The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:3553 advisory.
WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.
This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. (CVE-2019-11459)
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.) (CVE-2019-12795)
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions. (CVE-2019-3820)
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.
Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8672, CVE-2019-8676, CVE-2019-8689)
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8726, CVE-2019-8735)
Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)
webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2019:3553.
##
include('compat.inc');
if (description)
{
script_id(184895);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/07");
script_cve_id(
"CVE-2019-3820",
"CVE-2019-6237",
"CVE-2019-6251",
"CVE-2019-8506",
"CVE-2019-8518",
"CVE-2019-8523",
"CVE-2019-8524",
"CVE-2019-8535",
"CVE-2019-8536",
"CVE-2019-8544",
"CVE-2019-8551",
"CVE-2019-8558",
"CVE-2019-8559",
"CVE-2019-8563",
"CVE-2019-8571",
"CVE-2019-8583",
"CVE-2019-8584",
"CVE-2019-8586",
"CVE-2019-8587",
"CVE-2019-8594",
"CVE-2019-8595",
"CVE-2019-8596",
"CVE-2019-8597",
"CVE-2019-8601",
"CVE-2019-8607",
"CVE-2019-8608",
"CVE-2019-8609",
"CVE-2019-8610",
"CVE-2019-8611",
"CVE-2019-8615",
"CVE-2019-8619",
"CVE-2019-8622",
"CVE-2019-8623",
"CVE-2019-8666",
"CVE-2019-8671",
"CVE-2019-8672",
"CVE-2019-8673",
"CVE-2019-8676",
"CVE-2019-8677",
"CVE-2019-8679",
"CVE-2019-8681",
"CVE-2019-8686",
"CVE-2019-8687",
"CVE-2019-8689",
"CVE-2019-8690",
"CVE-2019-8726",
"CVE-2019-8735",
"CVE-2019-8768",
"CVE-2019-11070",
"CVE-2019-11459",
"CVE-2019-12795"
);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/25");
script_xref(name:"RLSA", value:"2019:3553");
script_name(english:"Rocky Linux 8 : GNOME (RLSA-2019:3553)");
script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2019:3553 advisory.
- WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings
when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.
This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)
- The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in
GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to
uninitialized memory use when processing certain TIFF image files. (CVE-2019-11459)
- daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3
opened a private D-Bus server socket without configuring an authorization rule. A local attacker could
connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a
single connection, so the attacker would have to discover the server and connect to the socket before its
owner does.) (CVE-2019-12795)
- It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all
contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard
shortcuts, and potentially other actions. (CVE-2019-3820)
- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS
12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.
Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237,
CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,
CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)
- WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain
JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted
URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)
- A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS
12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously
crafted web content may lead to arbitrary code execution. (CVE-2019-8506)
- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS
12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing
maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558,
CVE-2019-8559, CVE-2019-8563)
- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS
12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously
crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)
- A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2,
tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted
web content may lead to arbitrary code execution. (CVE-2019-8535)
- A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2,
tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing
maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)
- A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari
12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may
lead to universal cross site scripting. (CVE-2019-8551)
- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS
12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for
Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)
- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS
12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,
iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686,
CVE-2019-8687)
- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS
12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for
Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary
code execution. (CVE-2019-8672, CVE-2019-8676, CVE-2019-8689)
- A logic issue existed in the handling of document loads. This issue was addressed with improved state
management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for
Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web
content may lead to universal cross site scripting. (CVE-2019-8690)
- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in
tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing
maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8726, CVE-2019-8735)
- Clear History and Website Data did not clear the history. The issue was addressed with improved data
deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history
items. (CVE-2019-8768)
- webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2019:3553");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1662193");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1667136");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1673011");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1674382");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1679127");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1680164");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1685811");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1687949");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1690506");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1696708");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1698520");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1698884");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1698923");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1698929");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1698930");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1704355");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1704360");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1704378");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1705583");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1706793");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1709937");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1713080");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1713330");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1713453");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1713685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1715738");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1715761");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1715765");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1716295");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1716771");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1718133");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1719241");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1719279");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1719779");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1720481");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1721195");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1721575");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1722047");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1722844");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1723467");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1723836");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1724551");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1725101");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1725107");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1725120");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1725555");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1725741");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1725766");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1725854");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1726093");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1726505");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1726656");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1728277");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1731372");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1735382");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1737326");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1739116");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1739117");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1741547");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8689");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-8735");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/14");
script_set_attribute(attribute:"patch_publication_date", value:"2019/11/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-modules-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gnome-desktop3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gnome-desktop3-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gnome-desktop3-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:gnome-desktop3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libpurple");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libpurple-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libpurple-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:pango");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:pango-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:pango-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:pango-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:pidgin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:pidgin-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:pidgin-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:pidgin-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:8");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Rocky Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);
if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);
var pkgs = [
{'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-debuginfo-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-debuginfo-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-debuginfo-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-debugsource-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-debugsource-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-debugsource-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-devel-debuginfo-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-devel-debuginfo-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-devel-debuginfo-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-modules-debuginfo-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-modules-debuginfo-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-modules-debuginfo-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-debuginfo-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-debuginfo-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-debuginfo-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gnome-desktop3-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gnome-desktop3-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gnome-desktop3-debuginfo-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gnome-desktop3-debuginfo-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gnome-desktop3-debugsource-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gnome-desktop3-debugsource-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gnome-desktop3-devel-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'gnome-desktop3-devel-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-debuginfo-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-debuginfo-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-debuginfo-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-1.42.4-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-debuginfo-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-debuginfo-1.42.4-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-debuginfo-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-debugsource-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-debugsource-1.42.4-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-debugsource-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-devel-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-devel-1.42.4-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pango-devel-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-debuginfo-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-debuginfo-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-debuginfo-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-debugsource-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-debugsource-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-debugsource-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-devel-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'pidgin-devel-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gdk-pixbuf2 / gdk-pixbuf2-debuginfo / gdk-pixbuf2-debugsource / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
