Security patch release notes
Review the release notes for security patches for Cloud Pak for Data System.
Security patches are tied to the version of Red Hat Linux that is installed on Cloud Pak for Data System. The patches for a specific Red Hat release are cumulative. For example, if your system is on 7.9, you need to install only the latest patch that applies to 7.9, there is no need to install all of them one by one.
Verify that which patch can be installed on your system. Do not apply the patch if the Red Hat Linux version on your system does not match.
For installation, see Applying security patches. Downtime is required when installing the security patch.
7.9.24.01.SP26
The release date of the security patch 7.9.24.01.SP26 is 13 February 2024. The estimated run time is around 80 minutes.
The 7.9.24.01.SP26 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Important: If you are using version 1.0.8, you must upgrade to 1.0.8.0 IF2 first to apply
7.9.24.01.SP26.
Restriction: After applying 7.9.24.01.SP26, you can upgrade Cloud Pak for Data System to version 1.0.8.4 or later versions only.
Note: The ap version -s might not show all of the docker upgrade component
versions after applying 7.9.24.01.SP26 on Cloud Pak for Data System
1.0.7.8 or 1.0.7.8 IF2. This happens if Python 2 is installed.
- Workaround
- Run the ap version -d command.
The list of Red Hat CVEs, which are patched in this
release:
CVE-2023-20569 Moderate/Sec. iwl100-firmware-39.31.5.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl100-firmware-39.31.5.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl1000-firmware-1:39.31.5.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl1000-firmware-1:39.31.5.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl105-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl105-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl135-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl135-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl2000-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl2000-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl2030-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl2030-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl3160-firmware-25.30.13.0-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl3160-firmware-25.30.13.0-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl3945-firmware-15.32.2.9-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl3945-firmware-15.32.2.9-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl4965-firmware-228.61.2.24-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl4965-firmware-228.61.2.24-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl5000-firmware-8.83.5.1_1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl5000-firmware-8.83.5.1_1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl5150-firmware-8.24.2.2-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl5150-firmware-8.24.2.2-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl6000-firmware-9.221.4.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl6000-firmware-9.221.4.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl6000g2a-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl6000g2a-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl6000g2b-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl6000g2b-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl6050-firmware-41.28.5.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl6050-firmware-41.28.5.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl7260-firmware-25.30.13.0-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl7260-firmware-25.30.13.0-81.el7_9.noarch
CVE-2022-40982 Important/Sec. kernel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-3.10.0-1160.105.1.el7.x86_64
CVE-2022-40982 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2022-40982 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.x86_64
CVE-2022-40982 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2022-40982 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.105.1.el7.x86_64
CVE-2022-40982 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.x86_64
CVE-2022-40982 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.x86_64
CVE-2022-40982 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.x86_64
CVE-2022-40982 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.x86_64
CVE-2023-20569 Moderate/Sec. linux-firmware-20200421-81.git78c0348.el7_9.noarch
CVE-2023-20593 Moderate/Sec. linux-firmware-20200421-81.git78c0348.el7_9.noarch
CVE-2022-40982 Important/Sec. perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-40217 Important/Sec. python-2.7.5-94.el7_9.x86_64
CVE-2023-40217 Important/Sec. python-devel-2.7.5-94.el7_9.x86_64
CVE-2023-40217 Important/Sec. python-libs-2.7.5-94.el7_9.x86_64
CVE-2022-40982 Important/Sec. python-perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3611 Important/Sec. python-perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-3776 Important/Sec. python-perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4128 Important/Sec. python-perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4206 Important/Sec. python-perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4207 Important/Sec. python-perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-4208 Important/Sec. python-perf-3.10.0-1160.105.1.el7.x86_64
CVE-2023-40217 Important/Sec. python3-3.6.8-21.el7_9.x86_64
CVE-2023-40217 Important/Sec. python3-devel-3.6.8-21.el7_9.x86_64
CVE-2023-40217 Important/Sec. python3-libs-3.6.8-21.el7_9.x86_64
CVE-2022-43552 Low/Sec. curl-7.29.0-59.el7_9.2.x86_64
CVE-2022-43552 Low/Sec. libcurl-7.29.0-59.el7_9.2.x86_647.9.23.11.SP25
The release date of the 7.9.23.11.SP25 security patch is 20 December 2023. The estimated run time is around 80 minutes.
The 7.9.23.11.SP25 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Important: If you are using version 1.0.8, you must upgrade to 1.0.8.0 IF2 first to
apply 7.9.23.11.SP25.
Restriction: After applying 7.9.23.11.SP25, you can upgrade Cloud Pak for Data System to version 1.0.8.4 or later versions only.
Note: The ap version -s might not show all of the docker upgrade component
versions after applying 7.9.23.11.SP25 on Cloud Pak for Data System
1.0.7.8 or 1.0.7.8 IF2. This happens if Python 2 is installed.
- Workaround
- Run the ap version -d command.
The list of Red Hat CVEs, which are patched in this
release:
CVE-2023-3341 Important/Sec. bind-32:9.11.4-26.P2.el7_9.15.x86_64
CVE-2023-3341 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.15.x86_64
CVE-2023-3341 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.15.x86_64
CVE-2023-3341 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.15.x86_64
CVE-2023-3341 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.15.noarch
CVE-2023-3341 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.15.x86_64
CVE-2023-3341 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.15.x86_64
CVE-2023-3341 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.15.x86_64
CVE-2023-3341 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.15.x86_64
CVE-2023-22067 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.392.b08-2.el7_9.x86_64
CVE-2023-22081 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.392.b08-2.el7_9.x86_64
CVE-2023-22067 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.392.b08-2.el7_9.x86_64
CVE-2023-22081 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.392.b08-2.el7_9.x86_64
CVE-2023-3609 Important/Sec. kernel-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. kernel-debuginfo-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-debuginfo-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-debuginfo-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. kernel-debuginfo-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-debuginfo-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-debuginfo-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. kernel-devel-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-devel-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-devel-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. kernel-headers-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-headers-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-headers-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. kernel-tools-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-tools-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-tools-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. kernel-tools-libs-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. kernel-tools-libs-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. kernel-tools-libs-3.10.0-1160.102.1.el7.x86_64
CVE-2020-22218 Moderate/Sec. libssh2-1.8.0-4.el7_9.1.x86_64
CVE-2023-3609 Important/Sec. perf-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. perf-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. perf-3.10.0-1160.102.1.el7.x86_64
CVE-2023-3609 Important/Sec. python-perf-3.10.0-1160.102.1.el7.x86_64
CVE-2023-32233 Important/Sec. python-perf-3.10.0-1160.102.1.el7.x86_64
CVE-2023-35001 Important/Sec. python-perf-3.10.0-1160.102.1.el7.x86_647.9.23.09.SP24
The release date of the 7.9.23.09.SP24 security patch is 9 October 2023. The estimated run time is around 70 minutes.
The 7.9.23.09.SP24 patch is based on RHEL 7.9, and it can be installed only on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Important: Upgrading to Cloud Pak for Data System 1.0.8.x
versions till 1.0.8.3 after applying 7.9.23.09.SP24 will overwrite the fix for the
cve-2023-24329. To resolve this CVE, proceed with one of the following options:- Upgrade to Cloud Pak for Data System 1.0.8.4 or a later version when available.
- Apply SP25 when available.
- Contact IBM support.
Note: You don't have to apply 7.9.23.09.SP24 on Cloud Pak for Data System 1.0.8.4. Version 1.0.8.4 comes with security updates
till SP24. Apply SP25 and later versions on 1.0.8.4 when available.
Note: If after applying the security patch 7.9.23.09.SP24 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from
e1n1. Replace the<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs, which are patched in this release:
CVE-2023-32360 Important/Sec. cups-1:1.6.3-52.el7_9.x86_64
CVE-2023-32360 Important/Sec. cups-client-1:1.6.3-52.el7_9.x86_64
CVE-2023-32360 Important/Sec. cups-filesystem-1:1.6.3-52.el7_9.noarch
CVE-2023-32360 Important/Sec. cups-libs-1:1.6.3-52.el7_9.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2023-3899 Moderate/Sec. python-syspurpose-1.24.52-2.el7_9.x86_64
CVE-2023-3899 Moderate/Sec. subscription-manager-1.24.52-2.el7_9.x86_64
CVE-2023-3899 Moderate/Sec. subscription-manager-rhsm-1.24.52-2.el7_9.x86_64
CVE-2023-3899 Moderate/Sec. subscription-manager-rhsm-certificates-1.24.52-2.el7_9.x86_64
CVE-2023-2828 Important/Sec. bind-32:9.11.4-26.P2.el7_9.14.x86_64
CVE-2023-2828 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.14.x86_64
CVE-2023-2828 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.14.x86_64
CVE-2023-2828 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.14.x86_64
CVE-2023-2828 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.14.noarch
CVE-2023-2828 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.14.x86_64
CVE-2023-2828 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.14.x86_64
CVE-2023-2828 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.14.x86_64
CVE-2023-2828 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.14.x86_64
CVE-2023-38403 Important/Sec. iperf3-3.1.7-3.el7_9.x86_64
CVE-2023-22045 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.382.b05-1.el7_9.x86_64
CVE-2023-22049 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.382.b05-1.el7_9.x86_64
CVE-2023-22045 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.382.b05-1.el7_9.x86_64
CVE-2023-22049 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.382.b05-1.el7_9.x86_64
CVE-2023-20593 Important/Sec. kernel-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. kernel-debuginfo-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-debuginfo-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. kernel-debuginfo-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-debuginfo-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. kernel-devel-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-devel-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. kernel-headers-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-headers-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. kernel-tools-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-tools-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. kernel-tools-libs-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. kernel-tools-libs-3.10.0-1160.99.1.el7.x86_64
CVE-2023-38408 Important/Sec. openssh-7.4p1-23.el7_9.x86_64
CVE-2023-38408 Important/Sec. openssh-clients-7.4p1-23.el7_9.x86_64
CVE-2023-38408 Important/Sec. openssh-server-7.4p1-23.el7_9.x86_64
CVE-2023-20593 Important/Sec. perf-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. perf-3.10.0-1160.99.1.el7.x86_64
CVE-2023-20593 Important/Sec. python-perf-3.10.0-1160.99.1.el7.x86_64
CVE-2023-35788 Important/Sec. python-perf-3.10.0-1160.99.1.el7.x86_64
CVE-2023-30861 python-flask-0.10.1-7.el7_9.noarch.rpm
CVE-2023-24329 Important/Sec. python3-3.6.8-19.el7_9.x86_64
CVE-2023-24329 Important/Sec. python3-devel-3.6.8-19.el7_9.x86_64
CVE-2023-24329 Important/Sec. python3-libs-3.6.8-19.el7_9.x86_647.9.23.07.SP23
The release date of the 7.9.23.07.SP23 security patch is 8 September 2023. The estimated run time is around 70 minutes.
The 7.9.23.07.SP23 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Note: You don't have to apply 7.9.23.07.SP23 on Cloud Pak for Data System 1.0.8.3. Version 1.0.8.3 comes with security updates
till SP23. Apply SP24 and later versions on 1.0.8.3 when available.
Note: If after applying the security patch 7.9.23.07.SP23 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from
e1n1. Replace the<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs, which are patched in this
release:
CVE-2023-32067 Important/Sec. c-ares-1.10.0-3.el7_9.1.x86_64
CVE-2022-48339 Moderate/Sec. emacs-filesystem-1:24.3-23.el7_9.1.noarch
CVE-2023-24329 Important/Sec. python-2.7.5-93.el7_9.x86_64
CVE-2023-24329 Important/Sec. python-devel-2.7.5-93.el7_9.x86_64
CVE-2023-24329 Important/Sec. python-libs-2.7.5-93.el7_9.x86_647.9.23.06.SP22
The release date of the 7.9.23.06.SP22 security patch is 27 June 2023. The estimated run time is around 60 minutes.
The 7.9.23.06.SP22 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Note:
- If after applying the security patch 7.9.23.06.SP22 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
- Run the following two commands from e1n1. Replace the
- While applying the security patch 7.9.23.06.SP22, the process might get stuck with the following
error:
Workaround:2023-07-21 09:09:32 TRACE: Running command [ssh e1n1 'ipmitool lan print 1']. LOGGING FROM: node_os_prechecker.py:check_ipmitool_lan:89 2023-07-21 09:09:33 TRACE: RC: 1. STDOUT: [] STDERR: [Invalid channel: 1 ]Run the following commands to overcome the error:-
sed -i '60 s/node0101/e1n1/' <full path of node_os_prechecker_fixer.py>;sed -i '106 s/node0101/e1n1/' <full path of node_os_prechecker_fixer.py> -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
The list of Red Hat CVEs, which are patched in this
release:
CVE-2023-21930 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21937 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21938 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21939 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21954 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21967 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21968 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21930 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21937 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21938 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21939 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21954 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21967 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21968 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2022-43750 Moderate/Sec. kernel-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-devel-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-headers-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-tools-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-tools-libs-3.10.0-1160.90.1.el7.x86_64
CVE-2023-1999 Important/Sec. libwebp-0.3.0-11.el7.x86_64
CVE-2022-43750 Moderate/Sec. perf-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. python-perf-3.10.0-1160.90.1.el7.x86_64
CVE-2022-25147 Important/Sec. apr-util-1.5.2-6.el7_9.1.x86_64
CVE-2022-25147 Important/Sec. apr-util-openssl-1.5.2-6.el7_9.1.x86_64
CVE-2023-25652 Important/Sec. git-1.8.3.1-25.el7_9.x86_64
CVE-2023-29007 Important/Sec. git-1.8.3.1-25.el7_9.x86_64
CVE-2023-25652 Important/Sec. perl-Git-1.8.3.1-25.el7_9.noarch
CVE-2023-29007 Important/Sec. perl-Git-1.8.3.1-25.el7_9.noarch7.9.23.04.SP21
The release date of the 7.9.23.04.SP21 security patch is 12 May 2023. The estimated run time is around 60 minutes.
The 7.9.23.04.SP21 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Note: If after applying the security patch 7.9.23.04.SP21 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
- Run the following commands in order.
-
apupgrade --upgrade-apupgrade --upgrade-directory /localrepo --use-version 7.9.23.04.SP21_release --bundle system -
apupgrade --upgrade-details --upgrade-directory /localrepo --use-version 7.9.23.04.SP21_release --bundle system -
apupgrade --preliminary-check --upgrade-directory /localrepo --use-version 7.9.23.04.SP21_release --bundle system
-
- Run the following command to start the
upgrade.
apupgrade --upgrade-directory /localrepo --use-version 7.9.23.04.SP21_release --bundle system --upgrade
The list of Red Hat CVEs, which are patched in this
release:
CVE-2022-23521 Important/Sec. git-1.8.3.1-24.el7_9.x86_64
CVE-2022-41903 Important/Sec. git-1.8.3.1-24.el7_9.x86_64
CVE-2023-25690 Important/Sec. httpd-2.4.6-98.el7_9.7.x86_64
CVE-2023-25690 Important/Sec. httpd-tools-2.4.6-98.el7_9.7.x86_64
CVE-2022-4378 Important/Sec. kernel-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-devel-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-devel-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-headers-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-headers-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-tools-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-tools-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-tools-libs-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-tools-libs-3.10.0-1160.88.1.el7.x86_64
CVE-2022-38023 Important/Sec. libsmbclient-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. libwbclient-4.10.16-24.el7_9.x86_64
CVE-2023-25690 Important/Sec. mod_session-2.4.6-98.el7_9.7.x86_64
CVE-2023-0767 Important/Sec. nss-3.79.0-5.el7_9.x86_64
CVE-2023-0767 Important/Sec. nss-sysinit-3.79.0-5.el7_9.x86_64
CVE-2023-0767 Important/Sec. nss-tools-3.79.0-5.el7_9.x86_64
CVE-2023-0286 Important/Sec. openssl-1:1.0.2k-26.el7_9.x86_64
CVE-2023-0286 Important/Sec. openssl-devel-1:1.0.2k-26.el7_9.x86_64
CVE-2023-0286 Important/Sec. openssl-libs-1:1.0.2k-26.el7_9.x86_64
CVE-2022-4378 Important/Sec. perf-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. perf-3.10.0-1160.88.1.el7.x86_64
CVE-2022-23521 Important/Sec. perl-Git-1.8.3.1-24.el7_9.noarch
CVE-2022-41903 Important/Sec. perl-Git-1.8.3.1-24.el7_9.noarch
CVE-2022-4378 Important/Sec. python-perf-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. python-perf-3.10.0-1160.88.1.el7.x86_64
CVE-2022-38023 Important/Sec. samba-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-client-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-client-libs-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-common-4.10.16-24.el7_9.noarch
CVE-2022-38023 Important/Sec. samba-common-libs-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-common-tools-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-libs-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-python-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-winbind-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-winbind-modules-4.10.16-24.el7_9.x86_64
CVE-2022-37434 Moderate/Sec. zlib-1.2.7-21.el7_9.x86_64
CVE-2022-37434 Moderate/Sec. zlib-devel-1.2.7-21.el7_9.x86_647.9.23.02.SP20
The release date of the 7.9.23.02.SP20 security patch is 24 March 2023. This security patch includes the list of CVEs for January and February 2023.
The 7.9.23.02.SP20 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Important: The 7.9.23.02.SP20 is removed due to some upgrade issues. The issues are
addressed in 7.9.23.04.SP21. Use 7.9.23.04.SP21 to get the CVEs addressed.
The list of Red Hat CVEs patched in this
release:
CVE-2022-42920 Important/Sec. bcel-5.2-19.el7_9.noarch
CVE-2021-25220 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.13.noarch
CVE-2022-2795 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.13.noarch
CVE-2021-25220 Moderate/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-28733 Important/Sec. grub2-1:2.02-0.87.el7_9.11.x86_64
CVE-2022-28733 Important/Sec. grub2-common-1:2.02-0.87.el7_9.11.noarch
CVE-2022-28733 Important/Sec. grub2-pc-1:2.02-0.87.el7_9.11.x86_64
CVE-2022-28733 Important/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.11.noarch
CVE-2022-28733 Important/Sec. grub2-tools-1:2.02-0.87.el7_9.11.x86_64
CVE-2022-28733 Important/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.11.x86_64
CVE-2022-28733 Important/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.11.x86_64
CVE-2023-21830 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.362.b08-1.el7_9.x86_64
CVE-2023-21843 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.362.b08-1.el7_9.x86_64
CVE-2023-21830 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.362.b08-1.el7_9.x86_64
CVE-2023-21843 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.362.b08-1.el7_9.x86_64
CVE-2021-26401 Important/Sec. kernel-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-devel-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-devel-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-headers-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-headers-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-tools-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-tools-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-tools-libs-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-tools-libs-3.10.0-1160.83.1.el7.x86_64
CVE-2022-4254 Important/Sec. libipa_hbac-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_autofs-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_certmap-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_idmap-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_simpleifp-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_sudo-1.16.5-10.el7_9.15.x86_64
CVE-2021-26401 Important/Sec. perf-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. perf-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2414 Important/Sec. pki-base-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-base-java-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-ca-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-kra-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-server-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-tools-10.5.18-24.el7_9.x86_64
CVE-2022-4254 Important/Sec. python-libipa_hbac-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. python-libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64
CVE-2021-26401 Important/Sec. python-perf-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. python-perf-3.10.0-1160.83.1.el7.x86_64
CVE-2022-4254 Important/Sec. python-sss-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. python-sss-murmur-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. python-sssdconfig-1.16.5-10.el7_9.15.noarch
CVE-2022-4254 Important/Sec. sssd-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-ad-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-client-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-common-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-common-pac-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-dbus-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-ipa-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-krb5-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-krb5-common-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-ldap-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-proxy-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-tools-1.16.5-10.el7_9.15.x86_64
CVE-2023-22809 Important/Sec. sudo-1.8.23-10.el7_9.3.x86_647.9.22.12.SP19
The release date of the 7.9.22.12.SP19 security patch is 3 January 2023. The estimated run time is around 54 minutes. This security patch includes the list of CVEs for November and December 2022.
The 7.9.22.12.SP19 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after applying the security patch 7.9.22.12.SP19 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-2850 Moderate/Sec. 389-ds-base-1.3.10.2-17.el7_9.x86_64
CVE-2022-2850 Moderate/Sec. 389-ds-base-libs-1.3.10.2-17.el7_9.x86_64
CVE-2022-41974 Important/Sec. device-mapper-multipath-0.4.9-136.el7_9.x86_64
CVE-2022-41974 Important/Sec. device-mapper-multipath-libs-0.4.9-136.el7_9.x86_64
CVE-2022-21619 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21624 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21626 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21628 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21619 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21624 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21626 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21628 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-2588 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-41974 Important/Sec. kpartx-0.4.9-136.el7_9.x86_64
CVE-2022-2588 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2393 Moderate/Sec. pki-base-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-base-java-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-ca-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-kra-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-server-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-tools-10.5.18-23.el7_9.x86_64
CVE-2022-2588 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-41853 Important/Sec. hsqldb-1:1.8.1.3-15.el7_9.noarch
CVE-2022-42898 Important/Sec. krb5-devel-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. krb5-libs-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. krb5-pkinit-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. krb5-server-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. krb5-workstation-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. libkadm5-1.15.1-55.el7_9.x86_64
CVE-2021-29740 gpfs.adv-5.1.2-7.x86_647.9.22.10.SP18
The release date of the 7.9.22.10.SP18 security patch is 26 October 2022. The estimated run time is around 60 minutes.
The 7.9.22.10.SP18 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after applying the security patch 7.9.22.10.SP18 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-38177 Important/Sec. bind-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.10.noarch
CVE-2022-38178 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.10.noarch
CVE-2022-38177 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-40674 Important/Sec. expat-2.1.0-15.el7_9.x86_64
updateinfo list done7.9.22.09.SP17
The security patch released in September 2022. The estimated run time is around 60 minutes.
The 7.9.22.09.SP17 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after applying the security patch 7.9.22.09.SP17 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-21123 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64
CVE-2022-2526 Important/Sec. libgudev1-219-78.el7_9.7.x86_64
CVE-2022-21123 Moderate/Sec. perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-29154 Important/Sec. rsync-3.1.2-11.el7_9.x86_64
CVE-2022-2526 Important/Sec. systemd-219-78.el7_9.7.x86_64
CVE-2022-2526 Important/Sec. systemd-libs-219-78.el7_9.7.x86_64
CVE-2022-2526 Important/Sec. systemd-python-219-78.el7_9.7.x86_64
CVE-2022-2526 Important/Sec. systemd-sysv-219-78.el7_9.7.x86_647.9.22.08.SP16
The security patch released in August 2022. The estimated run time is around 60 minutes.
The 7.9.22.08.SP16 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after applying the security patch 7.9.22.08.SP16 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-21540 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-21541 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-34169 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-21540 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-21541 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-34169 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.x86_647.9.22.07.SP15
The security patch released in July 2022. The estimated run time is around 60 minutes.
The 7.9.22.07.SP15 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after applying the security patch 7.9.22.07.SP15 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-0918 Moderate/Sec. 389-ds-base-1.3.10.2-16.el7_9.x86_64
CVE-2022-0996 Moderate/Sec. 389-ds-base-1.3.10.2-16.el7_9.x86_64
CVE-2022-0918 Moderate/Sec. 389-ds-base-libs-1.3.10.2-16.el7_9.x86_64
CVE-2022-0996 Moderate/Sec. 389-ds-base-libs-1.3.10.2-16.el7_9.x86_64
CVE-2022-1729 Important/Sec. kernel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. perf-3.10.0-1160.71.1.el7.x86_64
CVE-2020-26116 Moderate/Sec. python-2.7.5-92.el7_9.x86_64
CVE-2020-26137 Moderate/Sec. python-2.7.5-92.el7_9.x86_64
CVE-2021-3177 Moderate/Sec. python-2.7.5-92.el7_9.x86_64
CVE-2020-26116 Moderate/Sec. python-devel-2.7.5-92.el7_9.x86_64
CVE-2020-26137 Moderate/Sec. python-devel-2.7.5-92.el7_9.x86_64
CVE-2021-3177 Moderate/Sec. python-devel-2.7.5-92.el7_9.x86_64
CVE-2020-26116 Moderate/Sec. python-libs-2.7.5-92.el7_9.x86_64
CVE-2020-26137 Moderate/Sec. python-libs-2.7.5-92.el7_9.x86_64
CVE-2021-3177 Moderate/Sec. python-libs-2.7.5-92.el7_9.x86_64
CVE-2022-1729 Important/Sec. python-perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. python-perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. python-perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1271 Important/Sec. xz-5.2.2-2.el7_9.x86_64
CVE-2022-1271 Important/Sec. xz-devel-5.2.2-2.el7_9.x86_64
CVE-2022-1271 Important/Sec. xz-libs-5.2.2-2.el7_9.x86_647.9.22.06.SP14
The security patch released in June 2022. The estimated run time is around 60 minutes.
The 7.9.22.06.SP14 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after
applying the security patch 7.9.22.06.SP14 or greater, you try to upgrade to 1.0.7.8, the upgrade
might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-24903 Important/Sec. rsyslog-8.24.0-57.el7_9.3.x86_647.9.22.05.SP13
The security patch released in June 2022. The estimated run time is around 60 minutes.
The 7.9.22.05.SP13 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after
applying the security patch 7.9.22.05.SP13 or greater, you try to upgrade to 1.0.7.8, the upgrade
might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-1271 Important/Sec. gzip-1.5-11.el7_9.x86_64
CVE-2022-21426 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21434 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21443 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21476 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21496 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21426 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21434 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21443 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21476 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21496 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-0492 Important/Sec. kernel-3.10.0-1160.66.1.el7.x86_64
CVE-2020-8648 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12362 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12363 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12364 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2020-27170 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2021-3347 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-debuginfo-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-debuginfo-3.10.0-1160.49.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-debuginfo-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-debuginfo-3.10.0-1160.62.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-debuginfo-3.10.0-1160.66.1.el7.x86_64
CVE-2020-8648 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12362 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12363 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12364 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2020-27170 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2021-3347 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.49.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.62.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-devel-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-headers-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-tools-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-tools-libs-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. perf-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. python-perf-3.10.0-1160.66.1.el7.x86_64
CVE-2018-25032 Important/Sec. zlib-1.2.7-20.el7_9.x86_64
CVE-2018-25032 Important/Sec. zlib-devel-1.2.7-20.el7_9.x86_647.9.22.04.SP12
The security patch released in May 2022.
The 7.9.22.04.SP12 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after
applying the security patch 7.9.22.04.SP12 or greater, you try to upgrade to 1.0.7.8, the upgrade
might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2021-45960 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2021-46143 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22822 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22823 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22824 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22825 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22826 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22827 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-23852 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-25235 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-25236 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-25315 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22720 Important/Sec. httpd-2.4.6-97.el7_9.5.x86_64
CVE-2022-22720 Important/Sec. httpd-tools-2.4.6-97.el7_9.5.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2021-4028 Important/Sec. kernel-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-devel-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-devel-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-headers-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-headers-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-tools-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-tools-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-tools-libs-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-tools-libs-3.10.0-1160.62.1.el7.x86_64
CVE-2022-22720 Important/Sec. mod_session-2.4.6-97.el7_9.5.x86_64
CVE-2022-0778 Important/Sec. openssl-1:1.0.2k-25.el7_9.x86_64
CVE-2022-0778 Important/Sec. openssl-devel-1:1.0.2k-25.el7_9.x86_64
CVE-2022-0778 Important/Sec. openssl-libs-1:1.0.2k-25.el7_9.x86_64
CVE-2021-4028 Important/Sec. perf-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. perf-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. python-perf-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. python-perf-3.10.0-1160.62.1.el7.x86_647.9.22.03.SP11
The security patch released in April 2022.
The 7.9.22.03.SP11 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after
applying the security patch 7.9.22.03.SP11 or greater, you try to upgrade to 1.0.7.8, the upgrade
might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace the
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2021-4091 Low/Sec. 389-ds-base-1.3.10.2-15.el7_9.x86_64
CVE-2021-4091 Low/Sec. 389-ds-base-libs-1.3.10.2-15.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-2.1.26-24.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-gssapi-2.1.26-24.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-lib-2.1.26-24.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-md5-2.1.26-24.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-plain-2.1.26-24.el7_9.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2020-0465 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2020-25709 Moderate/Sec. openldap-2.4.44-25.el7_9.x86_64
CVE-2020-25710 Moderate/Sec. openldap-2.4.44-25.el7_9.x86_64
CVE-2020-25709 Moderate/Sec. openldap-clients-2.4.44-25.el7_9.x86_64
CVE-2020-25710 Moderate/Sec. openldap-clients-2.4.44-25.el7_9.x86_64
CVE-2020-0465 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22816 Important/Sec. python-pillow-2.0.0-23.gitd1c6db8.el7_9.x86_64
CVE-2022-22817 Important/Sec. python-pillow-2.0.0-23.gitd1c6db8.el7_9.x86_647.9.22.02.SP10
The security patch released in February 2022.
The 7.9.22.02.SP10 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
There is no need to install this patch on 1.0.7.8 as the same content is already applied with 1.0.7.8 upgrade.
The list of Red Hat CVEs patched in this
release:
CVE-2021-45417 Important/Sec. aide-0.15.1-13.el7_9.1.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2022-21248 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21282 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21283 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21293 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21294 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21296 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21299 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21305 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21340 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21341 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21360 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21365 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21248 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21282 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21283 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21293 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21294 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21296 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21299 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21305 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21340 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21341 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21360 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21365 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-23302 Important/Sec. log4j-1.2.17-18.el7_4.noarch
CVE-2022-23305 Important/Sec. log4j-1.2.17-18.el7_4.noarch
CVE-2022-23307 Important/Sec. log4j-1.2.17-18.el7_4.noarch7.9.22.01.SP9
The security patch released in February 2022.
The 7.9.22.01.SP9 patch is based on RHEL 7.9, and it can be installed only on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2020-25704 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64
CVE-2021-3712 Moderate/Sec. openssl-1:1.0.2k-23.el7_9.x86_64
CVE-2021-3712 Moderate/Sec. openssl-devel-1:1.0.2k-23.el7_9.x86_64
CVE-2021-3712 Moderate/Sec. openssl-libs-1:1.0.2k-23.el7_9.x86_64
CVE-2020-25704 Moderate/Sec. perf-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. perf-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. perf-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.x86_64
CVE-2021-4034 Important/Sec. polkit-0.112-26.el7_9.1.x86_64
CVE-2021-44142 Critical/Sec. samba-client-libs-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-common-tools-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-python-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-client-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-common-libs-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-winbind-modules-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-libs-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-winbind-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-common-4.10.16-18.el7_9.noarch
CVE-2021-44142 Critical/Sec. libsmbclient-4.10.16-18.el7_9.x86_64.rpm
CVE-2021-44142 Critical/Sec. libwbclient-4.10.16-18.el7_9.x86_64.rpm7.9.21.12.SP8
The security patch released in January 2022.
The 7.9.21.12.SP8 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2020-36385 Important/Sec. kernel-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-devel-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-headers-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-tools-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-tools-libs-3.10.0-1160.49.1.el7.x86_64
CVE-2021-37750 Moderate/Sec. krb5-devel-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. krb5-libs-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. krb5-pkinit-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. krb5-server-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. krb5-workstation-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. libkadm5-1.15.1-51.el7_9.x86_64
CVE-2021-43527 Critical/Sec. nss-3.67.0-4.el7_9.x86_64
CVE-2021-43527 Critical/Sec. nss-sysinit-3.67.0-4.el7_9.x86_64
CVE-2021-43527 Critical/Sec. nss-tools-3.67.0-4.el7_9.x86_64
CVE-2021-41617 Moderate/Sec. openssh-7.4p1-22.el7_9.x86_64
CVE-2021-41617 Moderate/Sec. openssh-clients-7.4p1-22.el7_9.x86_64
CVE-2021-41617 Moderate/Sec. openssh-server-7.4p1-22.el7_9.x86_64
CVE-2020-36385 Important/Sec. perf-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. python-perf-3.10.0-1160.49.1.el7.x86_64
CVE-2021-20271 Moderate/Sec. rpm-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-build-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-build-libs-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-devel-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-libs-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-python-4.11.3-48.el7_9.x86_64
CVE-2020-25719 Moderate/Sec. ipa-client-4.6.8-5.el7_9.10.x86_64
CVE-2020-25719 Moderate/Sec. ipa-client-common-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-common-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-python-compat-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-server-4.6.8-5.el7_9.10.x86_64
CVE-2020-25719 Moderate/Sec. ipa-server-common-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-server-dns-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7_9.10.x86_64
CVE-2016-2124 Important/Sec. libsmbclient-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. libsmbclient-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. libwbclient-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. libwbclient-4.10.16-17.el7_9.x86_64
CVE-2021-4104 Moderate/Sec. log4j-1.2.17-17.el7_4.noarch
CVE-2020-25719 Moderate/Sec. python2-ipaclient-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. python2-ipalib-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. python2-ipaserver-4.6.8-5.el7_9.10.noarch
CVE-2016-2124 Important/Sec. samba-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-client-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-client-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-client-libs-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-client-libs-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-common-4.10.16-17.el7_9.noarch
CVE-2020-25717 Important/Sec. samba-common-4.10.16-17.el7_9.noarch
CVE-2016-2124 Important/Sec. samba-common-libs-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-common-libs-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-common-tools-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-common-tools-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-libs-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-libs-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-python-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-python-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-winbind-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-winbind-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-winbind-modules-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-winbind-modules-4.10.16-17.el7_9.x86_647.9.21.11.SP7
Security patch released in December 2021.
The 7.9.21.11.SP7 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2021-3652 Low/Sec. 389-ds-base-1.3.10.2-13.el7_9.x86_64
CVE-2021-3652 Low/Sec. 389-ds-base-libs-1.3.10.2-13.el7_9.x86_64
CVE-2021-42574 Moderate/Sec. binutils-2.27-44.base.el7_9.1.x86_64
CVE-2021-40438 Important/Sec. httpd-2.4.6-97.el7_9.1.x86_64
CVE-2021-40438 Important/Sec. httpd-tools-2.4.6-97.el7_9.1.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2021-35550 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35556 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35559 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35561 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35564 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35565 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35567 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35578 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35586 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35588 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35603 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35550 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35556 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35559 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35561 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35564 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35565 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35567 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35578 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35586 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35588 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35603 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-3653 Important/Sec. kernel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-devel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-devel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-devel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-devel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-headers-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-headers-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-headers-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-headers-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-tools-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-tools-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-tools-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-tools-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
CVE-2016-4658 Moderate/Sec. libxml2-2.9.1-6.el7_9.6.x86_64
CVE-2016-4658 Moderate/Sec. libxml2-python-2.9.1-6.el7_9.6.x86_64
CVE-2021-40438 Important/Sec. mod_session-2.4.6-97.el7_9.1.x86_64
CVE-2021-23840 Moderate/Sec. openssl-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23841 Moderate/Sec. openssl-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23840 Moderate/Sec. openssl-devel-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23841 Moderate/Sec. openssl-devel-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23840 Moderate/Sec. openssl-libs-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23841 Moderate/Sec. openssl-libs-1:1.0.2k-22.el7_9.x86_64
CVE-2021-3653 Important/Sec. perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. python-perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. python-perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. python-perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. python-perf-3.10.0-1160.45.1.el7.x86_647.9.21.09.SP6
Security patch released in November 2021.
The 7.9.21.09.SP6 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2020-35518 Moderate/Sec. 389-ds-base-1.3.10.2-12.el7_9.x86_64
CVE-2020-35518 Moderate/Sec. 389-ds-base-libs-1.3.10.2-12.el7_9.x86_64
CVE-2021-25214 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.7.noarch
CVE-2021-25214 Moderate/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-3622 Low/Sec. hivex-1.3.10-6.12.el7_9.x86_64
CVE-2020-27777 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-devel-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-headers-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-tools-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-tools-libs-3.10.0-1160.42.2.el7.x86_64
CVE-2021-31535 Important/Sec. libX11-1.6.7-4.el7_9.x86_64
CVE-2021-31535 Important/Sec. libX11-common-1.6.7-4.el7_9.noarch
CVE-2021-3621 Important/Sec. libipa_hbac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3246 Important/Sec. libsndfile-1.0.25-12.el7_9.1.x86_64
CVE-2021-3621 Important/Sec. libsss_autofs-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_certmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_simpleifp-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_sudo-1.16.5-10.el7_9.10.x86_64
CVE-2020-27777 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. perf-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3622 Low/Sec. perl-hivex-1.3.10-6.12.el7_9.x86_64
CVE-2021-3621 Important/Sec. python-libipa_hbac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2020-27777 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. python-perf-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3621 Important/Sec. python-sss-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-sss-murmur-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-sssdconfig-1.16.5-10.el7_9.10.noarch
CVE-2021-3621 Important/Sec. sssd-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ad-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-client-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-common-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-common-pac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-dbus-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ipa-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-krb5-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-krb5-common-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ldap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-proxy-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-tools-1.16.5-10.el7_9.10.x86_647.9.21.08.SP5
Security patch released in September 2021.
The 7.9.21.08.SP5 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2021-2341 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2369 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2388 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2341 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2369 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2388 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2019-20934 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_647.9.21.05.SP3
Security patch released in July 2021.
The 7.9.21.05.SP3 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2021-25215 Important/Sec. bind-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.5.noarch
CVE-2021-25215 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-2163 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.292.b10-1.el7_9.x86_64
CVE-2021-2163 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.292.b10-1.el7_9.x86_64
CVE-2020-25648 Moderate/Sec. nss-3.53.1-7.el7_9.x86_64
CVE-2020-25648 Moderate/Sec. nss-sysinit-3.53.1-7.el7_9.x86_64
CVE-2020-25648 Moderate/Sec. nss-tools-3.53.1-7.el7_9.x86_64
CVE-2020-25692 Moderate/Sec. openldap-2.4.44-23.el7_9.x86_64
CVE-2020-25692 Moderate/Sec. openldap-clients-2.4.44-23.el7_9.x86_64
CVE-2021-3480 Important/Sec. slapi-nis-0.56.5-4.el7_9.x86_647.9.21.04.SP1
The security patch released in April 2021.
The 7.9.21.04.SP1 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6.
The list of Red Hat CVEs patched in this release:
CVE-2020-8625 Important/Sec. bind-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.4.noarch
CVE-2020-8625 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2019-14866 Moderate/Sec. cpio-2.11-28.el7.x86_64
CVE-2017-18190 Moderate/Sec. cups-1:1.6.3-51.el7.x86_64
CVE-2019-8675 Moderate/Sec. cups-1:1.6.3-51.el7.x86_64
CVE-2019-8696 Moderate/Sec. cups-1:1.6.3-51.el7.x86_64
CVE-2017-18190 Moderate/Sec. cups-client-1:1.6.3-51.el7.x86_64
CVE-2019-8675 Moderate/Sec. cups-client-1:1.6.3-51.el7.x86_64
CVE-2019-8696 Moderate/Sec. cups-client-1:1.6.3-51.el7.x86_64
CVE-2017-18190 Moderate/Sec. cups-filesystem-1:1.6.3-51.el7.noarch
CVE-2019-8675 Moderate/Sec. cups-filesystem-1:1.6.3-51.el7.noarch
CVE-2019-8696 Moderate/Sec. cups-filesystem-1:1.6.3-51.el7.noarch
CVE-2017-18190 Moderate/Sec. cups-libs-1:1.6.3-51.el7.x86_64
CVE-2019-8675 Moderate/Sec. cups-libs-1:1.6.3-51.el7.x86_64
CVE-2019-8696 Moderate/Sec. cups-libs-1:1.6.3-51.el7.x86_64
CVE-2019-12749 Moderate/Sec. dbus-1:1.10.24-15.el7.x86_64
CVE-2019-12749 Moderate/Sec. dbus-libs-1:1.10.24-15.el7.x86_64
CVE-2019-14834 Low/Sec. dnsmasq-2.76-16.el7.x86_64
CVE-2020-25684 Moderate/Sec. dnsmasq-2.76-16.el7_9.1.x86_64
CVE-2020-25685 Moderate/Sec. dnsmasq-2.76-16.el7_9.1.x86_64
CVE-2020-25686 Moderate/Sec. dnsmasq-2.76-16.el7_9.1.x86_64
CVE-2019-5094 Moderate/Sec. e2fsprogs-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. e2fsprogs-1.42.9-19.el7.x86_64
CVE-2019-5094 Moderate/Sec. e2fsprogs-libs-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. e2fsprogs-libs-1.42.9-19.el7.x86_64
CVE-2018-20843 Moderate/Sec. expat-2.1.0-12.el7.x86_64
CVE-2019-15903 Moderate/Sec. expat-2.1.0-12.el7.x86_64
CVE-2020-15999 Important/Sec. freetype-2.8-14.el7_9.1.x86_64
CVE-2019-19126 Low/Sec. glibc-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. glibc-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. glibc-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. glibc-2.17-322.el7_9.x86_64
CVE-2019-19126 Low/Sec. glibc-common-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. glibc-common-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. glibc-common-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. glibc-common-2.17-322.el7_9.x86_64
CVE-2019-19126 Low/Sec. glibc-devel-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. glibc-devel-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. glibc-devel-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. glibc-devel-2.17-322.el7_9.x86_64
CVE-2019-19126 Low/Sec. glibc-headers-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. glibc-headers-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. glibc-headers-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. glibc-headers-2.17-322.el7_9.x86_64
CVE-2020-14372 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-14372 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-25632 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-25647 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-27749 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-27779 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2021-20225 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2021-20233 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-14372 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-14372 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-25632 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-25647 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-27749 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-27779 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2021-20225 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2021-20233 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-14372 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-14372 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-14372 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2019-16707 Low/Sec. hunspell-1.3.2-16.el7.x86_64
CVE-2015-9251 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2016-10735 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2018-14040 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2018-14042 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2018-20676 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2018-20677 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2019-8331 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2019-11358 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2020-1722 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2020-11022 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2020-11023 Moderate/Sec. ipa-client-4.6.8-5.el7_9.4.x86_64
CVE-2015-9251 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. ipa-client-common-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. ipa-common-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2016-10735 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2018-14040 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2018-14042 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2018-20676 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2018-20677 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2019-8331 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2019-11358 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2020-1722 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2020-11022 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2020-11023 Moderate/Sec. ipa-server-4.6.8-5.el7_9.4.x86_64
CVE-2015-9251 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. ipa-server-common-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. ipa-server-dns-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2016-10735 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2018-14040 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2018-14042 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2018-20676 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2018-20677 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2019-8331 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2019-11358 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2020-1722 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2020-11022 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2020-11023 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7_9.4.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2020-12321 Important/Sec. iwl100-firmware-39.31.5.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl1000-firmware-1:39.31.5.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl105-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl135-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl2000-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl2030-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl3160-firmware-25.30.13.0-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl3945-firmware-15.32.2.9-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl4965-firmware-228.61.2.24-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl5150-firmware-8.24.2.2-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl6000-firmware-9.221.4.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl6050-firmware-41.28.5.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl7260-firmware-25.30.13.0-80.el7_9.noarch
CVE-2020-15436 Moderate/Sec. kernel-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-3.10.0-1160.24.1.el7.x86_64
CVE-2020-15436 Moderate/Sec. kernel-devel-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-devel-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-devel-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-devel-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-devel-3.10.0-1160.24.1.el7.x86_64
CVE-2020-15436 Moderate/Sec. kernel-headers-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-headers-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-headers-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-headers-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-headers-3.10.0-1160.24.1.el7.x86_64
CVE-2020-15436 Moderate/Sec. kernel-tools-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-tools-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-tools-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-tools-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-tools-3.10.0-1160.24.1.el7.x86_64
CVE-2020-15436 Moderate/Sec. kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64
CVE-2020-14363 Important/Sec. libX11-1.6.7-3.el7_9.x86_64
CVE-2020-14363 Important/Sec. libX11-common-1.6.7-3.el7_9.noarch
CVE-2019-5094 Moderate/Sec. libcom_err-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. libcom_err-1.42.9-19.el7.x86_64
