Security patch release notes
Review the release notes for security patches for Cloud Pak for Data System.
Security patches are tied to the version of Red Hat Linux that is installed on Cloud Pak for Data System. The patches for a specific Red Hat release are cumulative. For example, if your system is on 7.9, you only need to install the latest patch that applies to 7.9, there is no need to install all of them one by one.
Verify which patch can be installed on your system. Do not apply the patch if the Red Hat Linux version on your system does not match.
For installation, see Applying security patches. Downtime is required when installing the security patch.
7.9.23.06.SP22
The expected release date of 7.9.23.06.SP22 security patch is 23 June 2023.
The7.9.23.06.SP22 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
The list of Red Hat CVEs which are expected to be patched in this
release:
CVE-2023-21930 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21937 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21938 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21939 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21954 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21967 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21968 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21930 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21937 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21938 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21939 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21954 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21967 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2023-21968 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.x86_64
CVE-2022-43750 Moderate/Sec. kernel-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-devel-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-headers-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-tools-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. kernel-tools-libs-3.10.0-1160.90.1.el7.x86_64
CVE-2023-1999 Important/Sec. libwebp-0.3.0-11.el7.x86_64
CVE-2022-43750 Moderate/Sec. perf-3.10.0-1160.90.1.el7.x86_64
CVE-2022-43750 Moderate/Sec. python-perf-3.10.0-1160.90.1.el7.x86_64
CVE-2022-25147 Important/Sec. apr-util-1.5.2-6.el7_9.1.x86_64
CVE-2022-25147 Important/Sec. apr-util-openssl-1.5.2-6.el7_9.1.x86_64
CVE-2023-25652 Important/Sec. git-1.8.3.1-25.el7_9.x86_64
CVE-2023-29007 Important/Sec. git-1.8.3.1-25.el7_9.x86_64
CVE-2023-25652 Important/Sec. perl-Git-1.8.3.1-25.el7_9.noarch
CVE-2023-29007 Important/Sec. perl-Git-1.8.3.1-25.el7_9.noarch7.9.23.04.SP21
The release date of 7.9.23.04.SP21 security patch is 12 May 2023. The estimated run time is around 60 minutes.
The 7.9.23.04.SP21 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Note: If after applying the security patch 7.9.23.04.SP21 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
- Run the following commands in order.
-
apupgrade --upgrade-apupgrade --upgrade-directory /localrepo --use-version 7.9.23.04.SP21_release --bundle system -
apupgrade --upgrade-details --upgrade-directory /localrepo --use-version 7.9.23.04.SP21_release --bundle system -
apupgrade --preliminary-check --upgrade-directory /localrepo --use-version 7.9.23.04.SP21_release --bundle system
-
- Run the following command to start the
upgrade.
apupgrade --upgrade-directory /localrepo --use-version 7.9.23.04.SP21_release --bundle system --upgrade
The list of Red Hat CVEs which are patched in this
release:
CVE-2022-23521 Important/Sec. git-1.8.3.1-24.el7_9.x86_64
CVE-2022-41903 Important/Sec. git-1.8.3.1-24.el7_9.x86_64
CVE-2023-25690 Important/Sec. httpd-2.4.6-98.el7_9.7.x86_64
CVE-2023-25690 Important/Sec. httpd-tools-2.4.6-98.el7_9.7.x86_64
CVE-2022-4378 Important/Sec. kernel-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-devel-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-devel-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-headers-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-headers-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-tools-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-tools-3.10.0-1160.88.1.el7.x86_64
CVE-2022-4378 Important/Sec. kernel-tools-libs-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. kernel-tools-libs-3.10.0-1160.88.1.el7.x86_64
CVE-2022-38023 Important/Sec. libsmbclient-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. libwbclient-4.10.16-24.el7_9.x86_64
CVE-2023-25690 Important/Sec. mod_session-2.4.6-98.el7_9.7.x86_64
CVE-2023-0767 Important/Sec. nss-3.79.0-5.el7_9.x86_64
CVE-2023-0767 Important/Sec. nss-sysinit-3.79.0-5.el7_9.x86_64
CVE-2023-0767 Important/Sec. nss-tools-3.79.0-5.el7_9.x86_64
CVE-2023-0286 Important/Sec. openssl-1:1.0.2k-26.el7_9.x86_64
CVE-2023-0286 Important/Sec. openssl-devel-1:1.0.2k-26.el7_9.x86_64
CVE-2023-0286 Important/Sec. openssl-libs-1:1.0.2k-26.el7_9.x86_64
CVE-2022-4378 Important/Sec. perf-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. perf-3.10.0-1160.88.1.el7.x86_64
CVE-2022-23521 Important/Sec. perl-Git-1.8.3.1-24.el7_9.noarch
CVE-2022-41903 Important/Sec. perl-Git-1.8.3.1-24.el7_9.noarch
CVE-2022-4378 Important/Sec. python-perf-3.10.0-1160.88.1.el7.x86_64
CVE-2022-42703 Important/Sec. python-perf-3.10.0-1160.88.1.el7.x86_64
CVE-2022-38023 Important/Sec. samba-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-client-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-client-libs-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-common-4.10.16-24.el7_9.noarch
CVE-2022-38023 Important/Sec. samba-common-libs-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-common-tools-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-libs-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-python-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-winbind-4.10.16-24.el7_9.x86_64
CVE-2022-38023 Important/Sec. samba-winbind-modules-4.10.16-24.el7_9.x86_64
CVE-2022-37434 Moderate/Sec. zlib-1.2.7-21.el7_9.x86_64
CVE-2022-37434 Moderate/Sec. zlib-devel-1.2.7-21.el7_9.x86_647.9.23.02.SP20
The release date of 7.9.23.02.SP20 security patch is 24 March 2023. The estimated run time is around 60 minutes. This security patch includes the list of CVEs for January and February 2023.
The 7.9.23.02.SP20 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x and 1.0.8.x.
Note: If after applying the security patch 7.9.23.02.SP20 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
- Run the following commands in order.
-
apupgrade --upgrade-apupgrade --upgrade-directory /localrepo --use-version 7.9.23.02.SP20_release --bundle system -
apupgrade --upgrade-details --upgrade-directory /localrepo --use-version 7.9.23.02.SP20_release --bundle system -
apupgrade --preliminary-check --upgrade-directory /localrepo --use-version 7.9.23.02.SP20_release --bundle system
-
- Run the following command to start the
upgrade.
apupgrade --upgrade-directory /localrepo --use-version 7.9.23.02.SP20_release --bundle system --upgrade
The list of Red Hat CVEs patched in this
release:
CVE-2022-42920 Important/Sec. bcel-5.2-19.el7_9.noarch
CVE-2021-25220 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.13.noarch
CVE-2022-2795 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.13.noarch
CVE-2021-25220 Moderate/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2021-25220 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-2795 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.13.x86_64
CVE-2022-28733 Important/Sec. grub2-1:2.02-0.87.el7_9.11.x86_64
CVE-2022-28733 Important/Sec. grub2-common-1:2.02-0.87.el7_9.11.noarch
CVE-2022-28733 Important/Sec. grub2-pc-1:2.02-0.87.el7_9.11.x86_64
CVE-2022-28733 Important/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.11.noarch
CVE-2022-28733 Important/Sec. grub2-tools-1:2.02-0.87.el7_9.11.x86_64
CVE-2022-28733 Important/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.11.x86_64
CVE-2022-28733 Important/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.11.x86_64
CVE-2023-21830 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.362.b08-1.el7_9.x86_64
CVE-2023-21843 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.362.b08-1.el7_9.x86_64
CVE-2023-21830 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.362.b08-1.el7_9.x86_64
CVE-2023-21843 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.362.b08-1.el7_9.x86_64
CVE-2021-26401 Important/Sec. kernel-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-devel-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-devel-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-headers-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-headers-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-tools-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-tools-3.10.0-1160.83.1.el7.x86_64
CVE-2021-26401 Important/Sec. kernel-tools-libs-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. kernel-tools-libs-3.10.0-1160.83.1.el7.x86_64
CVE-2022-4254 Important/Sec. libipa_hbac-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_autofs-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_certmap-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_idmap-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_simpleifp-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. libsss_sudo-1.16.5-10.el7_9.15.x86_64
CVE-2021-26401 Important/Sec. perf-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. perf-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2414 Important/Sec. pki-base-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-base-java-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-ca-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-kra-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-server-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-tools-10.5.18-24.el7_9.x86_64
CVE-2022-4254 Important/Sec. python-libipa_hbac-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. python-libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64
CVE-2021-26401 Important/Sec. python-perf-3.10.0-1160.83.1.el7.x86_64
CVE-2022-2964 Important/Sec. python-perf-3.10.0-1160.83.1.el7.x86_64
CVE-2022-4254 Important/Sec. python-sss-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. python-sss-murmur-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. python-sssdconfig-1.16.5-10.el7_9.15.noarch
CVE-2022-4254 Important/Sec. sssd-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-ad-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-client-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-common-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-common-pac-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-dbus-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-ipa-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-krb5-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-krb5-common-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-ldap-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-proxy-1.16.5-10.el7_9.15.x86_64
CVE-2022-4254 Important/Sec. sssd-tools-1.16.5-10.el7_9.15.x86_64
CVE-2023-22809 Important/Sec. sudo-1.8.23-10.el7_9.3.x86_647.9.22.12.SP19
The release date of 7.9.22.12.SP19 security patch is 3 January 2023. The estimated run time is around 54 minutes. This security patch includes the list of CVEs for November and December 2022.
The 7.9.22.12.SP19 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after applying the security patch 7.9.22.12.SP19 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-2850 Moderate/Sec. 389-ds-base-1.3.10.2-17.el7_9.x86_64
CVE-2022-2850 Moderate/Sec. 389-ds-base-libs-1.3.10.2-17.el7_9.x86_64
CVE-2022-41974 Important/Sec. device-mapper-multipath-0.4.9-136.el7_9.x86_64
CVE-2022-41974 Important/Sec. device-mapper-multipath-libs-0.4.9-136.el7_9.x86_64
CVE-2022-21619 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21624 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21626 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21628 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21619 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21624 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21626 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-21628 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.x86_64
CVE-2022-2588 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2588 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
CVE-2022-41974 Important/Sec. kpartx-0.4.9-136.el7_9.x86_64
CVE-2022-2588 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-2393 Moderate/Sec. pki-base-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-base-java-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-ca-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-kra-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-server-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-tools-10.5.18-23.el7_9.x86_64
CVE-2022-2588 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23816 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-23825 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-26373 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29900 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-29901 Important/Sec. python-perf-3.10.0-1160.80.1.el7.x86_64
CVE-2022-41853 Important/Sec. hsqldb-1:1.8.1.3-15.el7_9.noarch
CVE-2022-42898 Important/Sec. krb5-devel-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. krb5-libs-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. krb5-pkinit-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. krb5-server-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. krb5-workstation-1.15.1-55.el7_9.x86_64
CVE-2022-42898 Important/Sec. libkadm5-1.15.1-55.el7_9.x86_64
CVE-2021-29740 gpfs.adv-5.1.2-7.x86_647.9.22.10.SP18
The release date of 7.9.22.10.SP18 security patch is 26 October 2022. The estimated run time is around 60 minutes.
The 7.9.22.10.SP18 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If after applying the security patch 7.9.22.10.SP18 or greater, you try to upgrade to 1.0.7.8,
the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-38177 Important/Sec. bind-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.10.noarch
CVE-2022-38178 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.10.noarch
CVE-2022-38177 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38177 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-38178 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.10.x86_64
CVE-2022-40674 Important/Sec. expat-2.1.0-15.el7_9.x86_64
updateinfo list done7.9.22.09.SP17
Security patch released in September 2022. The estimated run time is around 60 minutes.
The 7.9.22.09.SP17 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If, after applying the security patch 7.9.22.09.SP17 or greater, you try to upgrade to
1.0.7.8, the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-21123 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64
CVE-2022-2526 Important/Sec. libgudev1-219-78.el7_9.7.x86_64
CVE-2022-21123 Moderate/Sec. perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21123 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21125 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-21166 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.x86_64
CVE-2022-29154 Important/Sec. rsync-3.1.2-11.el7_9.x86_64
CVE-2022-2526 Important/Sec. systemd-219-78.el7_9.7.x86_64
CVE-2022-2526 Important/Sec. systemd-libs-219-78.el7_9.7.x86_64
CVE-2022-2526 Important/Sec. systemd-python-219-78.el7_9.7.x86_64
CVE-2022-2526 Important/Sec. systemd-sysv-219-78.el7_9.7.x86_647.9.22.08.SP16
Security patch released in August 2022. The estimated run time is around 60 minutes.
The 7.9.22.08.SP16 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If, after applying the security patch 7.9.22.08.SP16 or greater, you try to upgrade to
1.0.7.8, the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-21540 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-21541 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-34169 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-21540 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-21541 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.x86_64
CVE-2022-34169 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.x86_647.9.22.07.SP15
Security patch released in July 2022. The estimated run time is around 60 minutes.
The 7.9.22.07.SP15 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If, after applying the security patch 7.9.22.07.SP15 or greater, you try to upgrade to
1.0.7.8, the upgrade might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-0918 Moderate/Sec. 389-ds-base-1.3.10.2-16.el7_9.x86_64
CVE-2022-0996 Moderate/Sec. 389-ds-base-1.3.10.2-16.el7_9.x86_64
CVE-2022-0918 Moderate/Sec. 389-ds-base-libs-1.3.10.2-16.el7_9.x86_64
CVE-2022-0996 Moderate/Sec. 389-ds-base-libs-1.3.10.2-16.el7_9.x86_64
CVE-2022-1729 Important/Sec. kernel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1729 Important/Sec. perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. perf-3.10.0-1160.71.1.el7.x86_64
CVE-2020-26116 Moderate/Sec. python-2.7.5-92.el7_9.x86_64
CVE-2020-26137 Moderate/Sec. python-2.7.5-92.el7_9.x86_64
CVE-2021-3177 Moderate/Sec. python-2.7.5-92.el7_9.x86_64
CVE-2020-26116 Moderate/Sec. python-devel-2.7.5-92.el7_9.x86_64
CVE-2020-26137 Moderate/Sec. python-devel-2.7.5-92.el7_9.x86_64
CVE-2021-3177 Moderate/Sec. python-devel-2.7.5-92.el7_9.x86_64
CVE-2020-26116 Moderate/Sec. python-libs-2.7.5-92.el7_9.x86_64
CVE-2020-26137 Moderate/Sec. python-libs-2.7.5-92.el7_9.x86_64
CVE-2021-3177 Moderate/Sec. python-libs-2.7.5-92.el7_9.x86_64
CVE-2022-1729 Important/Sec. python-perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1966 Important/Sec. python-perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-32250 Important/Sec. python-perf-3.10.0-1160.71.1.el7.x86_64
CVE-2022-1271 Important/Sec. xz-5.2.2-2.el7_9.x86_64
CVE-2022-1271 Important/Sec. xz-devel-5.2.2-2.el7_9.x86_64
CVE-2022-1271 Important/Sec. xz-libs-5.2.2-2.el7_9.x86_647.9.22.06.SP14
Security patch released in June 2022. The estimated run time is around 60 minutes.
The 7.9.22.06.SP14 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If, after
applying the security patch 7.9.22.06.SP14 or greater, you try to upgrade to 1.0.7.8, the upgrade
might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-24903 Important/Sec. rsyslog-8.24.0-57.el7_9.3.x86_647.9.22.05.SP13
Security patch released in June 2022. The estimated run time is around 60 minutes.
The 7.9.22.05.SP13 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If, after
applying the security patch 7.9.22.05.SP13 or greater, you try to upgrade to 1.0.7.8, the upgrade
might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2022-1271 Important/Sec. gzip-1.5-11.el7_9.x86_64
CVE-2022-21426 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21434 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21443 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21476 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21496 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21426 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21434 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21443 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21476 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-21496 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.x86_64
CVE-2022-0492 Important/Sec. kernel-3.10.0-1160.66.1.el7.x86_64
CVE-2020-8648 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12362 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12363 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12364 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2020-27170 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2021-3347 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-debuginfo-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-debuginfo-3.10.0-1160.49.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-debuginfo-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-debuginfo-3.10.0-1160.62.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-debuginfo-3.10.0-1160.66.1.el7.x86_64
CVE-2020-8648 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12362 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12363 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2020-12364 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2020-27170 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2021-3347 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.49.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.62.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-debuginfo-common-x86_64-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-devel-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-headers-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-tools-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. kernel-tools-libs-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. perf-3.10.0-1160.66.1.el7.x86_64
CVE-2022-0492 Important/Sec. python-perf-3.10.0-1160.66.1.el7.x86_64
CVE-2018-25032 Important/Sec. zlib-1.2.7-20.el7_9.x86_64
CVE-2018-25032 Important/Sec. zlib-devel-1.2.7-20.el7_9.x86_647.9.22.04.SP12
Security patch released in May 2022.
The 7.9.22.04.SP12 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If, after
applying the security patch 7.9.22.04.SP12 or greater, you try to upgrade to 1.0.7.8, the upgrade
might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2021-45960 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2021-46143 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22822 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22823 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22824 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22825 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22826 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22827 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-23852 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-25235 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-25236 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-25315 Important/Sec. expat-2.1.0-14.el7_9.x86_64
CVE-2022-22720 Important/Sec. httpd-2.4.6-97.el7_9.5.x86_64
CVE-2022-22720 Important/Sec. httpd-tools-2.4.6-97.el7_9.5.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2021-4028 Important/Sec. kernel-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-devel-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-devel-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-headers-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-headers-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-tools-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-tools-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. kernel-tools-libs-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. kernel-tools-libs-3.10.0-1160.62.1.el7.x86_64
CVE-2022-22720 Important/Sec. mod_session-2.4.6-97.el7_9.5.x86_64
CVE-2022-0778 Important/Sec. openssl-1:1.0.2k-25.el7_9.x86_64
CVE-2022-0778 Important/Sec. openssl-devel-1:1.0.2k-25.el7_9.x86_64
CVE-2022-0778 Important/Sec. openssl-libs-1:1.0.2k-25.el7_9.x86_64
CVE-2021-4028 Important/Sec. perf-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. perf-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4028 Important/Sec. python-perf-3.10.0-1160.62.1.el7.x86_64
CVE-2021-4083 Important/Sec. python-perf-3.10.0-1160.62.1.el7.x86_647.9.22.03.SP11
Security patch released in April 2022.