rocky | linux | gdk-pixbuf2 | p-cpe:/a:rocky:linux:gdk-pixbuf2 |
rocky | linux | gdk-pixbuf2-debuginfo | p-cpe:/a:rocky:linux:gdk-pixbuf2-debuginfo |
rocky | linux | gdk-pixbuf2-debugsource | p-cpe:/a:rocky:linux:gdk-pixbuf2-debugsource |
rocky | linux | gdk-pixbuf2-devel | p-cpe:/a:rocky:linux:gdk-pixbuf2-devel |
rocky | linux | gdk-pixbuf2-devel-debuginfo | p-cpe:/a:rocky:linux:gdk-pixbuf2-devel-debuginfo |
rocky | linux | gdk-pixbuf2-modules | p-cpe:/a:rocky:linux:gdk-pixbuf2-modules |
rocky | linux | gdk-pixbuf2-modules-debuginfo | p-cpe:/a:rocky:linux:gdk-pixbuf2-modules-debuginfo |
rocky | linux | gdk-pixbuf2-xlib | p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib |
rocky | linux | gdk-pixbuf2-xlib-debuginfo | p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-debuginfo |
rocky | linux | gdk-pixbuf2-xlib-devel | p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-devel |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11070
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6237
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6251
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8506
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8518
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8523
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8524
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8535
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8536
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8544
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8551
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8558
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8559
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8563
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8571
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8583
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8586
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8587
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8594
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8595
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8597
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8601
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8607
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8609
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8610
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8611
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8615
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8666
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8671
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8672
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8673
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8676
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8677
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8679
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8681
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8686
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8687
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8689
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8690
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8768
bugzilla.redhat.com/show_bug.cgi?id=1662193
bugzilla.redhat.com/show_bug.cgi?id=1667136
bugzilla.redhat.com/show_bug.cgi?id=1673011
bugzilla.redhat.com/show_bug.cgi?id=1674382
bugzilla.redhat.com/show_bug.cgi?id=1679127
bugzilla.redhat.com/show_bug.cgi?id=1680164
bugzilla.redhat.com/show_bug.cgi?id=1685811
bugzilla.redhat.com/show_bug.cgi?id=1687949
bugzilla.redhat.com/show_bug.cgi?id=1690506
bugzilla.redhat.com/show_bug.cgi?id=1696708
bugzilla.redhat.com/show_bug.cgi?id=1698520
bugzilla.redhat.com/show_bug.cgi?id=1698884
bugzilla.redhat.com/show_bug.cgi?id=1698923
bugzilla.redhat.com/show_bug.cgi?id=1698929
bugzilla.redhat.com/show_bug.cgi?id=1698930
bugzilla.redhat.com/show_bug.cgi?id=1704355
bugzilla.redhat.com/show_bug.cgi?id=1704360
bugzilla.redhat.com/show_bug.cgi?id=1704378
bugzilla.redhat.com/show_bug.cgi?id=1705583
bugzilla.redhat.com/show_bug.cgi?id=1706793
bugzilla.redhat.com/show_bug.cgi?id=1709937
bugzilla.redhat.com/show_bug.cgi?id=1713080
bugzilla.redhat.com/show_bug.cgi?id=1713330
bugzilla.redhat.com/show_bug.cgi?id=1713453
bugzilla.redhat.com/show_bug.cgi?id=1713685
bugzilla.redhat.com/show_bug.cgi?id=1715738
bugzilla.redhat.com/show_bug.cgi?id=1715761
bugzilla.redhat.com/show_bug.cgi?id=1715765
bugzilla.redhat.com/show_bug.cgi?id=1716295
bugzilla.redhat.com/show_bug.cgi?id=1716771
bugzilla.redhat.com/show_bug.cgi?id=1718133
bugzilla.redhat.com/show_bug.cgi?id=1719241
bugzilla.redhat.com/show_bug.cgi?id=1719279
bugzilla.redhat.com/show_bug.cgi?id=1719779
bugzilla.redhat.com/show_bug.cgi?id=1720481
bugzilla.redhat.com/show_bug.cgi?id=1721195
bugzilla.redhat.com/show_bug.cgi?id=1721575
bugzilla.redhat.com/show_bug.cgi?id=1722047
bugzilla.redhat.com/show_bug.cgi?id=1722844
bugzilla.redhat.com/show_bug.cgi?id=1723467
bugzilla.redhat.com/show_bug.cgi?id=1723836
bugzilla.redhat.com/show_bug.cgi?id=1724551
bugzilla.redhat.com/show_bug.cgi?id=1725101
bugzilla.redhat.com/show_bug.cgi?id=1725107
bugzilla.redhat.com/show_bug.cgi?id=1725120
bugzilla.redhat.com/show_bug.cgi?id=1725555
bugzilla.redhat.com/show_bug.cgi?id=1725741
bugzilla.redhat.com/show_bug.cgi?id=1725766
bugzilla.redhat.com/show_bug.cgi?id=1725854
bugzilla.redhat.com/show_bug.cgi?id=1726093
bugzilla.redhat.com/show_bug.cgi?id=1726505
bugzilla.redhat.com/show_bug.cgi?id=1726656
bugzilla.redhat.com/show_bug.cgi?id=1728277
bugzilla.redhat.com/show_bug.cgi?id=1731372
bugzilla.redhat.com/show_bug.cgi?id=1735382
bugzilla.redhat.com/show_bug.cgi?id=1737326
bugzilla.redhat.com/show_bug.cgi?id=1739116
bugzilla.redhat.com/show_bug.cgi?id=1739117
bugzilla.redhat.com/show_bug.cgi?id=1741547
errata.rockylinux.org/RLSA-2019:3553