ipa security update

2017-01-0300:00:00

linux.oracle.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

82.0%

JSON

[4.4.0-14.0.1.el7_3.1.1]

Blank out header-logo.png product-name.png
Replace login-screen-logo.png [20362818]
[4.4.0-14.1.1]
Resolves: #1370493 CVE-2016-7030 ipa: DoS attack against kerberized services
by abusing password policy
- ipa-kdb: search for password policies globally
Renamed patches 1011 and 1012 to 0146 and 0145, as they were merged upstream
[4.4.0-14.1]
Resolves: #1370493 CVE-2016-7030 ipa: DoS attack against kerberized services
by abusing password policy
- password policy: Add explicit default password policy for hosts and
  services
Resolves: #1395311 CVE-2016-9575 ipa: Insufficient permission check in
certprofile-mod
- certprofile-mod: correctly authorise config update

OSVersionArchitecturePackageVersionFilename
oracle linux7srcipa< 4.4.0-14.0.1.el7_3.1.1ipa-4.4.0-14.0.1.el7_3.1.1.src.rpm
oracle linux7noarchipa-admintools< 4.4.0-14.0.1.el7_3.1.1ipa-admintools-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux7x86_64ipa-client< 4.4.0-14.0.1.el7_3.1.1ipa-client-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm
oracle linux7noarchipa-client-common< 4.4.0-14.0.1.el7_3.1.1ipa-client-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux7noarchipa-common< 4.4.0-14.0.1.el7_3.1.1ipa-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux7noarchipa-python-compat< 4.4.0-14.0.1.el7_3.1.1ipa-python-compat-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux7x86_64ipa-server< 4.4.0-14.0.1.el7_3.1.1ipa-server-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm
oracle linux7noarchipa-server-common< 4.4.0-14.0.1.el7_3.1.1ipa-server-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux7noarchipa-server-dns< 4.4.0-14.0.1.el7_3.1.1ipa-server-dns-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux7x86_64ipa-server-trust-ad< 4.4.0-14.0.1.el7_3.1.1ipa-server-trust-ad-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	7	src	ipa	< 4.4.0-14.0.1.el7_3.1.1	ipa-4.4.0-14.0.1.el7_3.1.1.src.rpm
oracle linux	7	noarch	ipa-admintools	< 4.4.0-14.0.1.el7_3.1.1	ipa-admintools-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux	7	x86_64	ipa-client	< 4.4.0-14.0.1.el7_3.1.1	ipa-client-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm
oracle linux	7	noarch	ipa-client-common	< 4.4.0-14.0.1.el7_3.1.1	ipa-client-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux	7	noarch	ipa-common	< 4.4.0-14.0.1.el7_3.1.1	ipa-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux	7	noarch	ipa-python-compat	< 4.4.0-14.0.1.el7_3.1.1	ipa-python-compat-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux	7	x86_64	ipa-server	< 4.4.0-14.0.1.el7_3.1.1	ipa-server-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm
oracle linux	7	noarch	ipa-server-common	< 4.4.0-14.0.1.el7_3.1.1	ipa-server-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux	7	noarch	ipa-server-dns	< 4.4.0-14.0.1.el7_3.1.1	ipa-server-dns-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
oracle linux	7	x86_64	ipa-server-trust-ad	< 4.4.0-14.0.1.el7_3.1.1	ipa-server-trust-ad-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm