Synopsis: Moderate: subscription-manager security, bug fix, and enhancement update
Advisory ID: SLSA-2017:0698-1
Issue Date: 2017-03-21
CVE Numbers: CVE-2016-4455
—
Security Fix(es):
* It was found that subscription-manager set weak permissions on files in
/var/lib/rhsm/, causing an information disclosure. A local, unprivileged
user could use this flaw to access sensitive data that could potentially
be used in a social engineering attack. (CVE-2016-4455)
—
SL6
x86_64
python-rhsm-1.18.6-1.el6.x86_64.rpm
python-rhsm-certificates-1.18.6-1.el6.x86_64.rpm
python-rhsm-debuginfo-1.18.6-1.el6.x86_64.rpm
subscription-manager-1.18.10-1.el6.x86_64.rpm
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-firstboot-1.18.10-1.el6.x86_64.rpm
subscription-manager-gui-1.18.10-1.el6.x86_64.rpm
subscription-manager-migration-1.18.10-1.el6.x86_64.rpm
subscription-manager-plugin-container-1.18.10-1.el6.x86_64.rpm
i386
python-rhsm-1.18.6-1.el6.i686.rpm
python-rhsm-certificates-1.18.6-1.el6.i686.rpm
python-rhsm-debuginfo-1.18.6-1.el6.i686.rpm
subscription-manager-1.18.10-1.el6.i686.rpm
subscription-manager-debuginfo-1.18.10-1.el6.i686.rpm
subscription-manager-firstboot-1.18.10-1.el6.i686.rpm
subscription-manager-gui-1.18.10-1.el6.i686.rpm
subscription-manager-migration-1.18.10-1.el6.i686.rpm
subscription-manager-plugin-container-1.18.10-1.el6.i686.rpm
noarch
subscription-manager-migration-data-2.0.34-1.el6.noarch.rpm
– Scientific Linux Development Team