The 7.9.22.03.SP11 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
Note: If, after
applying the security patch 7.9.22.03.SP11 or greater, you try to upgrade to 1.0.7.8, the upgrade
might fail with the following error:
1. NodeosUpgrader.install
Upgrade Detail: Component install for nodeos
Caller Info:The call was made from 'NodeOSYosemiteInstaller.install' on line 100 with file located at '/localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/bundle_upgraders/../nodeos/node_os_yosemite_installer.py'
Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-1.0.7.8-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-1.0.7.8-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Rerun the same
apupgradecommand that failed:apupgrade --upgrade --upgrade-directory /localrepo --bundle system --use-version <your-1.0.7.8-upgrade-dir>
The list of Red Hat CVEs patched in this
release:
CVE-2021-4091 Low/Sec. 389-ds-base-1.3.10.2-15.el7_9.x86_64
CVE-2021-4091 Low/Sec. 389-ds-base-libs-1.3.10.2-15.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-2.1.26-24.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-gssapi-2.1.26-24.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-lib-2.1.26-24.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-md5-2.1.26-24.el7_9.x86_64
CVE-2022-24407 Important/Sec. cyrus-sasl-plain-2.1.26-24.el7_9.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2020-0465 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64
CVE-2020-25709 Moderate/Sec. openldap-2.4.44-25.el7_9.x86_64
CVE-2020-25710 Moderate/Sec. openldap-2.4.44-25.el7_9.x86_64
CVE-2020-25709 Moderate/Sec. openldap-clients-2.4.44-25.el7_9.x86_64
CVE-2020-25710 Moderate/Sec. openldap-clients-2.4.44-25.el7_9.x86_64
CVE-2020-0465 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. perf-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0465 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2020-0466 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-0920 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3564 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3573 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-3752 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2021-4155 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-0330 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22942 Important/Sec. python-perf-3.10.0-1160.59.1.el7.x86_64
CVE-2022-22816 Important/Sec. python-pillow-2.0.0-23.gitd1c6db8.el7_9.x86_64
CVE-2022-22817 Important/Sec. python-pillow-2.0.0-23.gitd1c6db8.el7_9.x86_647.9.22.02.SP10
Security patch released in February 2022.
The 7.9.22.02.SP10 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
There is no need to install this patch on 1.0.7.8 as the same content is already applied with 1.0.7.8 upgrade.
The list of Red Hat CVEs patched in this
release:
CVE-2021-45417 Important/Sec. aide-0.15.1-13.el7_9.1.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2022-21248 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21282 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21283 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21293 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21294 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21296 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21299 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21305 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21340 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21341 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21360 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21365 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21248 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21282 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21283 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21293 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21294 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21296 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21299 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21305 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21340 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21341 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21360 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-21365 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.x86_64
CVE-2022-23302 Important/Sec. log4j-1.2.17-18.el7_4.noarch
CVE-2022-23305 Important/Sec. log4j-1.2.17-18.el7_4.noarch
CVE-2022-23307 Important/Sec. log4j-1.2.17-18.el7_4.noarch7.9.22.01.SP9
Security patch released in February 2022.
The 7.9.22.01.SP9 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2020-25704 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64
CVE-2021-3712 Moderate/Sec. openssl-1:1.0.2k-23.el7_9.x86_64
CVE-2021-3712 Moderate/Sec. openssl-devel-1:1.0.2k-23.el7_9.x86_64
CVE-2021-3712 Moderate/Sec. openssl-libs-1:1.0.2k-23.el7_9.x86_64
CVE-2020-25704 Moderate/Sec. perf-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. perf-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. perf-3.10.0-1160.53.1.el7.x86_64
CVE-2020-25704 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.x86_64
CVE-2020-36322 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.x86_64
CVE-2021-42739 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.x86_64
CVE-2021-4034 Important/Sec. polkit-0.112-26.el7_9.1.x86_64
CVE-2021-44142 Critical/Sec. samba-client-libs-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-common-tools-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-python-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-client-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-common-libs-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-winbind-modules-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-libs-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-winbind-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-4.10.16-18.el7_9.x86_64
CVE-2021-44142 Critical/Sec. samba-common-4.10.16-18.el7_9.noarch
CVE-2021-44142 Critical/Sec. libsmbclient-4.10.16-18.el7_9.x86_64.rpm
CVE-2021-44142 Critical/Sec. libwbclient-4.10.16-18.el7_9.x86_64.rpm7.9.21.12.SP8
Security patch released in January 2022.
The 7.9.21.12.SP8 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2020-36385 Important/Sec. kernel-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-devel-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-headers-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-tools-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. kernel-tools-libs-3.10.0-1160.49.1.el7.x86_64
CVE-2021-37750 Moderate/Sec. krb5-devel-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. krb5-libs-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. krb5-pkinit-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. krb5-server-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. krb5-workstation-1.15.1-51.el7_9.x86_64
CVE-2021-37750 Moderate/Sec. libkadm5-1.15.1-51.el7_9.x86_64
CVE-2021-43527 Critical/Sec. nss-3.67.0-4.el7_9.x86_64
CVE-2021-43527 Critical/Sec. nss-sysinit-3.67.0-4.el7_9.x86_64
CVE-2021-43527 Critical/Sec. nss-tools-3.67.0-4.el7_9.x86_64
CVE-2021-41617 Moderate/Sec. openssh-7.4p1-22.el7_9.x86_64
CVE-2021-41617 Moderate/Sec. openssh-clients-7.4p1-22.el7_9.x86_64
CVE-2021-41617 Moderate/Sec. openssh-server-7.4p1-22.el7_9.x86_64
CVE-2020-36385 Important/Sec. perf-3.10.0-1160.49.1.el7.x86_64
CVE-2020-36385 Important/Sec. python-perf-3.10.0-1160.49.1.el7.x86_64
CVE-2021-20271 Moderate/Sec. rpm-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-build-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-build-libs-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-devel-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-libs-4.11.3-48.el7_9.x86_64
CVE-2021-20271 Moderate/Sec. rpm-python-4.11.3-48.el7_9.x86_64
CVE-2020-25719 Moderate/Sec. ipa-client-4.6.8-5.el7_9.10.x86_64
CVE-2020-25719 Moderate/Sec. ipa-client-common-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-common-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-python-compat-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-server-4.6.8-5.el7_9.10.x86_64
CVE-2020-25719 Moderate/Sec. ipa-server-common-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-server-dns-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7_9.10.x86_64
CVE-2016-2124 Important/Sec. libsmbclient-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. libsmbclient-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. libwbclient-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. libwbclient-4.10.16-17.el7_9.x86_64
CVE-2021-4104 Moderate/Sec. log4j-1.2.17-17.el7_4.noarch
CVE-2020-25719 Moderate/Sec. python2-ipaclient-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. python2-ipalib-4.6.8-5.el7_9.10.noarch
CVE-2020-25719 Moderate/Sec. python2-ipaserver-4.6.8-5.el7_9.10.noarch
CVE-2016-2124 Important/Sec. samba-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-client-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-client-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-client-libs-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-client-libs-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-common-4.10.16-17.el7_9.noarch
CVE-2020-25717 Important/Sec. samba-common-4.10.16-17.el7_9.noarch
CVE-2016-2124 Important/Sec. samba-common-libs-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-common-libs-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-common-tools-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-common-tools-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-libs-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-libs-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-python-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-python-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-winbind-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-winbind-4.10.16-17.el7_9.x86_64
CVE-2016-2124 Important/Sec. samba-winbind-modules-4.10.16-17.el7_9.x86_64
CVE-2020-25717 Important/Sec. samba-winbind-modules-4.10.16-17.el7_9.x86_647.9.21.11.SP7
Security patch released in December 2021.
The 7.9.21.11.SP7 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2021-3652 Low/Sec. 389-ds-base-1.3.10.2-13.el7_9.x86_64
CVE-2021-3652 Low/Sec. 389-ds-base-libs-1.3.10.2-13.el7_9.x86_64
CVE-2021-42574 Moderate/Sec. binutils-2.27-44.base.el7_9.1.x86_64
CVE-2021-40438 Important/Sec. httpd-2.4.6-97.el7_9.1.x86_64
CVE-2021-40438 Important/Sec. httpd-tools-2.4.6-97.el7_9.1.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2021-35550 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35556 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35559 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35561 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35564 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35565 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35567 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35578 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35586 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35588 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35603 Important/Sec. java-1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35550 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35556 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35559 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35561 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35564 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35565 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35567 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35578 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35586 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35588 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-35603 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.312.b07-1.el7_9.x86_64
CVE-2021-3653 Important/Sec. kernel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-devel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-devel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-devel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-devel-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-headers-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-headers-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-headers-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-headers-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-tools-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-tools-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-tools-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-tools-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
CVE-2016-4658 Moderate/Sec. libxml2-2.9.1-6.el7_9.6.x86_64
CVE-2016-4658 Moderate/Sec. libxml2-python-2.9.1-6.el7_9.6.x86_64
CVE-2021-40438 Important/Sec. mod_session-2.4.6-97.el7_9.1.x86_64
CVE-2021-23840 Moderate/Sec. openssl-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23841 Moderate/Sec. openssl-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23840 Moderate/Sec. openssl-devel-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23841 Moderate/Sec. openssl-devel-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23840 Moderate/Sec. openssl-libs-1:1.0.2k-22.el7_9.x86_64
CVE-2021-23841 Moderate/Sec. openssl-libs-1:1.0.2k-22.el7_9.x86_64
CVE-2021-3653 Important/Sec. perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3653 Important/Sec. python-perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-3656 Important/Sec. python-perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-22543 Important/Sec. python-perf-3.10.0-1160.45.1.el7.x86_64
CVE-2021-37576 Important/Sec. python-perf-3.10.0-1160.45.1.el7.x86_647.9.21.09.SP6
Security patch released in November 2021.
The 7.9.21.09.SP6 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2020-35518 Moderate/Sec. 389-ds-base-1.3.10.2-12.el7_9.x86_64
CVE-2020-35518 Moderate/Sec. 389-ds-base-libs-1.3.10.2-12.el7_9.x86_64
CVE-2021-25214 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.7.noarch
CVE-2021-25214 Moderate/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-3622 Low/Sec. hivex-1.3.10-6.12.el7_9.x86_64
CVE-2020-27777 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-devel-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-headers-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-tools-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-tools-libs-3.10.0-1160.42.2.el7.x86_64
CVE-2021-31535 Important/Sec. libX11-1.6.7-4.el7_9.x86_64
CVE-2021-31535 Important/Sec. libX11-common-1.6.7-4.el7_9.noarch
CVE-2021-3621 Important/Sec. libipa_hbac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3246 Important/Sec. libsndfile-1.0.25-12.el7_9.1.x86_64
CVE-2021-3621 Important/Sec. libsss_autofs-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_certmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_simpleifp-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_sudo-1.16.5-10.el7_9.10.x86_64
CVE-2020-27777 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. perf-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3622 Low/Sec. perl-hivex-1.3.10-6.12.el7_9.x86_64
CVE-2021-3621 Important/Sec. python-libipa_hbac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2020-27777 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. python-perf-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3621 Important/Sec. python-sss-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-sss-murmur-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-sssdconfig-1.16.5-10.el7_9.10.noarch
CVE-2021-3621 Important/Sec. sssd-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ad-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-client-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-common-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-common-pac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-dbus-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ipa-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-krb5-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-krb5-common-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ldap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-proxy-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-tools-1.16.5-10.el7_9.10.x86_647.9.21.08.SP5
Security patch released in September 2021.
The 7.9.21.08.SP5 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2021-2341 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2369 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2388 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2341 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2369 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2021-2388 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.x86_64
CVE-2019-20934 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. perf-3.10.0-1160.36.2.el7.x86_64
CVE-2019-20934 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_64
CVE-2020-11668 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33033 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33034 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_64
CVE-2021-33909 Important/Sec. python-perf-3.10.0-1160.36.2.el7.x86_647.9.21.05.SP3
Security patch released in July 2021.
The 7.9.21.05.SP3 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6 and later 1.0.7.x.
The list of Red Hat CVEs patched in this
release:
CVE-2021-25215 Important/Sec. bind-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.5.noarch
CVE-2021-25215 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-25215 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.5.x86_64
CVE-2021-2163 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.292.b10-1.el7_9.x86_64
CVE-2021-2163 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.292.b10-1.el7_9.x86_64
CVE-2020-25648 Moderate/Sec. nss-3.53.1-7.el7_9.x86_64
CVE-2020-25648 Moderate/Sec. nss-sysinit-3.53.1-7.el7_9.x86_64
CVE-2020-25648 Moderate/Sec. nss-tools-3.53.1-7.el7_9.x86_64
CVE-2020-25692 Moderate/Sec. openldap-2.4.44-23.el7_9.x86_64
CVE-2020-25692 Moderate/Sec. openldap-clients-2.4.44-23.el7_9.x86_64
CVE-2021-3480 Important/Sec. slapi-nis-0.56.5-4.el7_9.x86_647.9.21.04.SP1
Security patch released in April 2021.
