|
|
Subscribe / Log in / New account

Scientific Linux alert SLSA-2021:4785-1 (rpm)



From:
              Farhan Ahmed <fahmed@fnal.gov>


To:
              scientific-linux-errata@listserv.fnal.gov


Subject:
              Security ERRATA Moderate: rpm on SL7.x x86_64


Date:
              Wed, 24 Nov 2021 14:29:21 -0000


Message-ID:
              <20211124142921.15244.74478@ebe911f52632>


Synopsis:          Moderate: rpm security update
Advisory ID:       SLSA-2021:4785-1
Issue Date:        2021-11-24
CVE Numbers:       CVE-2021-20271
--

Security Fix(es):

* rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
--

SL7
  x86_64
    rpm-4.11.3-48.el7_9.x86_64.rpm
    rpm-build-4.11.3-48.el7_9.x86_64.rpm
    rpm-build-libs-4.11.3-48.el7_9.i686.rpm
    rpm-build-libs-4.11.3-48.el7_9.x86_64.rpm
    rpm-debuginfo-4.11.3-48.el7_9.i686.rpm
    rpm-debuginfo-4.11.3-48.el7_9.x86_64.rpm
    rpm-libs-4.11.3-48.el7_9.i686.rpm
    rpm-libs-4.11.3-48.el7_9.x86_64.rpm
    rpm-python-4.11.3-48.el7_9.x86_64.rpm
    rpm-devel-4.11.3-48.el7_9.i686.rpm
    rpm-devel-4.11.3-48.el7_9.x86_64.rpm
    rpm-plugin-systemd-inhibit-4.11.3-48.el7_9.x86_64.rpm
    rpm-sign-4.11.3-48.el7_9.x86_64.rpm
  noarch
    rpm-apidocs-4.11.3-48.el7_9.noarch.rpm
    rpm-cron-4.11.3-48.el7_9.noarch.rpm

- Scientific Linux Development Team
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds