Vulnerabilities > CVE-2016-10739 - Improper Input Validation vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
LOW Summary
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Server Side Include (SSI) Injection An attacker can use Server Side Include (SSI) Injection to send code to a web application that then gets executed by the web server. Doing so enables the attacker to achieve similar results to Cross Site Scripting, viz., arbitrary code execution and information disclosure, albeit on a more limited scale, since the SSI directives are nowhere near as powerful as a full-fledged scripting language. Nonetheless, the attacker can conveniently gain access to sensitive files, such as password files, and execute shell commands.
- Cross Zone Scripting An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
- Cross Site Scripting through Log Files An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
- Command Line Execution through SQL Injection An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host.
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0903-1.NASL description This update for glibc fixes the following issues : Security issue fixed : CVE-2016-10739: Fixed an improper implementation of getaddrinfo function which could allow applications to incorrectly assume that had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings (bsc#1122729). Other issue fixed: Fixed an issue where pthread_mutex_trylock did not use a correct order of instructions while maintained the robust mutex list due to missing compiler barriers (bsc#1130045). Added new Japanese Era name support (bsc#1100396). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 123928 published 2019-04-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123928 title SUSE SLED15 / SLES15 Security Update : glibc (SUSE-SU-2019:0903-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2019:0903-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(123928); script_version("1.3"); script_cvs_date("Date: 2020/01/23"); script_cve_id("CVE-2016-10739"); script_name(english:"SUSE SLED15 / SLES15 Security Update : glibc (SUSE-SU-2019:0903-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for glibc fixes the following issues : Security issue fixed : CVE-2016-10739: Fixed an improper implementation of getaddrinfo function which could allow applications to incorrectly assume that had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings (bsc#1122729). Other issue fixed: Fixed an issue where pthread_mutex_trylock did not use a correct order of instructions while maintained the robust mutex list due to missing compiler barriers (bsc#1130045). Added new Japanese Era name support (bsc#1100396). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1100396" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1122729" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1130045" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-10739/" ); # https://www.suse.com/support/update/announcement/2019/suse-su-20190903-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ca44d61d" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-903=1 SUSE Linux Enterprise Module for Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2019-903=1 SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-903=1" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-devel-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-devel-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-extra-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-locale"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-locale-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-locale-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-profile"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-utils-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-utils-src-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nscd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nscd-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/21"); script_set_attribute(attribute:"patch_publication_date", value:"2019/04/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp); if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"glibc-32bit-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"glibc-devel-32bit-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"glibc-devel-32bit-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"glibc-32bit-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"glibc-32bit-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-debugsource-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-devel-static-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-utils-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-utils-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-utils-src-debugsource-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-debugsource-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-devel-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-devel-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-extra-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-extra-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-locale-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-locale-base-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-locale-base-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"glibc-profile-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"nscd-2.26-13.19.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"nscd-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"glibc-32bit-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"glibc-devel-32bit-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"glibc-devel-32bit-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"glibc-32bit-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"glibc-32bit-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-debugsource-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-devel-static-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-utils-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-utils-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-utils-src-debugsource-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-debugsource-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-devel-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-devel-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-extra-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-extra-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-locale-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-locale-base-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-locale-base-debuginfo-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"glibc-profile-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"nscd-2.26-13.19.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"nscd-debuginfo-2.26-13.19.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1250.NASL description This update for glibc fixes the following issues : Security issue fixed : - CVE-2016-10739: Fixed an improper implementation of getaddrinfo function which could allow applications to incorrectly assume that had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings (bsc#1122729). Other issue fixed : - Fixed an issue where pthread_mutex_trylock did not use a correct order of instructions while maintained the robust mutex list due to missing compiler barriers (bsc#1130045). - Added new Japanese Era name support (bsc#1100396). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 124216 published 2019-04-22 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124216 title openSUSE Security Update : glibc (openSUSE-2019-1250) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-1250. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(124216); script_version("1.2"); script_cvs_date("Date: 2020/01/23"); script_cve_id("CVE-2016-10739"); script_name(english:"openSUSE Security Update : glibc (openSUSE-2019-1250)"); script_summary(english:"Check for the openSUSE-2019-1250 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for glibc fixes the following issues : Security issue fixed : - CVE-2016-10739: Fixed an improper implementation of getaddrinfo function which could allow applications to incorrectly assume that had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings (bsc#1122729). Other issue fixed : - Fixed an issue where pthread_mutex_trylock did not use a correct order of instructions while maintained the robust mutex list due to missing compiler barriers (bsc#1130045). - Added new Japanese Era name support (bsc#1100396). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1100396" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122729" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1130045" ); script_set_attribute( attribute:"solution", value:"Update the affected glibc packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-static-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-extra-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-html"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-i18ndata"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-info"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-base-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-base-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-profile"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-profile-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-src-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nscd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nscd-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/21"); script_set_attribute(attribute:"patch_publication_date", value:"2019/04/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"glibc-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-debugsource-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-devel-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-devel-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-devel-static-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-extra-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-extra-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-html-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-i18ndata-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-info-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-locale-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-locale-base-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-locale-base-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-profile-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-utils-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-utils-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"glibc-utils-src-debugsource-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"nscd-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"nscd-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-32bit-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-32bit-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-devel-32bit-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-devel-32bit-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-devel-static-32bit-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-locale-base-32bit-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-locale-base-32bit-debuginfo-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-profile-32bit-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-utils-32bit-2.26-lp150.11.17.