ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0167
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0167)
Resumen:	The remote host is missing an update for the 'rpm' package(s) announced via the MGASA-2021-0167 advisory.
Descripción:	Summary: The remote host is missing an update for the 'rpm' package(s) announced via the MGASA-2021-0167 advisory. Vulnerability Insight: This update from 4.16.1.2 to 4.16.1.3 fixes bugs several bugs the RPM package manager, including several security issues: * Fix arbitrary data copied from signature header past signature checking (CVE-2021-3421) * Fix signature check bypass with corrupted package (CVE-2021-20271) * Fix missing bounds checks in headerImport() and headerCheck() (CVE-2021-20266) * Fix missing sanity checks on header entry count and region data overlap * Fix access past end of header if the last entry is string type * Fix unsafe headerCopyLoad() still used in codebase Affected Software/OS: 'rpm' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-20266 https://security.gentoo.org/glsa/202107-43 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/ https://bugzilla.redhat.com/show_bug.cgi?id=1927741 Common Vulnerability Exposure (CVE) ID: CVE-2021-20271 FEDORA-2021-2383d950fd https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/ FEDORA-2021-662680e477 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/ FEDORA-2021-8d52a8a999 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/ GLSA-202107-43 https://bugzilla.redhat.com/show_bug.cgi?id=1934125 https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21 https://www.starwindsoftware.com/security/sw-20220805-0002/ Common Vulnerability Exposure (CVE) ID: CVE-2021-3421 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/ https://bugzilla.redhat.com/show_bug.cgi?id=1927747
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.