Oval Definition:oval:com.redhat.rhsa:def:20152505
Revision Date:2015-11-23Version:645
Title:RHSA-2015:2505: abrt and libreport security update (Moderate)
Description:ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac.

  • It was found that the ABRT debug information installer (abrt-action-install-debuginfo-to-abrt-cache) did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user. (CVE-2015-5273)

  • It was discovered that the kernel-invoked coredump processor provided by ABRT did not handle symbolic links correctly when writing core dumps of ABRT programs to the ABRT dump directory (/var/spool/abrt). A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. (CVE-2015-5287)

  • It was found that ABRT may have exposed unintended information to Red Hat Bugzilla during crash reporting. A bug in the libreport library caused changes made by a user in files included in a crash report to be discarded. As a result, Red Hat Bugzilla attachments may contain data that was not intended to be made public, including host names, IP addresses, or command line options. (CVE-2015-5302)

    This flaw did not affect default installations of ABRT on Red Hat Enterprise Linux as they do not post data to Red Hat Bugzilla. This feature can however be enabled, potentially impacting modified ABRT instances.

    As a precaution, Red Hat has identified bugs filed by such non-default Red Hat Enterprise Linux users of ABRT and marked them private.

    Red Hat would like to thank Philip Pettersson of Samsung for reporting the CVE-2015-5273 and CVE-2015-5287 issues. The CVE-2015-5302 issue was discovered by Bastien Nocera of Red Hat.

    All users of abrt and libreport are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2015-5273
    CVE-2015-5287
    CVE-2015-5302
    RHSA-2015:2505
    RHSA-2015:2505-00
    RHSA-2015:2505-01
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • abrt is earlier than 0:2.1.11-35.el7
  • AND abrt is signed with Red Hat redhatrelease2 key
  • abrt-addon-ccpp is earlier than 0:2.1.11-35.el7
  • AND abrt-addon-ccpp is signed with Red Hat redhatrelease2 key
  • abrt-addon-kerneloops is earlier than 0:2.1.11-35.el7
  • AND abrt-addon-kerneloops is signed with Red Hat redhatrelease2 key
  • abrt-addon-pstoreoops is earlier than 0:2.1.11-35.el7
  • AND abrt-addon-pstoreoops is signed with Red Hat redhatrelease2 key
  • abrt-addon-python is earlier than 0:2.1.11-35.el7
  • AND abrt-addon-python is signed with Red Hat redhatrelease2 key
  • abrt-addon-upload-watch is earlier than 0:2.1.11-35.el7
  • AND abrt-addon-upload-watch is signed with Red Hat redhatrelease2 key
  • abrt-addon-vmcore is earlier than 0:2.1.11-35.el7
  • AND abrt-addon-vmcore is signed with Red Hat redhatrelease2 key
  • abrt-addon-xorg is earlier than 0:2.1.11-35.el7
  • AND abrt-addon-xorg is signed with Red Hat redhatrelease2 key
  • abrt-cli is earlier than 0:2.1.11-35.el7
  • AND abrt-cli is signed with Red Hat redhatrelease2 key
  • abrt-console-notification is earlier than 0:2.1.11-35.el7
  • AND abrt-console-notification is signed with Red Hat redhatrelease2 key
  • abrt-dbus is earlier than 0:2.1.11-35.el7
  • AND abrt-dbus is signed with Red Hat redhatrelease2 key
  • abrt-desktop is earlier than 0:2.1.11-35.el7
  • AND abrt-desktop is signed with Red Hat redhatrelease2 key
  • abrt-devel is earlier than 0:2.1.11-35.el7
  • AND abrt-devel is signed with Red Hat redhatrelease2 key
  • abrt-gui is earlier than 0:2.1.11-35.el7
  • AND abrt-gui is signed with Red Hat redhatrelease2 key
  • abrt-gui-devel is earlier than 0:2.1.11-35.el7
  • AND abrt-gui-devel is signed with Red Hat redhatrelease2 key
  • abrt-gui-libs is earlier than 0:2.1.11-35.el7
  • AND abrt-gui-libs is signed with Red Hat redhatrelease2 key
  • abrt-libs is earlier than 0:2.1.11-35.el7
  • AND abrt-libs is signed with Red Hat redhatrelease2 key
  • abrt-python is earlier than 0:2.1.11-35.el7
  • AND abrt-python is signed with Red Hat redhatrelease2 key
  • abrt-python-doc is earlier than 0:2.1.11-35.el7
  • AND abrt-python-doc is signed with Red Hat redhatrelease2 key
  • abrt-retrace-client is earlier than 0:2.1.11-35.el7
  • AND abrt-retrace-client is signed with Red Hat redhatrelease2 key
  • abrt-tui is earlier than 0:2.1.11-35.el7
  • AND abrt-tui is signed with Red Hat redhatrelease2 key
  • libreport is earlier than 0:2.1.11-31.el7
  • AND libreport is signed with Red Hat redhatrelease2 key
  • libreport-anaconda is earlier than 0:2.1.11-31.el7
  • AND libreport-anaconda is signed with Red Hat redhatrelease2 key
  • libreport-cli is earlier than 0:2.1.11-31.el7
  • AND libreport-cli is signed with Red Hat redhatrelease2 key
  • libreport-compat is earlier than 0:2.1.11-31.el7
  • AND libreport-compat is signed with Red Hat redhatrelease2 key
  • libreport-devel is earlier than 0:2.1.11-31.el7
  • AND libreport-devel is signed with Red Hat redhatrelease2 key
  • libreport-filesystem is earlier than 0:2.1.11-31.el7
  • AND libreport-filesystem is signed with Red Hat redhatrelease2 key
  • libreport-gtk is earlier than 0:2.1.11-31.el7
  • AND libreport-gtk is signed with Red Hat redhatrelease2 key
  • libreport-gtk-devel is earlier than 0:2.1.11-31.el7
  • AND libreport-gtk-devel is signed with Red Hat redhatrelease2 key
  • libreport-newt is earlier than 0:2.1.11-31.el7
  • AND libreport-newt is signed with Red Hat redhatrelease2 key
  • libreport-plugin-bugzilla is earlier than 0:2.1.11-31.el7
  • AND libreport-plugin-bugzilla is signed with Red Hat redhatrelease2 key
  • libreport-plugin-kerneloops is earlier than 0:2.1.11-31.el7
  • AND libreport-plugin-kerneloops is signed with Red Hat redhatrelease2 key
  • libreport-plugin-logger is earlier than 0:2.1.11-31.el7
  • AND libreport-plugin-logger is signed with Red Hat redhatrelease2 key
  • libreport-plugin-mailx is earlier than 0:2.1.11-31.el7
  • AND libreport-plugin-mailx is signed with Red Hat redhatrelease2 key
  • libreport-plugin-reportuploader is earlier than 0:2.1.11-31.el7
  • AND libreport-plugin-reportuploader is signed with Red Hat redhatrelease2 key
  • libreport-plugin-rhtsupport is earlier than 0:2.1.11-31.el7
  • AND libreport-plugin-rhtsupport is signed with Red Hat redhatrelease2 key
  • libreport-plugin-ureport is earlier than 0:2.1.11-31.el7
  • AND libreport-plugin-ureport is signed with Red Hat redhatrelease2 key
  • libreport-python is earlier than 0:2.1.11-31.el7
  • AND libreport-python is signed with Red Hat redhatrelease2 key
  • libreport-rhel is earlier than 0:2.1.11-31.el7
  • AND libreport-rhel is signed with Red Hat redhatrelease2 key
  • libreport-rhel-anaconda-bugzilla is earlier than 0:2.1.11-31.el7
  • AND libreport-rhel-anaconda-bugzilla is signed with Red Hat redhatrelease2 key
  • libreport-rhel-bugzilla is earlier than 0:2.1.11-31.el7
  • AND libreport-rhel-bugzilla is signed with Red Hat redhatrelease2 key
  • libreport-web is earlier than 0:2.1.11-31.el7
  • AND libreport-web is signed with Red Hat redhatrelease2 key
  • libreport-web-devel is earlier than 0:2.1.11-31.el7
  • AND libreport-web-devel is signed with Red Hat redhatrelease2 key
    • BACK