1. CVE-Search
  2. CVE-2019-14867
ID CVE-2019-14867
Summary A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger parsing of the krb principal key could cause the IPA server to crash or in some conditions, cause arbitrary code to be executed on the server hosting the IPA server.
References
Vulnerable Configurations
  • cpe:2.3:a:freeipa:freeipa:4.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freeipa:freeipa:4.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:freeipa:freeipa:4.8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 05-02-2020 - 00:15)
Impact:
Exploitability:
CWE CWE-94
CAPEC
  • Code Injection
    An adversary exploits a weakness in input validation on the target to inject new code into that which is currently executing. This differs from code inclusion in that code inclusion involves the addition or replacement of a reference to a code file, which is subsequently loaded by the target and used as part of the code of some application.
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
  • Manipulating User-Controlled Variables
    This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1773516
    title IPA upgrade fails for latest ipa package when adtrust is installed [rhel-8.1.0.z]
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • comment Module idm:DL1 is enabled
        oval oval:com.redhat.rhba:tst:20194268065
      • OR
        • AND
          • comment bind-dyndb-ldap is earlier than 0:11.1-14.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268001
          • comment bind-dyndb-ldap is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268002
        • AND
          • comment bind-dyndb-ldap-debugsource is earlier than 0:11.1-14.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268003
          • comment bind-dyndb-ldap-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268004
        • AND
          • comment custodia is earlier than 0:0.6.0-3.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268005
          • comment custodia is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268006
        • AND
          • comment ipa-client is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268007
          • comment ipa-client is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268008
        • AND
          • comment ipa-client-common is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268009
          • comment ipa-client-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268010
        • AND
          • comment ipa-client-samba is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268011
          • comment ipa-client-samba is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268012
        • AND
          • comment ipa-common is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268013
          • comment ipa-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268014
        • AND
          • comment ipa-debugsource is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268015
          • comment ipa-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268016
        • AND
          • comment ipa-healthcheck is earlier than 0:0.3-4.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268017
          • comment ipa-healthcheck is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268018
        • AND
          • comment ipa-idoverride-memberof-plugin is earlier than 0:0.0.4-6.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268019
          • comment ipa-idoverride-memberof-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268020
        • AND
          • comment ipa-python-compat is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268021
          • comment ipa-python-compat is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268022
        • AND
          • comment ipa-server is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268023
          • comment ipa-server is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268024
        • AND
          • comment ipa-server-common is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268025
          • comment ipa-server-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268026
        • AND
          • comment ipa-server-dns is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268027
          • comment ipa-server-dns is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268028
        • AND
          • comment ipa-server-trust-ad is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268029
          • comment ipa-server-trust-ad is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268030
        • AND
          • comment opendnssec is earlier than 0:1.4.14-1.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268031
          • comment opendnssec is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268032
        • AND
          • comment opendnssec-debugsource is earlier than 0:1.4.14-1.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268033
          • comment opendnssec-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268034
        • AND
          • comment python3-custodia is earlier than 0:0.6.0-3.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268035
          • comment python3-custodia is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268036
        • AND
          • comment python3-ipaclient is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268037
          • comment python3-ipaclient is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268038
        • AND
          • comment python3-ipalib is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268039
