Critical Photon OS Security Update - PHSA-2019-3.0-0035

2019-10-1800:00:00

github.com

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

Low

0.283 Low

EPSS

Percentile

96.9%

JSON

Updates of [‘sudo’, ‘openjdk8’, ‘httpd’, ‘subversion’, ‘python2’, ‘unbound’] packages of Photon OS have been released.

OSVersionArchitecturePackageVersionFilename
Photon3.0x86_64python2< 2.7.15-11.ph3python2-2.7.15-11.ph3.x86_64.rpm
Photon3.0x86_64httpd< 2.4.41-1.ph3httpd-2.4.41-1.ph3.x86_64.rpm
Photon3.0x86_64httpd-docs< 2.4.41-1.ph3httpd-docs-2.4.41-1.ph3.x86_64.rpm
Photon3.0x86_64sudo-debuginfo< 1.8.23-2.ph3sudo-debuginfo-1.8.23-2.ph3.x86_64.rpm
Photon3.0x86_64unbound< 1.8.0-2.ph3unbound-1.8.0-2.ph3.x86_64.rpm
Photon3.0x86_64httpd-debuginfo< 2.4.41-1.ph3httpd-debuginfo-2.4.41-1.ph3.x86_64.rpm
Photon3.0x86_64python2-devel< 2.7.15-11.ph3python2-devel-2.7.15-11.ph3.x86_64.rpm
Photon3.0x86_64openjdk8-doc< 1.8.0.222-1.ph3openjdk8-doc-1.8.0.222-1.ph3.x86_64.rpm
Photon3.0x86_64unbound-debuginfo< 1.8.0-2.ph3unbound-debuginfo-1.8.0-2.ph3.x86_64.rpm
Photon3.0x86_64subversion-debuginfo< 1.10.2-5.ph3subversion-debuginfo-1.10.2-5.ph3.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Photon	3.0	x86_64	python2	< 2.7.15-11.ph3	python2-2.7.15-11.ph3.x86_64.rpm
Photon	3.0	x86_64	httpd	< 2.4.41-1.ph3	httpd-2.4.41-1.ph3.x86_64.rpm
Photon	3.0	x86_64	httpd-docs	< 2.4.41-1.ph3	httpd-docs-2.4.41-1.ph3.x86_64.rpm
Photon	3.0	x86_64	sudo-debuginfo	< 1.8.23-2.ph3	sudo-debuginfo-1.8.23-2.ph3.x86_64.rpm
Photon	3.0	x86_64	unbound	< 1.8.0-2.ph3	unbound-1.8.0-2.ph3.x86_64.rpm
Photon	3.0	x86_64	httpd-debuginfo	< 2.4.41-1.ph3	httpd-debuginfo-2.4.41-1.ph3.x86_64.rpm
Photon	3.0	x86_64	python2-devel	< 2.7.15-11.ph3	python2-devel-2.7.15-11.ph3.x86_64.rpm
Photon	3.0	x86_64	openjdk8-doc	< 1.8.0.222-1.ph3	openjdk8-doc-1.8.0.222-1.ph3.x86_64.rpm
Photon	3.0	x86_64	unbound-debuginfo	< 1.8.0-2.ph3	unbound-debuginfo-1.8.0-2.ph3.x86_64.rpm
Photon	3.0	x86_64	subversion-debuginfo	< 1.10.2-5.ph3	subversion-debuginfo-1.10.2-5.ph3.x86_64.rpm