libreport (SL6)

By Scientific Linux Team on November 24, 2015

Synopsis: Moderate: libreport security update
Advisory ID: SLSA-2015:2504-1
Issue Date: 2015-11-23
CVE Numbers: CVE-2015-5302

It was found that ABRT may have exposed unintended information to Red Hat
Bugzilla during crash reporting. A bug in the libreport library caused
changes made by a user in files included in a crash report to be
discarded. As a result, Bugzilla attachments may contain data that
was not intended to be made public, including host names, IP addresses, or
command line options. (CVE-2015-5302)

This flaw did not affect default installations of ABRT on Scientific Linux
as they do not post data to Red Hat Bugzilla.

SL6
x86_64
libreport-2.0.9-25.el6_7.i686.rpm
libreport-2.0.9-25.el6_7.x86_64.rpm
libreport-cli-2.0.9-25.el6_7.x86_64.rpm
libreport-compat-2.0.9-25.el6_7.x86_64.rpm
libreport-debuginfo-2.0.9-25.el6_7.i686.rpm
libreport-debuginfo-2.0.9-25.el6_7.x86_64.rpm
libreport-filesystem-2.0.9-25.el6_7.x86_64.rpm
libreport-gtk-2.0.9-25.el6_7.i686.rpm
libreport-gtk-2.0.9-25.el6_7.x86_64.rpm
libreport-newt-2.0.9-25.el6_7.x86_64.rpm
libreport-plugin-kerneloops-2.0.9-25.el6_7.x86_64.rpm
libreport-plugin-logger-2.0.9-25.el6_7.x86_64.rpm
libreport-plugin-mailx-2.0.9-25.el6_7.x86_64.rpm
libreport-plugin-reportuploader-2.0.9-25.el6_7.x86_64.rpm
libreport-plugin-rhtsupport-2.0.9-25.el6_7.x86_64.rpm
libreport-plugin-ureport-2.0.9-25.el6_7.x86_64.rpm
libreport-python-2.0.9-25.el6_7.x86_64.rpm
libreport-devel-2.0.9-25.el6_7.i686.rpm
libreport-devel-2.0.9-25.el6_7.x86_64.rpm
libreport-gtk-devel-2.0.9-25.el6_7.i686.rpm
libreport-gtk-devel-2.0.9-25.el6_7.x86_64.rpm
libreport-plugin-bugzilla-2.0.9-25.el6_7.x86_64.rpm
i386
libreport-2.0.9-25.el6_7.i686.rpm
libreport-cli-2.0.9-25.el6_7.i686.rpm
libreport-compat-2.0.9-25.el6_7.i686.rpm
libreport-debuginfo-2.0.9-25.el6_7.i686.rpm
libreport-filesystem-2.0.9-25.el6_7.i686.rpm
libreport-gtk-2.0.9-25.el6_7.i686.rpm
libreport-newt-2.0.9-25.el6_7.i686.rpm
libreport-plugin-kerneloops-2.0.9-25.el6_7.i686.rpm
libreport-plugin-logger-2.0.9-25.el6_7.i686.rpm
libreport-plugin-mailx-2.0.9-25.el6_7.i686.rpm
libreport-plugin-reportuploader-2.0.9-25.el6_7.i686.rpm
libreport-plugin-rhtsupport-2.0.9-25.el6_7.i686.rpm
libreport-plugin-ureport-2.0.9-25.el6_7.i686.rpm
libreport-python-2.0.9-25.el6_7.i686.rpm
libreport-devel-2.0.9-25.el6_7.i686.rpm
libreport-gtk-devel-2.0.9-25.el6_7.i686.rpm
libreport-plugin-bugzilla-2.0.9-25.el6_7.i686.rpm

– Scientific Linux Development Team