-formatador-0.2.4-1.el6cf.noarch.rpm
ruby193-rubygem-gssapi-1.1.2-1.el6cf.noarch.rpm
ruby193-rubygem-gyoku-1.0.0-1.el6cf.noarch.rpm
ruby193-rubygem-haml-4.0.5-1.el6cf.noarch.rpm
ruby193-rubygem-haml-rails-0.4-1.el6cf.noarch.rpm
ruby193-rubygem-handsoap-0.2.5-2.el6cf.noarch.rpm
ruby193-rubygem-highline-1.6.21-1.el6cf.noarch.rpm
ruby193-rubygem-hirb-0.7.1-1.el6cf.noarch.rpm
ruby193-rubygem-hmac-0.4.0-7.el6cf.noarch.rpm
ruby193-rubygem-hoe-2.12.3-2.el6cf.noarch.rpm
ruby193-rubygem-httparty-0.10.2-1.el6cf.noarch.rpm
ruby193-rubygem-httpclient-2.2.7-1.el6cf.noarch.rpm
ruby193-rubygem-httpi-2.0.2-1.el6cf.noarch.rpm
ruby193-rubygem-i18n-0.6.9-1.el6cf.noarch.rpm
ruby193-rubygem-inifile-2.0.2-1.el6cf.noarch.rpm
ruby193-rubygem-japgolly-Saikuro-1.1.1.0-1.el6cf.noarch.rpm
ruby193-rubygem-jbuilder-2.0.7-1.el6cf.noarch.rpm
ruby193-rubygem-json_pure-1.8.0-1.el6cf.noarch.rpm
ruby193-rubygem-linux_admin-0.7.0-1.el6cf.noarch.rpm
ruby193-rubygem-linux_admin-0.9.1-1.el6cf.noarch.rpm
ruby193-rubygem-little-plugger-1.1.3-1.el6cf.noarch.rpm
ruby193-rubygem-log4r-1.1.8-1.el6cf.noarch.rpm
ruby193-rubygem-logging-1.6.2-1.el6cf.noarch.rpm
ruby193-rubygem-mail-2.5.4-1.el6cf.noarch.rpm
ruby193-rubygem-main-4.7.1-1.el6cf.noarch.rpm
ruby193-rubygem-map-6.5.1-1.el6cf.noarch.rpm
ruby193-rubygem-metric_fu-3.0.0-1.el6cf.noarch.rpm
ruby193-rubygem-mime-types-1.20.1-1.el6cf.noarch.rpm
ruby193-rubygem-minitest-3.2.0-3.el6cf.noarch.rpm
ruby193-rubygem-more_core_extensions-1.2.0-1.el6cf.noarch.rpm
ruby193-rubygem-multi_json-1.7.7-1.el6cf.noarch.rpm
ruby193-rubygem-multi_xml-0.5.2-1.el6cf.noarch.rpm
ruby193-rubygem-net-ldap-0.7.0-1.el6cf.noarch.rpm
ruby193-rubygem-net-ping-1.7.4-2.el6cf.noarch.rpm
ruby193-rubygem-net-scp-1.1.2-1.el6cf.noarch.rpm
ruby193-rubygem-net-sftp-2.0.5-7.el6cf.noarch.rpm
ruby193-rubygem-net-ssh-2.9.1-1.el6cf.noarch.rpm
ruby193-rubygem-netrc-0.7.7-3.el6cf.noarch.rpm
ruby193-rubygem-nori-2.1.0-1.el6cf.noarch.rpm
ruby193-rubygem-open4-1.3.0-4.el6cf.noarch.rpm
ruby193-rubygem-outfielding-jqplot-rails-1.0.8-1.el6cf.noarch.rpm
ruby193-rubygem-ovirt_metrics-1.0.1-1.el6cf.noarch.rpm
ruby193-rubygem-parallel-0.5.21-1.el6cf.noarch.rpm
ruby193-rubygem-pdf-writer-1.1.8-1.el6cf.noarch.rpm
ruby193-rubygem-princely-1.2.6-1.el6cf.noarch.rpm
ruby193-rubygem-progressbar-0.11.0-2.el6cf.noarch.rpm
ruby193-rubygem-prototype-rails-3.2.1-1.el6cf.noarch.rpm
ruby193-rubygem-rack-1.4.5-3.el6cf.noarch.rpm
ruby193-rubygem-rack-test-0.6.2-1.el6cf.noarch.rpm
ruby193-rubygem-rails-3.2.17-1.el6cf.noarch.rpm