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"glibc-utils-32bit-debuginfo-2.26-lp150.11.17.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-debuginfo / glibc-debugsource / glibc-devel / etc"); }NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2307.NASL description According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.(CVE-2016-10739) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-03 modified 2019-12-03 plugin id 131472 published 2019-12-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131472 title EulerOS 2.0 SP8 : glibc (EulerOS-SA-2019-2307) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(131472); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/01"); script_cve_id( "CVE-2016-10739" ); script_name(english:"EulerOS 2.0 SP8 : glibc (EulerOS-SA-2019-2307)"); script_summary(english:"Checks the rpm output for the updated package."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing a security update."); script_set_attribute(attribute:"description", value: "According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.(CVE-2016-10739) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2307 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e7f2d5c6"); script_set_attribute(attribute:"solution", value: "Update the affected glibc package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/03"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-all-langpacks"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-aa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-af"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-agr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ak"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-am"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-an"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-anp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-as"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ast"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ayc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-az"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-be"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-bem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ber"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-bg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-bhb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-bho"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-bi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-bn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-bo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-br"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-brx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-bs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-byn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ce"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-chr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-cmn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-crh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-csb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-cv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-cy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-da"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-doi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-dsb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-dv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-dz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-en"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-eo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-es"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-et"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-eu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-fa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ff"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-fil"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-fo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-fur"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-fy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ga"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-gez"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-gl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-gu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-gv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ha"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-hak"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-he"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-hi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-hif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-hne"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-hr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-hsb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ht"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-hy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ia"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-id"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ig"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ik"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-is"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-iu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ka"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-kab"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-kk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-kl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-km"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-kn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-kok"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ks"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ku"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-kw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ky"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-lb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-lg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-li"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-lij"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ln"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-lo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-lt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-lv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-lzh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mag"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mai"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mfe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mhr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-miq"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mjw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mni"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ms"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-mt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-my"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-nan"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-nb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-nds"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ne"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-nhn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-niu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-nn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-nr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-nso"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-oc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-om"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-or"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-os"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-pa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-pap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-pt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-quz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-raj"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-rw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sah"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-se"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sgs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-shn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-shs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-si"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sid"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-so"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sq"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-st"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-sw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-szl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ta"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tcy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-te"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-th"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-the"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ti"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tig"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-to"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tpi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ts"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-tt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-unm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ur"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-uz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-ve"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-vi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-wa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-wae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-wal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-wo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-xh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-yi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-yo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-yue"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-yuw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-zh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-langpack-zu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-locale-source"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-minimal-langpack"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glibc-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libnsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:nscd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:nss_db"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:nss_hesiod"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu); flag = 0; pkgs = ["glibc-2.28-9.h23.eulerosv2r8", "glibc-all-langpacks-2.28-9.h23.eulerosv2r8", "glibc-common-2.28-9.h23.eulerosv2r8", "glibc-devel-2.28-9.h23.eulerosv2r8", "glibc-headers-2.28-9.h23.eulerosv2r8", "glibc-langpack-aa-2.28-9.h23.eulerosv2r8", "glibc-langpack-af-2.28-9.h23.eulerosv2r8", "glibc-langpack-agr-2.28-9.h23.eulerosv2r8", "glibc-langpack-ak-2.28-9.h23.eulerosv2r8", "glibc-langpack-am-2.28-9.h23.eulerosv2r8", "glibc-langpack-an-2.28-9.h23.eulerosv2r8", "glibc-langpack-anp-2.28-9.h23.eulerosv2r8", "glibc-langpack-ar-2.28-9.h23.eulerosv2r8", "glibc-langpack-as-2.28-9.h23.eulerosv2r8", "glibc-langpack-ast-2.28-9.h23.eulerosv2r8", "glibc-langpack-ayc-2.28-9.h23.eulerosv2r8", "glibc-langpack-az-2.28-9.h23.eulerosv2r8", "glibc-langpack-be-2.28-9.h23.eulerosv2r8", "glibc-langpack-bem-2.28-9.h23.eulerosv2r8", "glibc-langpack-ber-2.28-9.h23.eulerosv2r8", "glibc-langpack-bg-2.28-9.h23.eulerosv2r8", "glibc-langpack-bhb-2.28-9.h23.eulerosv2r8", "glibc-langpack-bho-2.28-9.h23.eulerosv2r8", "glibc-langpack-bi-2.28-9.h23.eulerosv2r8", "glibc-langpack-bn-2.28-9.h23.eulerosv2r8", "glibc-langpack-bo-2.28-9.h23.eulerosv2r8", "glibc-langpack-br-2.28-9.h23.eulerosv2r8", "glibc-langpack-brx-2.28-9.h23.eulerosv2r8", "glibc-langpack-bs-2.28-9.h23.eulerosv2r8", "glibc-langpack-byn-2.28-9.h23.eulerosv2r8", "glibc-langpack-ca-2.28-9.h23.eulerosv2r8", "glibc-langpack-ce-2.28-9.h23.eulerosv2r8", "glibc-langpack-chr-2.28-9.h23.eulerosv2r8", "glibc-langpack-cmn-2.28-9.h23.eulerosv2r8", "glibc-langpack-crh-2.28-9.h23.eulerosv2r8", "glibc-langpack-cs-2.28-9.h23.eulerosv2r8", "glibc-langpack-csb-2.28-9.h23.eulerosv2r8", "glibc-langpack-cv-2.28-9.h23.eulerosv2r8", "glibc-langpack-cy-2.28-9.h23.eulerosv2r8", "glibc-langpack-da-2.28-9.h23.eulerosv2r8", "glibc-langpack-de-2.28-9.h23.eulerosv2r8", "glibc-langpack-doi-2.28-9.h23.eulerosv2r8", "glibc-langpack-dsb-2.28-9.h23.eulerosv2r8", "glibc-langpack-dv-2.28-9.h23.eulerosv2r8", "glibc-langpack-dz-2.28-9.h23.eulerosv2r8", "glibc-langpack-el-2.28-9.h23.eulerosv2r8", "glibc-langpack-en-2.28-9.h23.eulerosv2r8", "glibc-langpack-eo-2.28-9.h23.eulerosv2r8", "glibc-langpack-es-2.28-9.h23.eulerosv2r8", "glibc-langpack-et-2.28-9.h23.eulerosv2r8", "glibc-langpack-eu-2.28-9.h23.eulerosv2r8", "glibc-langpack-fa-2.28-9.h23.eulerosv2r8", "glibc-langpack-ff-2.28-9.h23.eulerosv2r8", "glibc-langpack-fi-2.28-9.h23.eulerosv2r8", "glibc-langpack-fil-2.28-9.h23.eulerosv2r8", "glibc-langpack-fo-2.28-9.h23.eulerosv2r8", "glibc-langpack-fr-2.28-9.h23.eulerosv2r8", "glibc-langpack-fur-2.28-9.h23.eulerosv2r8", "glibc-langpack-fy-2.28-9.h23.eulerosv2r8", "glibc-langpack-ga-2.28-9.h23.eulerosv2r8", "glibc-langpack-gd-2.28-9.h23.eulerosv2r8", "glibc-langpack-gez-2.28-9.h23.eulerosv2r8", "glibc-langpack-gl-2.28-9.h23.eulerosv2r8", "glibc-langpack-gu-2.28-9.h23.eulerosv2r8", "glibc-langpack-gv-2.28-9.h23.eulerosv2r8", "glibc-langpack-ha-2.28-9.h23.eulerosv2r8", "glibc-langpack-hak-2.28-9.h23.eulerosv2r8", "glibc-langpack-he-2.28-9.h23.eulerosv2r8", "glibc-langpack-hi-2.28-9.h23.eulerosv2r8", "glibc-langpack-hif-2.28-9.h23.eulerosv2r8", "glibc-langpack-hne-2.28-9.h23.eulerosv2r8", "glibc-langpack-hr-2.28-9.h23.eulerosv2r8", "glibc-langpack-hsb-2.28-9.h23.eulerosv2r8", "glibc-langpack-ht-2.28-9.h23.eulerosv2r8", "glibc-langpack-hu-2.28-9.h23.eulerosv2r8", "glibc-langpack-hy-2.28-9.h23.eulerosv2r8", "glibc-langpack-ia-2.28-9.h23.eulerosv2r8", "glibc-langpack-id-2.28-9.h23.eulerosv2r8", "glibc-langpack-ig-2.28-9.h23.eulerosv2r8", "glibc-langpack-ik-2.28-9.h23.eulerosv2r8", "glibc-langpack-is-2.28-9.h23.eulerosv2r8", "glibc-langpack-it-2.28-9.h23.eulerosv2r8", "glibc-langpack-iu-2.28-9.h23.eulerosv2r8", "glibc-langpack-ja-2.28-9.h23.eulerosv2r8", "glibc-langpack-ka-2.28-9.h23.eulerosv2r8", "glibc-langpack-kab-2.28-9.h23.eulerosv2r8", "glibc-langpack-kk-2.28-9.h23.eulerosv2r8", "glibc-langpack-kl-2.28-9.h23.eulerosv2r8", "glibc-langpack-km-2.28-9.h23.eulerosv2r8", "glibc-langpack-kn-2.28-9.h23.eulerosv2r8", "glibc-langpack-ko-2.28-9.h23.eulerosv2r8", "glibc-langpack-kok-2.28-9.h23.eulerosv2r8", "glibc-langpack-ks-2.28-9.h23.eulerosv2r8", "glibc-langpack-ku-2.28-9.h23.eulerosv2r8", "glibc-langpack-kw-2.28-9.h23.eulerosv2r8", "glibc-langpack-ky-2.28-9.h23.eulerosv2r8", "glibc-langpack-lb-2.28-9.h23.eulerosv2r8", "glibc-langpack-lg-2.28-9.h23.eulerosv2r8", "glibc-langpack-li-2.28-9.h23.eulerosv2r8", "glibc-langpack-lij-2.28-9.h23.eulerosv2r8", "glibc-langpack-ln-2.28-9.h23.eulerosv2r8", "glibc-langpack-lo-2.28-9.h23.eulerosv2r8", "glibc-langpack-lt-2.28-9.h23.eulerosv2r8", "glibc-langpack-lv-2.28-9.h23.eulerosv2r8", "glibc-langpack-lzh-2.28-9.h23.eulerosv2r8", "glibc-langpack-mag-2.28-9.h23.eulerosv2r8", "glibc-langpack-mai-2.28-9.h23.eulerosv2r8", "glibc-langpack-mfe-2.28-9.h23.eulerosv2r8", "glibc-langpack-mg-2.28-9.h23.eulerosv2r8", "glibc-langpack-mhr-2.28-9.h23.eulerosv2r8", "glibc-langpack-mi-2.28-9.h23.eulerosv2r8", "glibc-langpack-miq-2.28-9.h23.eulerosv2r8", "glibc-langpack-mjw-2.28-9.h23.eulerosv2r8", "glibc-langpack-mk-2.28-9.h23.eulerosv2r8", "glibc-langpack-ml-2.28-9.h23.eulerosv2r8", "glibc-langpack-mn-2.28-9.h23.eulerosv2r8", "glibc-langpack-mni-2.28-9.h23.eulerosv2r8", "glibc-langpack-mr-2.28-9.h23.eulerosv2r8", "glibc-langpack-ms-2.28-9.h23.eulerosv2r8", "glibc-langpack-mt-2.28-9.h23.eulerosv2r8", "glibc-langpack-my-2.28-9.h23.eulerosv2r8", "glibc-langpack-nan-2.28-9.h23.eulerosv2r8", "glibc-langpack-nb-2.28-9.h23.eulerosv2r8", "glibc-langpack-nds-2.28-9.h23.eulerosv2r8", "glibc-langpack-ne-2.28-9.h23.eulerosv2r8", "glibc-langpack-nhn-2.28-9.h23.eulerosv2r8", "glibc-langpack-niu-2.28-9.h23.eulerosv2r8", "glibc-langpack-nl-2.28-9.h23.eulerosv2r8", "glibc-langpack-nn-2.28-9.h23.eulerosv2r8", "glibc-langpack-nr-2.28-9.h23.eulerosv2r8", "glibc-langpack-nso-2.28-9.h23.eulerosv2r8", "glibc-langpack-oc-2.28-9.h23.eulerosv2r8", "glibc-langpack-om-2.28-9.h23.eulerosv2r8", "glibc-langpack-or-2.28-9.h23.eulerosv2r8", "glibc-langpack-os-2.28-9.h23.eulerosv2r8", "glibc-langpack-pa-2.28-9.h23.eulerosv2r8", "glibc-langpack-pap-2.28-9.h23.eulerosv2r8", "glibc-langpack-pl-2.28-9.h23.eulerosv2r8", "glibc-langpack-ps-2.28-9.h23.eulerosv2r8", "glibc-langpack-pt-2.28-9.h23.eulerosv2r8", "glibc-langpack-quz-2.28-9.h23.eulerosv2r8", "glibc-langpack-raj-2.28-9.h23.eulerosv2r8", "glibc-langpack-ro-2.28-9.h23.eulerosv2r8", "glibc-langpack-ru-2.28-9.h23.eulerosv2r8", "glibc-langpack-rw-2.28-9.h23.eulerosv2r8", "glibc-langpack-sa-2.28-9.h23.eulerosv2r8", "glibc-langpack-sah-2.28-9.h23.eulerosv2r8", "glibc-langpack-sat-2.28-9.h23.eulerosv2r8", "glibc-langpack-sc-2.28-9.h23.eulerosv2r8", "glibc-langpack-sd-2.28-9.h23.eulerosv2r8", "glibc-langpack-se-2.28-9.h23.eulerosv2r8", "glibc-langpack-sgs-2.28-9.h23.eulerosv2r8", "glibc-langpack-shn-2.28-9.h23.eulerosv2r8", "glibc-langpack-shs-2.28-9.h23.eulerosv2r8", "glibc-langpack-si-2.28-9.h23.eulerosv2r8", "glibc-langpack-sid-2.28-9.h23.eulerosv2r8", "glibc-langpack-sk-2.28-9.h23.eulerosv2r8", "glibc-langpack-sl-2.28-9.h23.eulerosv2r8", "glibc-langpack-sm-2.28-9.h23.eulerosv2r8", "glibc-langpack-so-2.28-9.h23.eulerosv2r8", "glibc-langpack-sq-2.28-9.h23.eulerosv2r8", "glibc-langpack-sr-2.28-9.h23.eulerosv2r8", "glibc-langpack-ss-2.28-9.h23.eulerosv2r8", "glibc-langpack-st-2.28-9.h23.eulerosv2r8", "glibc-langpack-sv-2.28-9.h23.eulerosv2r8", "glibc-langpack-sw-2.28-9.h23.eulerosv2r8", "glibc-langpack-szl-2.28-9.h23.eulerosv2r8", "glibc-langpack-ta-2.28-9.h23.eulerosv2r8", "glibc-langpack-tcy-2.28-9.h23.eulerosv2r8", "glibc-langpack-te-2.28-9.h23.eulerosv2r8", "glibc-langpack-tg-2.28-9.h23.eulerosv2r8", "glibc-langpack-th-2.28-9.h23.eulerosv2r8", "glibc-langpack-the-2.28-9.h23.eulerosv2r8", "glibc-langpack-ti-2.28-9.h23.eulerosv2r8", "glibc-langpack-tig-2.28-9.h23.eulerosv2r8", "glibc-langpack-tk-2.28-9.h23.eulerosv2r8", "glibc-langpack-tl-2.28-9.h23.eulerosv2r8", "glibc-langpack-tn-2.28-9.h23.eulerosv2r8", "glibc-langpack-to-2.28-9.h23.eulerosv2r8", "glibc-langpack-tpi-2.28-9.h23.eulerosv2r8", "glibc-langpack-tr-2.28-9.h23.eulerosv2r8", "glibc-langpack-ts-2.28-9.h23.eulerosv2r8", "glibc-langpack-tt-2.28-9.h23.eulerosv2r8", "glibc-langpack-ug-2.28-9.h23.eulerosv2r8", "glibc-langpack-uk-2.28-9.h23.eulerosv2r8", "glibc-langpack-unm-2.28-9.h23.eulerosv2r8", "glibc-langpack-ur-2.28-9.h23.eulerosv2r8", "glibc-langpack-uz-2.28-9.h23.eulerosv2r8", "glibc-langpack-ve-2.28-9.h23.eulerosv2r8", "glibc-langpack-vi-2.28-9.h23.eulerosv2r8", "glibc-langpack-wa-2.28-9.h23.eulerosv2r8", "glibc-langpack-wae-2.28-9.h23.eulerosv2r8", "glibc-langpack-wal-2.28-9.h23.eulerosv2r8", "glibc-langpack-wo-2.28-9.h23.eulerosv2r8", "glibc-langpack-xh-2.28-9.h23.eulerosv2r8", "glibc-langpack-yi-2.28-9.h23.eulerosv2r8", "glibc-langpack-yo-2.28-9.h23.eulerosv2r8", "glibc-langpack-yue-2.28-9.h23.eulerosv2r8", "glibc-langpack-yuw-2.28-9.h23.eulerosv2r8", "glibc-langpack-zh-2.28-9.h23.eulerosv2r8", "glibc-langpack-zu-2.28-9.h23.eulerosv2r8", "glibc-locale-source-2.28-9.h23.eulerosv2r8", "glibc-minimal-langpack-2.28-9.h23.eulerosv2r8", "glibc-static-2.28-9.h23.eulerosv2r8", "glibc-utils-2.28-9.h23.eulerosv2r8", "libnsl-2.28-9.h23.eulerosv2r8", "nscd-2.28-9.h23.eulerosv2r8", "nss_db-2.28-9.h23.eulerosv2r8", "nss_hesiod-2.28-9.h23.eulerosv2r8"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc"); }NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0194_GLIBC.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has glibc packages installed that are affected by a vulnerability: - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings. (CVE-2016-10739) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 129895 published 2019-10-15 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129895 title NewStart CGSL CORE 5.04 / MAIN 5.04 : glibc Vulnerability (NS-SA-2019-0194) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1041.NASL description According to the versions of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.(CVE-2016-10739) - On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.(CVE-2019-19126) - The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.(CVE-2019-6488) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 132795 published 2020-01-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132795 title EulerOS Virtualization for ARM 64 3.0.5.0 : glibc (EulerOS-SA-2020-1041) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-3513.NASL description An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 130546 published 2019-11-06 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130546 title RHEL 8 : glibc (RHSA-2019:3513) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-1_0-0293_GLIBC.NASL description An update of the glibc package has been released. last seen 2020-05-18 modified 2020-05-13 plugin id 136549 published 2020-05-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136549 title Photon OS 1.0: Glibc PHSA-2020-1.0-0293 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-2118.NASL description An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 127675 published 2019-08-12 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127675 title RHEL 7 : glibc (RHSA-2019:2118) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2019-1320.NASL description In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings. (CVE-2016-10739) last seen 2020-06-01 modified 2020-06-02 plugin id 131240 published 2019-11-25 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131240 title Amazon Linux AMI : glibc (ALAS-2019-1320) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2476.NASL description According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.(CVE-2017-12133) - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.(CVE-2016-10739) - An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.(CVE-2018-11237) - res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).(CVE-2015-5180) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-12-04 plugin id 131629 published 2019-12-04 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131629 title EulerOS 2.0 SP2 : glibc (EulerOS-SA-2019-2476) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2019-2118.NASL description An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 128355 published 2019-08-30 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128355 title CentOS 7 : glibc (CESA-2019:2118) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2155.NASL description According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.(CVE-2016-10739) - Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.(CVE-2017-12133) - Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.(CVE-2016-1234) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-11-12 plugin id 130864 published 2019-11-12 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130864 title EulerOS 2.0 SP5 : glibc (EulerOS-SA-2019-2155) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1478.NASL description According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.(CVE-2016-10739) - Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.(CVE-2016-1234) - Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.(CVE-2017-12133) - In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by last seen 2020-04-30 modified 2020-04-16 plugin id 135640 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135640 title EulerOS Virtualization 3.0.2.2 : glibc (EulerOS-SA-2020-1478) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-1102-1.NASL description This update for glibc fixes the following issues : Security issues fixed : CVE-2019-9169: regex: fix read overrun (bsc#1127308, BZ #24114) CVE-2016-10739: Fully parse IPv4 address strings (bsc#1122729, BZ #20018) CVE-2009-5155: ERE last seen 2020-06-01 modified 2020-06-02 plugin id 124451 published 2019-05-01 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124451 title SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2019:1102-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1229.NASL description According to the versions of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.(CVE-2016-10739) - On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.(CVE-2019-19126) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2020-03-13 plugin id 134518 published 2020-03-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134518 title EulerOS Virtualization for ARM 64 3.0.2.0 : glibc (EulerOS-SA-2020-1229) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1532.NASL description According to the versions of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow.(CVE-2016-4009) - An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)(CVE-2014-3589) - Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.(CVE-2014-3007) - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.(CVE-2014-1933) - Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.(CVE-2014-1932) - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.(CVE-2019-16865) - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.(CVE-2020-5313) - libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.(CVE-2020-5312) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2020-05-01 plugin id 136235 published 2020-05-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136235 title EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2020-1532) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0237_GLIBC.NASL description The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has glibc packages installed that are affected by a vulnerability: - In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings. (CVE-2016-10739) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 132501 published 2019-12-31 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132501 title NewStart CGSL CORE 5.05 / MAIN 5.05 : glibc Vulnerability (NS-SA-2019-0237) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1388.NASL description According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by last seen 2020-05-06 modified 2020-04-15 plugin id 135517 published 2020-04-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135517 title EulerOS 2.0 SP3 : glibc (EulerOS-SA-2020-1388) NASL family Scientific Linux Local Security Checks NASL id SL_20190806_GLIBC_ON_SL7_X.NASL description Security Fix(es) : - glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) last seen 2020-03-18 modified 2019-08-27 plugin id 128220 published 2019-08-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128220 title Scientific Linux Security Update : glibc on SL7.x x86_64 (20190806) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-2_0-0242_GLIBC.NASL description An update of the glibc package has been released. last seen 2020-05-18 modified 2020-05-13 plugin id 136569 published 2020-05-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136569 title Photon OS 2.0: Glibc PHSA-2020-2.0-0242
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- https://sourceware.org/bugzilla/show_bug.cgi?id=20018
- https://bugzilla.redhat.com/show_bug.cgi?id=1347549
- http://www.securityfocus.com/bid/106672
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
- https://access.redhat.com/errata/RHSA-2019:2118
- https://access.redhat.com/errata/RHSA-2019:3513