Synopsis: Moderate: subscription-manager security, bug fix, and enhancement update
Advisory ID: SLSA-2016:2592-2
Issue Date: 2016-11-03
CVE Numbers: CVE-2016-4455
—
* It was found that subscription-manager set weak permissions on files in
/var/lib/rhsm/, causing an information disclosure. A local, unprivileged
user could use this flaw to access sensitive data that could potentially
be used in a social engineering attack. (CVE-2016-4455)
—
SL7
x86_64
python-rhsm-1.17.9-1.el7.x86_64.rpm
python-rhsm-certificates-1.17.9-1.el7.x86_64.rpm
python-rhsm-debuginfo-1.17.9-1.el7.x86_64.rpm
subscription-manager-1.17.15-1.el7.x86_64.rpm
subscription-manager-debuginfo-1.17.15-1.el7.x86_64.rpm
subscription-manager-gui-1.17.15-1.el7.x86_64.rpm
subscription-manager-initial-setup-addon-1.17.15-1.el7.x86_64.rpm
subscription-manager-migration-1.17.15-1.el7.x86_64.rpm
subscription-manager-plugin-container-1.17.15-1.el7.x86_64.rpm
subscription-manager-plugin-ostree-1.17.15-1.el7.x86_64.rpm
noarch
subscription-manager-migration-data-2.0.31-1.el7.noarch.rpm
– Scientific Linux Development Team
