Oval Definition:oval:com.redhat.rhsa:def:20152237
Revision Date:2015-11-19Version:639
Title:RHSA-2015:2237: rest security update (Low)
Description:The rest library was designed to make it easier to access web services that claim to be RESTful. A RESTful service should have URLs that represent remote objects, which methods can then be called on.

  • It was found that the OAuth implementation in librest, a helper library for RESTful services, incorrectly truncated the pointer returned by the rest_proxy_call_get_url call. An attacker could use this flaw to crash an application using the librest library. (CVE-2015-2675)

    All users of rest are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, all applications using librest must be restarted for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2015-2675
    RHSA-2015:2237
    RHSA-2015:2237-00
    RHSA-2015:2237-03
    Platform(s):Red Hat Enterprise Linux 7
    Red Hat Enterprise Linux 7 (please do not use for >= RHEL-7.5)
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • rest is earlier than 0:0.7.92-3.el7
  • AND rest is signed with Red Hat redhatrelease2 key
  • rest-devel is earlier than 0:0.7.92-3.el7
  • AND rest-devel is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 7 Client is installed
  • OR Red Hat Enterprise Linux 7 Server is installed
  • OR Red Hat Enterprise Linux 7 Workstation is installed
  • OR Red Hat Enterprise Linux 7 ComputeNode is installed
  • AND Package Information
  • rest-devel is earlier than 0:0.7.92-3.el7
  • AND rest-devel is signed with Red Hat redhatrelease2 key
  • OR
  • rest is earlier than 0:0.7.92-3.el7
  • AND rest is signed with Red Hat redhatrelease2 key
    • BACK