From fabrice.bacchella at orange.fr Wed Jun 28 11:10:56 2017 Content-Type: multipart/mixed; boundary="===============3104249141131746045==" MIME-Version: 1.0 From: Fabrice Bacchella To: users at ovirt.org Subject: [ovirt-users] CVE-2017-1000364 Date: Wed, 28 Jun 2017 13:10:53 +0200 Message-ID: --===============3104249141131746045== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable --Apple-Mail=3D_20AEF292-DDDF-4529-9D86-C32D388FE114 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=3Dus-ascii Distributions like Redhat and Ubuntu issued a buggy patch for =3D CVE-2017-1000364. http://www.openwall.com/lists/oss-security/2017/06/22/6 =3D Many applications are affected: =3D20 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1698919 =3D Did oVirt's team did check it ? Can we safely apply this patch ?=3D --Apple-Mail=3D_20AEF292-DDDF-4529-9D86-C32D388FE114 Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=3Dus-ascii

Distributions like Redhat and Ubuntu issued a buggy patch for CVE-2017-100= 0364.

http://= www.openwall.com/lists/oss-security/2017/06/22/6

<= br class=3D"">

Many applications are affected:

https://bugs.launchpad.net/ubuntu/+sourc= e/linux/+bug/1698919

Did oVirt's team did check it ? Can we safely apply this patch ?

--Apple-Mail=3D_20AEF292-DDDF-4529-9D86-C32D388FE114-- --===============3104249141131746045== Content-Type: multipart/alternative MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="attachment.bin" Ci0tQXBwbGUtTWFpbD1fMjBBRUYyOTItRERERi00NTI5LTlEODYtQzMyRDM4OEZFMTE0CkNvbnRl bnQtVHJhbnNmZXItRW5jb2Rpbmc6IHF1b3RlZC1wcmludGFibGUKQ29udGVudC1UeXBlOiB0ZXh0 L3BsYWluOwoJY2hhcnNldD11cy1hc2NpaQoKRGlzdHJpYnV0aW9ucyBsaWtlIFJlZGhhdCBhbmQg VWJ1bnR1IGlzc3VlZCBhIGJ1Z2d5IHBhdGNoIGZvciA9CkNWRS0yMDE3LTEwMDAzNjQuCgpodHRw Oi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNy8wNi8yMi82ID0KPGh0 dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzA2LzIyLzY+CgpN YW55IGFwcGxpY2F0aW9ucyBhcmUgYWZmZWN0ZWQ6Cj0yMApodHRwczovL2J1Z3MubGF1bmNocGFk Lm5ldC91YnVudHUvK3NvdXJjZS9saW51eC8rYnVnLzE2OTg5MTkgPQo8aHR0cHM6Ly9idWdzLmxh dW5jaHBhZC5uZXQvdWJ1bnR1Lytzb3VyY2UvbGludXgvK2J1Zy8xNjk4OTE5PgoKRGlkIG9WaXJ0 J3MgdGVhbSBkaWQgY2hlY2sgaXQgPyBDYW4gd2Ugc2FmZWx5IGFwcGx5IHRoaXMgcGF0Y2ggPz0K Ci0tQXBwbGUtTWFpbD1fMjBBRUYyOTItRERERi00NTI5LTlEODYtQzMyRDM4OEZFMTE0CkNvbnRl bnQtVHJhbnNmZXItRW5jb2Rpbmc6IDdiaXQKQ29udGVudC1UeXBlOiB0ZXh0L2h0bWw7CgljaGFy c2V0PXVzLWFzY2lpCgo8aHRtbD48aGVhZD48bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUi IGNvbnRlbnQ9InRleHQvaHRtbCBjaGFyc2V0PXVzLWFzY2lpIj48L2hlYWQ+PGJvZHkgc3R5bGU9 IndvcmQtd3JhcDogYnJlYWstd29yZDsgLXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNlOyAtd2Via2l0 LWxpbmUtYnJlYWs6IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+PGRpdiBjbGFzcz0iIj5E aXN0cmlidXRpb25zIGxpa2UgUmVkaGF0IGFuZCBVYnVudHUgaXNzdWVkIGEgYnVnZ3kgcGF0Y2gg Zm9yIENWRS0yMDE3LTEwMDAzNjQuPC9kaXY+PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+PC9k aXY+PGRpdiBjbGFzcz0iIj48YSBocmVmPSJodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9v c3Mtc2VjdXJpdHkvMjAxNy8wNi8yMi82IiBjbGFzcz0iIj5odHRwOi8vd3d3Lm9wZW53YWxsLmNv bS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNy8wNi8yMi82PC9hPjwvZGl2PjxkaXYgY2xhc3M9IiI+ PGJyIGNsYXNzPSIiPjwvZGl2PjxkaXYgY2xhc3M9IiI+TWFueSBhcHBsaWNhdGlvbnMgYXJlIGFm ZmVjdGVkOjwvZGl2PjxkaXYgY2xhc3M9IiI+Jm5ic3A7PC9kaXY+PGEgaHJlZj0iaHR0cHM6Ly9i dWdzLmxhdW5jaHBhZC5uZXQvdWJ1bnR1Lytzb3VyY2UvbGludXgvK2J1Zy8xNjk4OTE5IiBjbGFz cz0iIj5odHRwczovL2J1Z3MubGF1bmNocGFkLm5ldC91YnVudHUvK3NvdXJjZS9saW51eC8rYnVn LzE2OTg5MTk8L2E+PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+PC9kaXY+PGRpdiBjbGFzcz0i Ij5EaWQgb1ZpcnQncyB0ZWFtIGRpZCBjaGVjayBpdCA/IENhbiB3ZSBzYWZlbHkgYXBwbHkgdGhp cyBwYXRjaCA/PC9kaXY+PC9ib2R5PjwvaHRtbD4KLS1BcHBsZS1NYWlsPV8yMEFFRjI5Mi1ERERG LTQ1MjktOUQ4Ni1DMzJEMzg4RkUxMTQtLQo= --===============3104249141131746045==--