Critical Photon OS Security Update - PHSA-2019-3.0-0035

2019-10-1800:00:00

github.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.343 Low

EPSS

Percentile

97.0%

JSON

Updates of [‘sudo’, ‘httpd’, ‘unbound’, ‘subversion’, ‘openjdk8’, ‘python2’] packages of Photon OS have been released.

OSVersionArchitecturePackageVersionFilename
Photon3.0x86_64sudo-debuginfo< 1.8.23-2.ph3sudo-debuginfo-1.8.23-2.ph3.x86_64.rpm
Photon3.0x86_64unbound< 1.8.0-2.ph3unbound-1.8.0-2.ph3.x86_64.rpm
Photon3.0x86_64unbound-devel< 1.8.0-2.ph3unbound-devel-1.8.0-2.ph3.x86_64.rpm
Photon3.0x86_64openjdk8-sample< 1.8.0.222-1.ph3openjdk8-sample-1.8.0.222-1.ph3.x86_64.rpm
Photon3.0x86_64subversion-debuginfo< 1.10.2-5.ph3subversion-debuginfo-1.10.2-5.ph3.x86_64.rpm
Photon3.0x86_64python2-libs< 2.7.15-11.ph3python2-libs-2.7.15-11.ph3.x86_64.rpm
Photon3.0x86_64subversion< 1.10.2-5.ph3subversion-1.10.2-5.ph3.x86_64.rpm
Photon3.0x86_64openjdk8-src< 1.8.0.222-1.ph3openjdk8-src-1.8.0.222-1.ph3.x86_64.rpm
Photon3.0x86_64python2< 2.7.15-11.ph3python2-2.7.15-11.ph3.x86_64.rpm
Photon3.0x86_64python2-test< 2.7.15-11.ph3python2-test-2.7.15-11.ph3.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Photon	3.0	x86_64	sudo-debuginfo	< 1.8.23-2.ph3	sudo-debuginfo-1.8.23-2.ph3.x86_64.rpm
Photon	3.0	x86_64	unbound	< 1.8.0-2.ph3	unbound-1.8.0-2.ph3.x86_64.rpm
Photon	3.0	x86_64	unbound-devel	< 1.8.0-2.ph3	unbound-devel-1.8.0-2.ph3.x86_64.rpm
Photon	3.0	x86_64	openjdk8-sample	< 1.8.0.222-1.ph3	openjdk8-sample-1.8.0.222-1.ph3.x86_64.rpm
Photon	3.0	x86_64	subversion-debuginfo	< 1.10.2-5.ph3	subversion-debuginfo-1.10.2-5.ph3.x86_64.rpm
Photon	3.0	x86_64	python2-libs	< 2.7.15-11.ph3	python2-libs-2.7.15-11.ph3.x86_64.rpm
Photon	3.0	x86_64	subversion	< 1.10.2-5.ph3	subversion-1.10.2-5.ph3.x86_64.rpm
Photon	3.0	x86_64	openjdk8-src	< 1.8.0.222-1.ph3	openjdk8-src-1.8.0.222-1.ph3.x86_64.rpm
Photon	3.0	x86_64	python2	< 2.7.15-11.ph3	python2-2.7.15-11.ph3.x86_64.rpm
Photon	3.0	x86_64	python2-test	< 2.7.15-11.ph3	python2-test-2.7.15-11.ph3.x86_64.rpm