CVE-2019-5094 Moderate/Sec. libcom_err-devel-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. libcom_err-devel-1.42.9-19.el7.x86_64
CVE-2020-12825 Moderate/Sec. libcroco-0.6.12-6.el7_9.x86_64
CVE-2021-20277 Important/Sec. libldb-1.5.4-2.el7_9.x86_64
CVE-2017-12652 Low/Sec. libpng-2:1.5.13-8.el7.x86_64
CVE-2018-19662 Low/Sec. libsndfile-1.0.25-12.el7.x86_64
CVE-2019-5094 Moderate/Sec. libss-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. libss-1.42.9-19.el7.x86_64
CVE-2019-17498 Moderate/Sec. libssh2-1.8.0-4.el7.x86_64
CVE-2019-14973 Moderate/Sec. libtiff-4.0.3-35.el7.x86_64
CVE-2019-17546 Moderate/Sec. libtiff-4.0.3-35.el7.x86_64
CVE-2017-0393 Moderate/Sec. libvpx-1.3.0-8.el7.x86_64
CVE-2019-9232 Moderate/Sec. libvpx-1.3.0-8.el7.x86_64
CVE-2019-9433 Moderate/Sec. libvpx-1.3.0-8.el7.x86_64
CVE-2020-0034 Moderate/Sec. libvpx-1.3.0-8.el7.x86_64
CVE-2019-3833 Moderate/Sec. libwsman1-2.6.3-7.git4391e5c.el7.x86_64
CVE-2019-19956 Moderate/Sec. libxml2-2.9.1-6.el7.5.x86_64
CVE-2019-20388 Moderate/Sec. libxml2-2.9.1-6.el7.5.x86_64
CVE-2020-7595 Moderate/Sec. libxml2-2.9.1-6.el7.5.x86_64
CVE-2019-19956 Moderate/Sec. libxml2-python-2.9.1-6.el7.5.x86_64
CVE-2019-20388 Moderate/Sec. libxml2-python-2.9.1-6.el7.5.x86_64
CVE-2020-7595 Moderate/Sec. libxml2-python-2.9.1-6.el7.5.x86_64
CVE-2019-11068 Moderate/Sec. libxslt-1.1.28-6.el7.x86_64
CVE-2019-18197 Moderate/Sec. libxslt-1.1.28-6.el7.x86_64
CVE-2020-12321 Important/Sec. linux-firmware-20200421-80.git78c0348.el7_9.noarch
CVE-2019-2974 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2020-2574 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2020-2752 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2020-2780 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2020-2812 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2021-20305 Important/Sec. nettle-2.7.1-9.el7_9.x86_64
CVE-2019-19126 Low/Sec. nscd-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. nscd-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. nscd-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. nscd-2.17-322.el7_9.x86_64
CVE-2020-12243 Moderate/Sec. openldap-2.4.44-22.el7.x86_64
CVE-2020-12243 Moderate/Sec. openldap-clients-2.4.44-22.el7.x86_64
CVE-2019-3833 Moderate/Sec. openwsman-python-2.6.3-7.git4391e5c.el7.x86_64
CVE-2020-15436 Moderate/Sec. perf-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. perf-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. perf-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. perf-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. perf-3.10.0-1160.24.1.el7.x86_64
CVE-2020-10543 Moderate/Sec. perl-4:5.16.3-299.el7_9.x86_64
CVE-2020-10878 Moderate/Sec. perl-4:5.16.3-299.el7_9.x86_64
CVE-2020-12723 Moderate/Sec. perl-4:5.16.3-299.el7_9.x86_64
CVE-2020-10543 Moderate/Sec. perl-CPAN-1.9800-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-CPAN-1.9800-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-CPAN-1.9800-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-ExtUtils-Install-1.58-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-ExtUtils-Install-1.58-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-ExtUtils-Install-1.58-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-IO-Zlib-1:1.10-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-IO-Zlib-1:1.10-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-IO-Zlib-1:1.10-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-Package-Constants-1:0.02-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-Package-Constants-1:0.02-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-Package-Constants-1:0.02-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-Pod-Escapes-1:1.04-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-Pod-Escapes-1:1.04-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-Pod-Escapes-1:1.04-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-devel-4:5.16.3-299.el7_9.x86_64
CVE-2020-10878 Moderate/Sec. perl-devel-4:5.16.3-299.el7_9.x86_64
CVE-2020-12723 Moderate/Sec. perl-devel-4:5.16.3-299.el7_9.x86_64
CVE-2020-10543 Moderate/Sec. perl-libs-4:5.16.3-299.el7_9.x86_64
CVE-2020-10878 Moderate/Sec. perl-libs-4:5.16.3-299.el7_9.x86_64
CVE-2020-12723 Moderate/Sec. perl-libs-4:5.16.3-299.el7_9.x86_64
CVE-2020-10543 Moderate/Sec. perl-macros-4:5.16.3-299.el7_9.x86_64
CVE-2020-10878 Moderate/Sec. perl-macros-4:5.16.3-299.el7_9.x86_64
CVE-2020-12723 Moderate/Sec. perl-macros-4:5.16.3-299.el7_9.x86_64
CVE-2019-10146 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2019-10179 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2019-10221 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2020-1721 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2020-25715 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2021-20179 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2021-20277 Important/Sec. pyldb-1.5.4-2.el7_9.x86_64
CVE-2020-15436 Moderate/Sec. python-perf-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. python-perf-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. python-perf-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. python-perf-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. python-perf-3.10.0-1160.24.1.el7.x86_64
CVE-2020-5313 Moderate/Sec. python-pillow-2.0.0-21.gitd1c6db8.el7.x86_64
CVE-2015-9251 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. python2-ipaclient-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. python2-ipalib-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. python2-ipaserver-4.6.8-5.el7_9.4.noarch
CVE-2018-15746 Low/Sec. qemu-img-10:1.5.3-175.el7.x86_64
CVE-2019-20382 Low/Sec. qemu-img-10:1.5.3-175.el7.x86_64
CVE-2020-1983 Important/Sec. qemu-img-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-14364 Important/Sec. qemu-img-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-13765 Moderate/Sec. qemu-img-10:1.5.3-175.el7_9.3.x86_64
CVE-2020-16092 Moderate/Sec. qemu-img-10:1.5.3-175.el7_9.3.x86_64
CVE-2018-15746 Low/Sec. qemu-kvm-10:1.5.3-175.el7.x86_64
CVE-2019-20382 Low/Sec. qemu-kvm-10:1.5.3-175.el7.x86_64
CVE-2020-1983 Important/Sec. qemu-kvm-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-14364 Important/Sec. qemu-kvm-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-13765 Moderate/Sec. qemu-kvm-10:1.5.3-175.el7_9.3.x86_64
CVE-2020-16092 Moderate/Sec. qemu-kvm-10:1.5.3-175.el7_9.3.x86_64
CVE-2018-15746 Low/Sec. qemu-kvm-common-10:1.5.3-175.el7.x86_64
CVE-2019-20382 Low/Sec. qemu-kvm-common-10:1.5.3-175.el7.x86_64
CVE-2020-1983 Important/Sec. qemu-kvm-common-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-14364 Important/Sec. qemu-kvm-common-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-13765 Moderate/Sec. qemu-kvm-common-10:1.5.3-175.el7_9.3.x86_64
CVE-2020-16092 Moderate/Sec. qemu-kvm-common-10:1.5.3-175.el7_9.3.x86_64
CVE-2021-26937 Important/Sec. screen-4.1.0-0.27.20120314git3c2946.el7_9.x86_64
CVE-2020-14355 Important/Sec. spice-server-0.14.0-9.el7_9.1.x86_64
CVE-2018-11782 Moderate/Sec. subversion-1.7.14-16.el7.x86_64
CVE-2018-11782 Moderate/Sec. subversion-libs-1.7.14-16.el7.x86_64
CVE-2021-3156 Important/Sec. sudo-1.8.23-10.el7_9.1.x86_64
CVE-2021-27803 Important/Sec. wpa_supplicant-1:2.6-12.el7_9.2.x86_647.8.21.01.SP1
Security patch released in February 2021.
The 7.8.21.01.SP1 patch is based on RHEL 7.8, and it can only be installed on versions 1.0.7.4 and 1.0.7.5. Do not apply the patch on earlier versions of the system.
The list of Red Hat CVEs patched in this release:
CVE-2020-10713 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-10713 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-14308 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-14309 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-14310 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-14311 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-15705 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-15706 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-15707 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-10713 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-10713 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-14308 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-14309 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-14310 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-14311 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-15705 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-15706 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-15707 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-10713 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-10713 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-10713 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64