          • comment python3-ipalib is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268040
        • AND
          • comment python3-ipaserver is earlier than 0:4.8.0-13.module+el8.1.0+4923+c6efe041
            oval oval:com.redhat.rhba:tst:20194268041
          • comment python3-ipaserver is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268042
        • AND
          • comment python3-jwcrypto is earlier than 0:0.5.0-1.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268043
          • comment python3-jwcrypto is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268044
        • AND
          • comment python3-kdcproxy is earlier than 0:0.4-3.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268045
          • comment python3-kdcproxy is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268046
        • AND
          • comment python3-pyusb is earlier than 0:1.0.0-9.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268047
          • comment python3-pyusb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268048
        • AND
          • comment python3-qrcode is earlier than 0:5.1-12.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268049
          • comment python3-qrcode is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268050
        • AND
          • comment python3-qrcode-core is earlier than 0:5.1-12.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268051
          • comment python3-qrcode-core is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268052
        • AND
          • comment python3-yubico is earlier than 0:1.3.2-9.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268053
          • comment python3-yubico is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268054
        • AND
          • comment slapi-nis is earlier than 0:0.56.3-2.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268055
          • comment slapi-nis is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268056
        • AND
          • comment slapi-nis-debugsource is earlier than 0:0.56.3-2.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268057
          • comment slapi-nis-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268058
        • AND
          • comment softhsm is earlier than 0:2.4.0-2.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268059
          • comment softhsm is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268060
        • AND
          • comment softhsm-debugsource is earlier than 0:2.4.0-2.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268061
          • comment softhsm-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268062
        • AND
          • comment softhsm-devel is earlier than 0:2.4.0-2.module+el8.1.0+4098+f286395e
            oval oval:com.redhat.rhba:tst:20194268063
          • comment softhsm-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268064
    rhsa
    id RHBA-2019:4268
    released 2019-12-17
    severity Important
    title RHBA-2019:4268: idm:DL1 bug fix update (Important)
  • bugzilla
    id 1781153
    title After upgrade AD Trust Agents were removed from LDAP [rhel-7.7.z]
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment ipa-client is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378001
          • comment ipa-client is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268008
        • AND
          • comment ipa-client-common is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378003
          • comment ipa-client-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268010
        • AND
          • comment ipa-common is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378005
          • comment ipa-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268014
        • AND
          • comment ipa-python-compat is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378007
          • comment ipa-python-compat is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268022
        • AND
          • comment ipa-server is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378009
          • comment ipa-server is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268024
        • AND
          • comment ipa-server-common is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378011
          • comment ipa-server-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268026
        • AND
          • comment ipa-server-dns is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378013
          • comment ipa-server-dns is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268028
        • AND
          • comment ipa-server-trust-ad is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378015
          • comment ipa-server-trust-ad is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20194268030
        • AND
          • comment python2-ipaclient is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378017
          • comment python2-ipaclient is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170001020
        • AND
          • comment python2-ipalib is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378019
          • comment python2-ipalib is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170001022
        • AND
          • comment python2-ipaserver is earlier than 0:4.6.5-11.el7_7.4
            oval oval:com.redhat.rhsa:tst:20200378021
          • comment python2-ipaserver is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170001024
    rhsa
    id RHSA-2020:0378
    released 2020-02-04
    severity Important
    title RHSA-2020:0378: ipa security and bug fix update (Important)
rpms
  • bind-dyndb-ldap-0:11.1-14.module+el8.1.0+4098+f286395e
  • bind-dyndb-ldap-debuginfo-0:11.1-14.module+el8.1.0+4098+f286395e
  • bind-dyndb-ldap-debugsource-0:11.1-14.module+el8.1.0+4098+f286395e
  • custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e
  • ipa-client-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-client-common-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-client-debuginfo-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-client-samba-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-common-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-debuginfo-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-debugsource-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-healthcheck-0:0.3-4.module+el8.1.0+4098+f286395e
  • ipa-idoverride-memberof-plugin-0:0.0.4-6.module+el8.1.0+4098+f286395e
  • ipa-python-compat-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-server-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-server-common-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-server-debuginfo-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-server-dns-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-server-trust-ad-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • ipa-server-trust-ad-debuginfo-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • opendnssec-0:1.4.14-1.module+el8.1.0+4098+f286395e
  • opendnssec-debuginfo-0:1.4.14-1.module+el8.1.0+4098+f286395e
  • opendnssec-debugsource-0:1.4.14-1.module+el8.1.0+4098+f286395e
  • python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e
  • python3-ipaclient-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • python3-ipalib-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • python3-ipaserver-0:4.8.0-13.module+el8.1.0+4923+c6efe041
  • python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e
  • python3-kdcproxy-0:0.4-3.module+el8.1.0+4098+f286395e
  • python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e
  • python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e
  • python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e
  • python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e
  • slapi-nis-0:0.56.3-2.module+el8.1.0+4098+f286395e
  • slapi-nis-debuginfo-0:0.56.3-2.module+el8.1.0+4098+f286395e
  • slapi-nis-debugsource-0:0.56.3-2.module+el8.1.0+4098+f286395e
  • softhsm-0:2.4.0-2.module+el8.1.0+4098+f286395e
  • softhsm-debuginfo-0:2.4.0-2.module+el8.1.0+4098+f286395e
  • softhsm-debugsource-0:2.4.0-2.module+el8.1.0+4098+f286395e
  • softhsm-devel-0:2.4.0-2.module+el8.1.0+4098+f286395e
  • ipa-client-0:4.6.5-11.el7_7.4
  • ipa-client-common-0:4.6.5-11.el7_7.4
  • ipa-common-0:4.6.5-11.el7_7.4
  • ipa-debuginfo-0:4.6.5-11.el7_7.4
  • ipa-python-compat-0:4.6.5-11.el7_7.4
  • ipa-server-0:4.6.5-11.el7_7.4
  • ipa-server-common-0:4.6.5-11.el7_7.4
  • ipa-server-dns-0:4.6.5-11.el7_7.4
  • ipa-server-trust-ad-0:4.6.5-11.el7_7.4
  • python2-ipaclient-0:4.6.5-11.el7_7.4
  • python2-ipalib-0:4.6.5-11.el7_7.4
  • python2-ipaserver-0:4.6.5-11.el7_7.4
  • bind-dyndb-ldap-0:11.1-13.module+el8+2555+b334d87b
  • bind-dyndb-ldap-debuginfo-0:11.1-13.module+el8+2555+b334d87b
  • bind-dyndb-ldap-debugsource-0:11.1-13.module+el8+2555+b334d87b
  • custodia-0:0.6.0-2.module+el8+2555+b334d87b
  • ipa-client-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-client-common-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-client-debuginfo-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-common-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-debuginfo-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-debugsource-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-idoverride-memberof-plugin-0:0.0.4-6.module+el8+2555+b334d87b
  • ipa-python-compat-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-server-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-server-common-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-server-debuginfo-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-server-dns-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-server-trust-ad-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • ipa-server-trust-ad-debuginfo-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • opendnssec-0:1.4.14-1.module+el8+2555+b334d87b
  • opendnssec-debuginfo-0:1.4.14-1.module+el8+2555+b334d87b
  • opendnssec-debugsource-0:1.4.14-1.module+el8+2555+b334d87b
  • python3-custodia-0:0.6.0-2.module+el8+2555+b334d87b
  • python3-ipaclient-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • python3-ipalib-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • python3-ipaserver-0:4.7.1-12.module+el8.0.0+5776+863ecd37
  • python3-jwcrypto-0:0.5.0-1.module+el8+2555+b334d87b
  • python3-kdcproxy-0:0.4-3.module+el8+2555+b334d87b
  • python3-pyusb-0:1.0.0-9.module+el8+2555+b334d87b
  • python3-qrcode-0:5.1-11.module+el8+2555+b334d87b
  • python3-qrcode-core-0:5.1-11.module+el8+2555+b334d87b
  • python3-yubico-0:1.3.2-9.module+el8+2555+b334d87b
  • slapi-nis-0:0.56.2-7.module+el8+2555+b334d87b
  • slapi-nis-debuginfo-0:0.56.2-7.module+el8+2555+b334d87b
  • slapi-nis-debugsource-0:0.56.2-7.module+el8+2555+b334d87b
  • softhsm-0:2.4.0-2.module+el8+2555+b334d87b
  • softhsm-debuginfo-0:2.4.0-2.module+el8+2555+b334d87b
  • softhsm-debugsource-0:2.4.0-2.module+el8+2555+b334d87b
  • softhsm-devel-0:2.4.0-2.module+el8+2555+b334d87b
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14867
fedora
  • FEDORA-2019-8e9093da55
  • FEDORA-2019-c64e1612f5
misc
Last major update 05-02-2020 - 00:15
Published 27-11-2019 - 09:15
Last modified 05-02-2020 - 00:15
Back to Top