ruby193-rubygem-rails_best_practices-1.13.8-1.el6cf.noarch.rpm
ruby193-rubygem-railties-3.2.17-1.el6cf.noarch.rpm
ruby193-rubygem-rake-10.1.0-1.el6cf.noarch.rpm
ruby193-rubygem-rake-compiler-0.8.3-2.el6cf.noarch.rpm
ruby193-rubygem-rbovirt-0.0.17-3.el6cf.noarch.rpm
ruby193-rubygem-rbvmomi-1.2.3-4.el6cf.noarch.rpm
ruby193-rubygem-rdoc-3.12.2-4.el6cf.noarch.rpm
ruby193-rubygem-reek-1.3.1-1.el6cf.noarch.rpm
ruby193-rubygem-rest-client-1.6.7-5.el6cf.noarch.rpm
ruby193-rubygem-roodi-2.2.0-1.el6cf.noarch.rpm
ruby193-rubygem-rspec-2.12.0-1.el6cf.noarch.rpm
ruby193-rubygem-rspec-core-2.12.2-1.el6cf.noarch.rpm
ruby193-rubygem-rspec-expectations-2.12.1-1.el6cf.noarch.rpm
ruby193-rubygem-rspec-fire-1.3.0-1.el6cf.noarch.rpm
ruby193-rubygem-rspec-mocks-2.12.1-1.el6cf.noarch.rpm
ruby193-rubygem-rspec-rails-2.12.1-1.el6cf.noarch.rpm
ruby193-rubygem-ruby-graphviz-1.0.9-1.el6cf.noarch.rpm
ruby193-rubygem-ruby-plsql-0.4.1-1.el6cf.noarch.rpm
ruby193-rubygem-ruby-progressbar-0.0.10-1.el6cf.noarch.rpm
ruby193-rubygem-ruby2ruby-2.0.6-1.el6cf.noarch.rpm
ruby193-rubygem-ruby_parser-3.1.3-2.el6cf.noarch.rpm
ruby193-rubygem-rubyforge-2.0.4-3.el6cf.noarch.rpm
ruby193-rubygem-rubyntlm-0.4.0-1.el6cf.noarch.rpm
ruby193-rubygem-rubyrep-1.2.0-6.el6cf.noarch.rpm
ruby193-rubygem-rubywbem-0.1.0-2.el6cf.noarch.rpm
ruby193-rubygem-rubyzip-0.9.5-1.el6cf.noarch.rpm
ruby193-rubygem-rufus-lru-1.0.5-1.el6cf.noarch.rpm
ruby193-rubygem-rufus-scheduler-2.0.19-2.el6cf.noarch.rpm
ruby193-rubygem-ruport-1.7.0-2.el6cf.noarch.rpm
ruby193-rubygem-savon-2.2.0-1.el6cf.noarch.rpm
ruby193-rubygem-secure_headers-1.1.1-1.el6cf.noarch.rpm
ruby193-rubygem-sexp_processor-4.2.1-1.el6cf.noarch.rpm
ruby193-rubygem-shindo-0.3.4-7.el6cf.noarch.rpm
ruby193-rubygem-shoulda-matchers-1.0.0-1.el6cf.noarch.rpm
ruby193-rubygem-simple-rss-1.2.3-8.el6cf.noarch.rpm
ruby193-rubygem-simplecov-0.7.1-6.el6cf.noarch.rpm
ruby193-rubygem-simplecov-html-0.7.1-2.el6cf.noarch.rpm
ruby193-rubygem-simplecov-rcov-0.2.3-1.el6cf.noarch.rpm
ruby193-rubygem-simplecov-rcov-text-0.0.2-1.el6cf.noarch.rpm
ruby193-rubygem-slim-1.3.9-1.el6cf.noarch.rpm
ruby193-rubygem-snmp-1.1.0-6.el6cf.noarch.rpm
ruby193-rubygem-soap4r-1.6.0-2.el6cf.noarch.rpm
ruby193-rubygem-state_machine-1.1.2-8.el6cf.noarch.rpm
ruby193-rubygem-syntax-1.0.0-8.el6cf.noarch.rpm
ruby193-rubygem-temple-0.6.5-1.el6cf.noarch.rpm
ruby193-rubygem-terminal-table-1.4.5-1.el6cf.noarch.rpm
ruby193-rubygem-test-spec-0.10.0-7.el6cf.noarch.rpm
ruby193-rubygem-test-unit-2.4.5-5.el6cf.noarch.rpm
ruby193-rubygem-timecop-0.5.3-1.el6cf.noarch.rpm
