libwsman, libwsman1, openwsman security update

2019-04-30T13:16:56
ID CESA-2019:0638
Type centos
Reporter CentOS Project
Modified 2019-04-30T13:16:56

Description

CentOS Errata and Security Advisory CESA-2019:0638

Openwsman is a project intended to provide an open source implementation of the Web Services Management specification (WS-Management) and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects.

Security Fix(es):

  • openwsman: Disclosure of arbitrary files outside of the registered URIs (CVE-2019-3816)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2019-April/023295.html

Affected packages: libwsman-devel libwsman1 openwsman openwsman-client openwsman-perl openwsman-python openwsman-ruby openwsman-server

Upstream details at: