Oval Definition:oval:com.redhat.rhsa:def:20193387
Revision Date:2019-11-05Version:638
Title:RHSA-2019:3387: osinfo-db and libosinfo security and bug fix update (Low)
Description:The osinfo-db package contains a database that provides information about operating systems and hypervisor platforms to facilitate the automated configuration and provisioning of new virtual machines.

The libosinfo packages provide a library that allows virtualization provisioning tools to determine the optimal device settings for a combination of hypervisor and operating system.

Security Fix(es):

  • Libosinfo: osinfo-install-script option leaks password via command line argument (CVE-2019-13313)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2019-13313
    RHSA-2019:3387
    Platform(s):Red Hat Enterprise Linux 8
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • osinfo-db-tools is earlier than 0:1.5.0-4.el8
  • AND osinfo-db-tools is signed with Red Hat redhatrelease2 key
  • osinfo-db is earlier than 0:20190611-1.el8
  • AND osinfo-db is signed with Red Hat redhatrelease2 key
  • libosinfo is earlier than 0:1.5.0-3.el8
  • AND libosinfo is signed with Red Hat redhatrelease2 key
  • gnome-boxes is earlier than 0:3.28.5-7.el8
  • AND gnome-boxes is signed with Red Hat redhatrelease2 key
    • BACK