The 7.9.21.04.SP1 patch is based on RHEL 7.9, and it can only be installed on Cloud Pak for Data System version 1.0.7.6.
The list of Red Hat CVEs patched in this release:
CVE-2020-8625 Important/Sec. bind-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.4.noarch
CVE-2020-8625 Important/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2020-8625 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.4.x86_64
CVE-2019-14866 Moderate/Sec. cpio-2.11-28.el7.x86_64
CVE-2017-18190 Moderate/Sec. cups-1:1.6.3-51.el7.x86_64
CVE-2019-8675 Moderate/Sec. cups-1:1.6.3-51.el7.x86_64
CVE-2019-8696 Moderate/Sec. cups-1:1.6.3-51.el7.x86_64
CVE-2017-18190 Moderate/Sec. cups-client-1:1.6.3-51.el7.x86_64
CVE-2019-8675 Moderate/Sec. cups-client-1:1.6.3-51.el7.x86_64
CVE-2019-8696 Moderate/Sec. cups-client-1:1.6.3-51.el7.x86_64
CVE-2017-18190 Moderate/Sec. cups-filesystem-1:1.6.3-51.el7.noarch
CVE-2019-8675 Moderate/Sec. cups-filesystem-1:1.6.3-51.el7.noarch
CVE-2019-8696 Moderate/Sec. cups-filesystem-1:1.6.3-51.el7.noarch
CVE-2017-18190 Moderate/Sec. cups-libs-1:1.6.3-51.el7.x86_64
CVE-2019-8675 Moderate/Sec. cups-libs-1:1.6.3-51.el7.x86_64
CVE-2019-8696 Moderate/Sec. cups-libs-1:1.6.3-51.el7.x86_64
CVE-2019-12749 Moderate/Sec. dbus-1:1.10.24-15.el7.x86_64
CVE-2019-12749 Moderate/Sec. dbus-libs-1:1.10.24-15.el7.x86_64
CVE-2019-14834 Low/Sec. dnsmasq-2.76-16.el7.x86_64
CVE-2020-25684 Moderate/Sec. dnsmasq-2.76-16.el7_9.1.x86_64
CVE-2020-25685 Moderate/Sec. dnsmasq-2.76-16.el7_9.1.x86_64
CVE-2020-25686 Moderate/Sec. dnsmasq-2.76-16.el7_9.1.x86_64
CVE-2019-5094 Moderate/Sec. e2fsprogs-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. e2fsprogs-1.42.9-19.el7.x86_64
CVE-2019-5094 Moderate/Sec. e2fsprogs-libs-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. e2fsprogs-libs-1.42.9-19.el7.x86_64
CVE-2018-20843 Moderate/Sec. expat-2.1.0-12.el7.x86_64
CVE-2019-15903 Moderate/Sec. expat-2.1.0-12.el7.x86_64
CVE-2020-15999 Important/Sec. freetype-2.8-14.el7_9.1.x86_64
CVE-2019-19126 Low/Sec. glibc-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. glibc-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. glibc-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. glibc-2.17-322.el7_9.x86_64
CVE-2019-19126 Low/Sec. glibc-common-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. glibc-common-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. glibc-common-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. glibc-common-2.17-322.el7_9.x86_64
CVE-2019-19126 Low/Sec. glibc-devel-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. glibc-devel-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. glibc-devel-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. glibc-devel-2.17-322.el7_9.x86_64
CVE-2019-19126 Low/Sec. glibc-headers-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. glibc-headers-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. glibc-headers-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. glibc-headers-2.17-322.el7_9.x86_64
CVE-2020-14372 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-14372 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-25632 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-25647 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-27749 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-27779 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2021-20225 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2021-20233 Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.2.noarch
CVE-2020-14372 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-pc-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-14372 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-25632 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-25647 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-27749 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-27779 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2021-20225 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2021-20233 Moderate/Sec. grub2-pc-modules-1:2.02-0.87.el7_9.2.noarch
CVE-2020-14372 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-14372 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-14372 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25632 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-25647 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27749 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2020-27779 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20225 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2021-20233 Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.2.x86_64
CVE-2019-16707 Low/Sec. hunspell-1.3.2-16.el7.x86_64
CVE-2015-9251 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2016-10735 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2018-14040 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2018-14042 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2018-20676 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2018-20677 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2019-8331 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2019-11358 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2020-1722 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2020-11022 Moderate/Sec. ipa-client-4.6.8-5.el7.x86_64
CVE-2020-11023 Moderate/Sec. ipa-client-4.6.8-5.el7_9.4.x86_64
CVE-2015-9251 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. ipa-client-common-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. ipa-client-common-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. ipa-common-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. ipa-common-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2016-10735 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2018-14040 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2018-14042 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2018-20676 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2018-20677 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2019-8331 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2019-11358 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2020-1722 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2020-11022 Moderate/Sec. ipa-server-4.6.8-5.el7.x86_64
CVE-2020-11023 Moderate/Sec. ipa-server-4.6.8-5.el7_9.4.x86_64
CVE-2015-9251 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. ipa-server-common-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. ipa-server-common-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. ipa-server-dns-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. ipa-server-dns-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2016-10735 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2018-14040 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2018-14042 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2018-20676 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2018-20677 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2019-8331 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2019-11358 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2020-1722 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2020-11022 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7.x86_64
CVE-2020-11023 Moderate/Sec. ipa-server-trust-ad-4.6.8-5.el7_9.4.x86_64
CVE-2020-5208 Important/Sec. ipmitool-1.8.18-9.el7_7.x86_64
CVE-2020-12321 Important/Sec. iwl100-firmware-39.31.5.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl1000-firmware-1:39.31.5.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl105-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl135-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl2000-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl2030-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl3160-firmware-25.30.13.0-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl3945-firmware-15.32.2.9-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl4965-firmware-228.61.2.24-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl5150-firmware-8.24.2.2-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl6000-firmware-9.221.4.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl6050-firmware-41.28.5.1-80.el7_9.noarch
CVE-2020-12321 Important/Sec. iwl7260-firmware-25.30.13.0-80.el7_9.noarch
CVE-2020-15436 Moderate/Sec. kernel-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-3.10.0-1160.24.1.el7.x86_64
CVE-2020-15436 Moderate/Sec. kernel-devel-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-devel-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-devel-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-devel-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-devel-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-devel-3.10.0-1160.24.1.el7.x86_64
CVE-2020-15436 Moderate/Sec. kernel-headers-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-headers-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-headers-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-headers-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-headers-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-headers-3.10.0-1160.24.1.el7.x86_64
CVE-2020-15436 Moderate/Sec. kernel-tools-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-tools-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-tools-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-tools-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-tools-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-tools-3.10.0-1160.24.1.el7.x86_64
CVE-2020-15436 Moderate/Sec. kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64
CVE-2020-14363 Important/Sec. libX11-1.6.7-3.el7_9.x86_64
CVE-2020-14363 Important/Sec. libX11-common-1.6.7-3.el7_9.noarch
CVE-2019-5094 Moderate/Sec. libcom_err-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. libcom_err-1.42.9-19.el7.x86_64
CVE-2019-5094 Moderate/Sec. libcom_err-devel-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. libcom_err-devel-1.42.9-19.el7.x86_64
CVE-2020-12825 Moderate/Sec. libcroco-0.6.12-6.el7_9.x86_64
CVE-2021-20277 Important/Sec. libldb-1.5.4-2.el7_9.x86_64
CVE-2017-12652 Low/Sec. libpng-2:1.5.13-8.el7.x86_64
CVE-2018-19662 Low/Sec. libsndfile-1.0.25-12.el7.x86_64
CVE-2019-5094 Moderate/Sec. libss-1.42.9-19.el7.x86_64
CVE-2019-5188 Moderate/Sec. libss-1.42.9-19.el7.x86_64
CVE-2019-17498 Moderate/Sec. libssh2-1.8.0-4.el7.x86_64
CVE-2019-14973 Moderate/Sec. libtiff-4.0.3-35.el7.x86_64
CVE-2019-17546 Moderate/Sec. libtiff-4.0.3-35.el7.x86_64
CVE-2017-0393 Moderate/Sec. libvpx-1.3.0-8.el7.x86_64
CVE-2019-9232 Moderate/Sec. libvpx-1.3.0-8.el7.x86_64
CVE-2019-9433 Moderate/Sec. libvpx-1.3.0-8.el7.x86_64
CVE-2020-0034 Moderate/Sec. libvpx-1.3.0-8.el7.x86_64
CVE-2019-3833 Moderate/Sec. libwsman1-2.6.3-7.git4391e5c.el7.x86_64
CVE-2019-19956 Moderate/Sec. libxml2-2.9.1-6.el7.5.x86_64
CVE-2019-20388 Moderate/Sec. libxml2-2.9.1-6.el7.5.x86_64
CVE-2020-7595 Moderate/Sec. libxml2-2.9.1-6.el7.5.x86_64
CVE-2019-19956 Moderate/Sec. libxml2-python-2.9.1-6.el7.5.x86_64
CVE-2019-20388 Moderate/Sec. libxml2-python-2.9.1-6.el7.5.x86_64
CVE-2020-7595 Moderate/Sec. libxml2-python-2.9.1-6.el7.5.x86_64
CVE-2019-11068 Moderate/Sec. libxslt-1.1.28-6.el7.x86_64
CVE-2019-18197 Moderate/Sec. libxslt-1.1.28-6.el7.x86_64
CVE-2020-12321 Important/Sec. linux-firmware-20200421-80.git78c0348.el7_9.noarch
CVE-2019-2974 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2020-2574 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2020-2752 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2020-2780 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2020-2812 Moderate/Sec. mariadb-libs-1:5.5.68-1.el7.x86_64
CVE-2021-20305 Important/Sec. nettle-2.7.1-9.el7_9.x86_64
CVE-2019-19126 Low/Sec. nscd-2.17-317.el7.x86_64
CVE-2019-25013 Moderate/Sec. nscd-2.17-322.el7_9.x86_64
CVE-2020-10029 Moderate/Sec. nscd-2.17-322.el7_9.x86_64
CVE-2020-29573 Moderate/Sec. nscd-2.17-322.el7_9.x86_64
CVE-2020-12243 Moderate/Sec. openldap-2.4.44-22.el7.x86_64
CVE-2020-12243 Moderate/Sec. openldap-clients-2.4.44-22.el7.x86_64
CVE-2019-3833 Moderate/Sec. openwsman-python-2.6.3-7.git4391e5c.el7.x86_64
CVE-2020-15436 Moderate/Sec. perf-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. perf-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. perf-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. perf-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. perf-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. perf-3.10.0-1160.24.1.el7.x86_64
CVE-2020-10543 Moderate/Sec. perl-4:5.16.3-299.el7_9.x86_64
CVE-2020-10878 Moderate/Sec. perl-4:5.16.3-299.el7_9.x86_64
CVE-2020-12723 Moderate/Sec. perl-4:5.16.3-299.el7_9.x86_64
CVE-2020-10543 Moderate/Sec. perl-CPAN-1.9800-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-CPAN-1.9800-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-CPAN-1.9800-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-ExtUtils-Install-1.58-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-ExtUtils-Install-1.58-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-ExtUtils-Install-1.58-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-IO-Zlib-1:1.10-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-IO-Zlib-1:1.10-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-IO-Zlib-1:1.10-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-Package-Constants-1:0.02-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-Package-Constants-1:0.02-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-Package-Constants-1:0.02-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-Pod-Escapes-1:1.04-299.el7_9.noarch
CVE-2020-10878 Moderate/Sec. perl-Pod-Escapes-1:1.04-299.el7_9.noarch
CVE-2020-12723 Moderate/Sec. perl-Pod-Escapes-1:1.04-299.el7_9.noarch
CVE-2020-10543 Moderate/Sec. perl-devel-4:5.16.3-299.el7_9.x86_64
CVE-2020-10878 Moderate/Sec. perl-devel-4:5.16.3-299.el7_9.x86_64
CVE-2020-12723 Moderate/Sec. perl-devel-4:5.16.3-299.el7_9.x86_64
CVE-2020-10543 Moderate/Sec. perl-libs-4:5.16.3-299.el7_9.x86_64
CVE-2020-10878 Moderate/Sec. perl-libs-4:5.16.3-299.el7_9.x86_64
CVE-2020-12723 Moderate/Sec. perl-libs-4:5.16.3-299.el7_9.x86_64
CVE-2020-10543 Moderate/Sec. perl-macros-4:5.16.3-299.el7_9.x86_64
CVE-2020-10878 Moderate/Sec. perl-macros-4:5.16.3-299.el7_9.x86_64
CVE-2020-12723 Moderate/Sec. perl-macros-4:5.16.3-299.el7_9.x86_64
CVE-2019-10146 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-base-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-base-java-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-ca-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-kra-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2019-10179 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2019-10221 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2020-1721 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2020-25715 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2021-20179 Important/Sec. pki-server-10.5.18-12.el7_9.noarch
CVE-2019-10146 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2019-10179 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2019-10221 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2020-1721 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2020-25715 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2021-20179 Important/Sec. pki-tools-10.5.18-12.el7_9.x86_64
CVE-2021-20277 Important/Sec. pyldb-1.5.4-2.el7_9.x86_64
CVE-2020-15436 Moderate/Sec. python-perf-3.10.0-1160.15.2.el7.x86_64
CVE-2020-35513 Moderate/Sec. python-perf-3.10.0-1160.15.2.el7.x86_64
CVE-2019-19532 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-0427 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-7053 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-14351 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25211 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25645 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25656 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-25705 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-28374 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2020-29661 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2021-20265 Important/Sec. python-perf-3.10.0-1160.21.1.el7.x86_64
CVE-2021-27363 Important/Sec. python-perf-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27364 Important/Sec. python-perf-3.10.0-1160.24.1.el7.x86_64
CVE-2021-27365 Important/Sec. python-perf-3.10.0-1160.24.1.el7.x86_64
CVE-2020-5313 Moderate/Sec. python-pillow-2.0.0-21.gitd1c6db8.el7.x86_64
CVE-2015-9251 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. python2-ipaclient-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. python2-ipaclient-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. python2-ipalib-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. python2-ipalib-4.6.8-5.el7_9.4.noarch
CVE-2015-9251 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2016-10735 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2018-14040 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2018-14042 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2018-20676 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2018-20677 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2019-8331 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2019-11358 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2020-1722 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2020-11022 Moderate/Sec. python2-ipaserver-4.6.8-5.el7.noarch
CVE-2020-11023 Moderate/Sec. python2-ipaserver-4.6.8-5.el7_9.4.noarch
CVE-2018-15746 Low/Sec. qemu-img-10:1.5.3-175.el7.x86_64
CVE-2019-20382 Low/Sec. qemu-img-10:1.5.3-175.el7.x86_64
CVE-2020-1983 Important/Sec. qemu-img-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-14364 Important/Sec. qemu-img-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-13765 Moderate/Sec. qemu-img-10:1.5.3-175.el7_9.3.x86_64
CVE-2020-16092 Moderate/Sec. qemu-img-10:1.5.3-175.el7_9.3.x86_64
CVE-2018-15746 Low/Sec. qemu-kvm-10:1.5.3-175.el7.x86_64
CVE-2019-20382 Low/Sec. qemu-kvm-10:1.5.3-175.el7.x86_64
CVE-2020-1983 Important/Sec. qemu-kvm-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-14364 Important/Sec. qemu-kvm-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-13765 Moderate/Sec. qemu-kvm-10:1.5.3-175.el7_9.3.x86_64
CVE-2020-16092 Moderate/Sec. qemu-kvm-10:1.5.3-175.el7_9.3.x86_64
CVE-2018-15746 Low/Sec. qemu-kvm-common-10:1.5.3-175.el7.x86_64
CVE-2019-20382 Low/Sec. qemu-kvm-common-10:1.5.3-175.el7.x86_64
CVE-2020-1983 Important/Sec. qemu-kvm-common-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-14364 Important/Sec. qemu-kvm-common-10:1.5.3-175.el7_9.1.x86_64
CVE-2020-13765 Moderate/Sec. qemu-kvm-common-10:1.5.3-175.el7_9.3.x86_64
CVE-2020-16092 Moderate/Sec. qemu-kvm-common-10:1.5.3-175.el7_9.3.x86_64
CVE-2021-26937 Important/Sec. screen-4.1.0-0.27.20120314git3c2946.el7_9.x86_64
CVE-2020-14355 Important/Sec. spice-server-0.14.0-9.el7_9.1.x86_64
CVE-2018-11782 Moderate/Sec. subversion-1.7.14-16.el7.x86_64
CVE-2018-11782 Moderate/Sec. subversion-libs-1.7.14-16.el7.x86_64
CVE-2021-3156 Important/Sec. sudo-1.8.23-10.el7_9.1.x86_64
CVE-2021-27803 Important/Sec. wpa_supplicant-1:2.6-12.el7_9.2.x86_647.8.21.01.SP1
Security patch released in February 2021.
The 7.8.21.01.SP1 patch is based on RHEL 7.8, and it can only be installed on versions 1.0.7.4 and 1.0.7.5. Do not apply the patch on earlier versions of the system.
The list of Red Hat CVEs patched in this release:
CVE-2020-10713 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-1:2.02-0.86.el7_8.x86_64
CVE-2020-10713 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-14308 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-14309 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-14310 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-14311 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-15705 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-15706 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-15707 Moderate/Sec. grub2-common-1:2.02-0.86.el7_8.noarch
CVE-2020-10713 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-pc-1:2.02-0.86.el7_8.x86_64
CVE-2020-10713 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-14308 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-14309 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-14310 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-14311 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-15705 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-15706 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-15707 Moderate/Sec. grub2-pc-modules-1:2.02-0.86.el7_8.noarch
CVE-2020-10713 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-tools-1:2.02-0.86.el7_8.x86_64
CVE-2020-10713 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-tools-extra-1:2.02-0.86.el7_8.x86_64
CVE-2020-10713 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-14308 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-14309 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-14310 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-14311 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-15705 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-15706 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64
CVE-2020-15707 Moderate/Sec. grub2-tools-minimal-1:2.02-0.86.el7_8.x86_64