ruby193-rubygem-transaction-simple-1.4.0-5.el6cf.noarch.rpm
ruby193-rubygem-trollop-1.16.2-2.el6cf.noarch.rpm
ruby193-rubygem-uglifier-2.4.0-1.el6cf.noarch.rpm
ruby193-rubygem-uniform_notifier-1.2.0-1.el6cf.noarch.rpm
ruby193-rubygem-uuidtools-2.1.3-3.el6cf.noarch.rpm
ruby193-rubygem-vcr-2.4.0-1.el6cf.noarch.rpm
ruby193-rubygem-wasabi-3.1.0-1.el6cf.noarch.rpm
ruby193-rubygem-webmock-1.11.0-1.el6cf.noarch.rpm
ruby193-rubygem-websocket-1.0.7-1.el6cf.noarch.rpm
ruby193-rubygem-winrm-1.1.3-1.el6cf.noarch.rpm
ruby193-rubygem-winrm-1.1.3-2.el6cf.noarch.rpm
ruby193-rubygem-winrm-1.1.3-4.el6cf.noarch.rpm
ruby193-rubygem-xml-simple-1.0.12-1.el6cf.noarch.rpm
ruby193-rubygem-xpath-2.0.0-1.el6cf.noarch.rpm
ruby193-rubygem-ziya-2.3.0-2.el6cf.noarch.rpm
selinux-policy-3.7.19-244.el6.noarch.rpm
selinux-policy-targeted-3.7.19-244.el6.noarch.rpm
sneakernet_ca-0.1-2.el6cf.noarch.rpm

x86_64:
certmonger-0.75.13-1.el6.x86_64.rpm
certmonger-debuginfo-0.75.13-1.el6.x86_64.rpm
cfme-5.2.1.8-1.el6cf.x86_64.rpm
cfme-5.2.2.1-1.el6cf.x86_64.rpm
cfme-5.3.0.0-1.el6cf.alpha2.x86_64.rpm
cfme-5.3.0.0-10.el6cf.alpha5.x86_64.rpm
cfme-5.3.0.0-13.el6cf.alpha6.x86_64.rpm
cfme-5.3.0.0-2.el6cf.alpha2.x86_64.rpm
cfme-5.3.0.0-3.el6cf.alpha2.x86_64.rpm
cfme-5.3.0.0-4.el6cf.alpha2.x86_64.rpm
cfme-5.3.0.0-5.el6cf.alpha3.x86_64.rpm
cfme-5.3.0.0-6.el6cf.alpha3.x86_64.rpm
cfme-5.3.0.0-7.el6cf.alpha4.x86_64.rpm
cfme-5.3.0.0-9.el6cf.alpha5.x86_64.rpm
cfme-5.3.0.15-1.el6cf.x86_64.rpm
cfme-appliance-5.2.1.8-1.el6cf.x86_64.rpm
cfme-appliance-5.2.2.1-1.el6cf.x86_64.rpm
cfme-appliance-5.3.0.0-1.el6cf.alpha2.x86_64.rpm
cfme-appliance-5.3.0.0-10.el6cf.alpha5.x86_64.rpm
cfme-appliance-5.3.0.0-13.el6cf.alpha6.x86_64.rpm
cfme-appliance-5.3.0.0-2.el6cf.alpha2.x86_64.rpm
cfme-appliance-5.3.0.0-3.el6cf.alpha2.x86_64.rpm
cfme-appliance-5.3.0.0-4.el6cf.alpha2.x86_64.rpm
cfme-appliance-5.3.0.0-5.el6cf.alpha3.x86_64.rpm
cfme-appliance-5.3.0.0-6.el6cf.alpha3.x86_64.rpm
cfme-appliance-5.3.0.0-7.el6cf.alpha4.x86_64.rpm
cfme-appliance-5.3.0.0-9.el6cf.alpha5.x86_64.rpm
cfme-appliance-5.3.0.15-1.el6cf.x86_64.rpm
cfme-debuginfo-5.2.1.8-1.el6cf.x86_64.rpm
cfme-debuginfo-5.2.2.1-1.el6cf.x86_64.rpm
cfme-debuginfo-5.3.0.0-1.el6cf.alpha2.x86_64.rpm
cfme-debuginfo-5.3.0.0-10.el6cf.alpha5.x86_64.rpm
cfme-debuginfo-5.3.0.0-13.el6cf.alpha6.x86_64.rpm
cfme-debuginfo-5.3.0.0-2.el6cf.alpha2.x86_64.rpm
cfme-debuginfo-5.3.0.0-3.el6cf.alpha2.x86_64.rpm
cfme-debuginfo-5.3.0.0-4.el6cf.alpha2.x86_64.rpm
cfme-debuginfo-5.3.0.0-5.el6cf.alpha3.x86_64.rpm
cfme-debuginfo-5.3.0.0-6.el6cf.alpha3.x86_64.rpm
cfme-debuginfo-5.3.0.0-7.el6cf.alpha4.x86_64.rpm
cfme-debuginfo-5.3.0.0-9.el6cf.alpha5.x86_64.rpm
cfme-debuginfo-5.3.0.15-1.el6cf.x86_64.rpm
cfme-lib-5.2.1.8-1.el6cf.x86_64.rpm
cfme-lib-5.2.2.1-1.el6cf.x86_64.rpm
cfme-lib-5.3.0.0-1.el6cf.alpha2.x86_64.rpm
cfme-lib-5.3.0.0-10.el6cf.alpha5.x86_64.rpm
cfme-lib-5.3.0.0-13.el6cf.alpha6.x86_64.rpm
cfme-lib-5.3.0.0-2.el6cf.alpha2.x86_64.rpm
cfme-lib-5.3.0.0-3.el6cf.alpha2.x86_64.rpm
cfme-lib-5.3.0.0-4.el6cf.alpha2.x86_64.rpm
cfme-lib-5.3.0.0-5.el6cf.alpha3.x86_64.rpm
cfme-lib-5.3.0.0-6.el6cf.alpha3.x86_64.rpm
cfme-lib-5.3.0.0-7.el6cf.alpha4.x86_64.rpm
cfme-lib-5.3.0.0-9.el6cf.alpha5.x86_64.rpm
cfme-lib-5.3.0.15-1.el6cf.x86_64.rpm
cfme-vnc-plugin-1.0.0-2.el6cf.x86_64.rpm
cfme-vnc-plugin-debuginfo-1.0.0-2.el6cf.x86_64.rpm
libdnet-1.12-11.el6cf.x86_64.rpm
libdnet-debuginfo-1.12-11.el6cf.x86_64.rpm
libdnet-devel-1.12-11.el6cf.x86_64.rpm
libdnet-progs-1.12-11.el6cf.x86_64.rpm
libipa_hbac-1.11.6-3.el6.x86_64.rpm
libipa_hbac-devel-1.11.6-3.el6.x86_64.rpm
libipa_hbac-python-1.11.6-3.el6.x86_64.rpm
libsss_idmap-1.11.6-3.el6.x86_64.rpm
libsss_idmap-devel-1.11.6-3.el6.x86_64.rpm
libsss_nss_idmap-1.11.6-3.el6.x86_64.rpm
libsss_nss_idmap-devel-1.11.6-3.el6.x86_64.rpm
libsss_nss_idmap-python-1.11.6-3.el6.x86_64.rpm
lshw-B.02.16-4.el6cf.x86_64.rpm
lshw-debuginfo-B.02.16-4.el6cf.x86_64.rpm
lshw-gui-B.02.16-4.el6cf.x86_64.rpm
mingw32-cfme-host-5.2.1.8-1.el6cf.x86_64.rpm
mingw32-cfme-host-5.2.2.1-1.el6cf.x86_64.rpm
mingw32-cfme-host-5.3.0.0-1.el6cf.alpha2.x86_64.rpm
mingw32-cfme-host-5.3.0.0-10.el6cf.alpha5.x86_64.rpm
mingw32-cfme-host-5.3.0.0-13.el6cf.alpha6.x86_64.rpm
mingw32-cfme-host-5.3.0.0-2.el6cf.alpha2.x86_64.rpm
mingw32-cfme-host-5.3.0.0-3.el6cf.alpha2.x86_64.rpm
mingw32-cfme-host-5.3.0.0-4.el6cf.alpha2.x86_64.rpm
mingw32-cfme-host-5.3.0.0-5.el6cf.alpha3.x86_64.rpm
mingw32-cfme-host-5.3.0.0-6.el6cf.alpha3.x86_64.rpm
mingw32-cfme-host-5.3.0.0-7.el6cf.alpha4.x86_64.rpm
mingw32-cfme-host-5.3.0.0-9.el6cf.alpha5.x86_64.rpm
mingw32-cfme-host-5.3.0.15-1.el6cf.x86_64.rpm
mod_authnz_pam-0.9.2-1.el6.x86_64.rpm
mod_authnz_pam-debuginfo-0.9.2-1.el6.x86_64.rpm
mod_intercept_form_submit-0.9.7-1.el6.x86_64.rpm
mod_intercept_form_submit-debuginfo-0.9.7-1.el6.x86_64.rpm
mod_lookup_identity-0.9.2-1.el6.x86_64.rpm
mod_lookup_identity-debuginfo-0.9.2-1.el6.x86_64.rpm
netapp-manageability-sdk-4.0P1-3.el6cf.x86_64.rpm
netapp-manageability-sdk-devel-4.0P1-3.el6cf.x86_64.rpm
open-vm-tools-9.2.3-5.el6cf.x86_64.rpm
open-vm-tools-debuginfo-9.2.3-5.el6cf.x86_64.rpm
open-vm-tools-desktop-9.2.3-5.el6cf.x86_64.rpm
open-vm-tools-devel-9.2.3-5.el6cf.x86_64.rpm
prince-9.0r2-4.el6cf.x86_64.rpm
pyliblzma-0.5.3-7.el6cf.x86_64.rpm
pyliblzma-debuginfo-0.5.3-7.el6cf.x86_64.rpm
ruby193-rubygem-eventmachine-1.0.0-1.el6cf.x86_64.rpm
ruby193-rubygem-eventmachine-debuginfo-1.0.0-1.el6cf.x86_64.rpm
ruby193-rubygem-ffi-1.9.3-1.el6cf.x86_64.rpm
ruby193-rubygem-ffi-debuginfo-1.9.3-1.el6cf.x86_64.rpm
ruby193-rubygem-io-extra-1.2.6-1.el6cf.x86_64.rpm
ruby193-rubygem-io-extra-debuginfo-1.2.6-1.el6cf.x86_64.rpm
ruby193-rubygem-json-1.8.0-3.el6cf.x86_64.rpm
ruby193-rubygem-json-debuginfo-1.8.0-3.el6cf.x86_64.rpm
ruby193-rubygem-libxml-ruby-2.2.2-1.el6cf.x86_64.rpm
ruby193-rubygem-libxml-ruby-debuginfo-2.2.2-1.el6cf.x86_64.rpm
ruby193-rubygem-nokogiri-1.5.6-3.el6cf.x86_64.rpm
ruby193-rubygem-nokogiri-debuginfo-1.5.6-3.el6cf.x86_64.rpm
ruby193-rubygem-pg-0.12.2-5.el6cf.x86_64.rpm
ruby193-rubygem-pg-debuginfo-0.12.2-5.el6cf.x86_64.rpm
ruby193-rubygem-qpid_messaging-0.20.2-2.el6cf.x86_64.rpm
ruby193-rubygem-qpid_messaging-debuginfo-0.20.2-2.el6cf.x86_64.rpm
ruby193-rubygem-ruby-prof-0.13.0-1.el6cf.x86_64.rpm
ruby193-rubygem-ruby-prof-debuginfo-0.13.0-1.el6cf.x86_64.rpm
ruby193-rubygem-selenium-webdriver-2.32.1-2.el6cf.x86_64.rpm
ruby193-rubygem-selenium-webdriver-debuginfo-2.32.1-2.el6cf.x86_64.rpm
ruby193-rubygem-thin-1.3.1-5.el6cf.x86_64.rpm
ruby193-rubygem-thin-debuginfo-1.3.1-5.el6cf.x86_64.rpm
sssd-1.11.6-3.el6.x86_64.rpm
sssd-ad-1.11.6-3.el6.x86_64.rpm
sssd-client-1.11.6-3.el6.x86_64.rpm
sssd-common-1.11.6-3.el6.x86_64.rpm
sssd-common-pac-1.11.6-3.el6.x86_64.rpm
sssd-dbus-1.11.6-3.el6.x86_64.rpm
sssd-debuginfo-1.11.6-3.el6.x86_64.rpm
sssd-ipa-1.11.6-3.el6.x86_64.rpm
sssd-krb5-1.11.6-3.el6.x86_64.rpm
sssd-krb5-common-1.11.6-3.el6.x86_64.rpm
sssd-ldap-1.11.6-3.el6.x86_64.rpm
sssd-proxy-1.11.6-3.el6.x86_64.rpm
sssd-tools-1.11.6-3.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2014-0140.html
https://www.redhat.com/security/data/cve/CVE-2014-3642.html
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-US/CloudForms/3.1/html/Management_Engine_5.3_Release_Notes
https://access.redhat.com/documentation/en-US/CloudForms/3.1/html/Management_Engine_5.3_Technical_Notes

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFULaYzXlSAg2UNWIIRAn+RAKCdvNwsjNzIlKu40AzLlpw4bXZZDgCgg2Ss
iCNZ/CM91CW4wiQ4IQjkzD4=
=wP86
-----END PGP SIGNATURE-----


--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close