-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Low: sysstat security update
Advisory ID:       RHSA-2022:0633-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:0633
Issue date:        2022-02-22
CVE Names:         CVE-2019-16167 
=====================================================================

1. Summary:

An update for sysstat is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

The sysstat packages provide the sar and iostat commands. These commands
enable system monitoring of disk, network, and other I/O activity.

Security Fix(es):

* sysstat: memory corruption due to an integer overflow in remap_struct in
sa_common.c (CVE-2019-16167)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1768970 - CVE-2019-16167 sysstat: memory corruption due to an integer overflow in remap_struct in sa_common.c

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:
sysstat-11.7.3-2.el8_2.1.src.rpm

aarch64:
sysstat-11.7.3-2.el8_2.1.aarch64.rpm
sysstat-debuginfo-11.7.3-2.el8_2.1.aarch64.rpm
sysstat-debugsource-11.7.3-2.el8_2.1.aarch64.rpm

ppc64le:
sysstat-11.7.3-2.el8_2.1.ppc64le.rpm
sysstat-debuginfo-11.7.3-2.el8_2.1.ppc64le.rpm
sysstat-debugsource-11.7.3-2.el8_2.1.ppc64le.rpm

s390x:
sysstat-11.7.3-2.el8_2.1.s390x.rpm
sysstat-debuginfo-11.7.3-2.el8_2.1.s390x.rpm
sysstat-debugsource-11.7.3-2.el8_2.1.s390x.rpm

x86_64:
sysstat-11.7.3-2.el8_2.1.x86_64.rpm
sysstat-debuginfo-11.7.3-2.el8_2.1.x86_64.rpm
sysstat-debugsource-11.7.3-2.el8_2.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-16167
https://access.redhat.com/security/updates/classification/#low

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYhVgO9zjgjWX9erEAQh8ixAAiJU1mMW9vIQt3zB/GDfgzbpGH3/TRQac
hRAbDX7VVnqy/sTagtnvQqdcgh1BgQFxgILVqV5hRq9jANkPA1jMv6e657o8i/r2
+laV9sD3LzNdkEFN7kRFozBFAVoVJHcyPA3ncDhfZ/3RVBWg6pMXdYXADlmIuYF3
3iu1S4tPkCZ+bFbJMiSNPyiMS5pxcUQvLDXArwkOSeflmr68OBOf3ULvA4xsH94t
7zE1IACmFmAsXzpc/K+XyHa85i9IXSb5TXyMvklWiAWaHy/HuPB41gKS3W9ghFgl
XDMUAk7Dt2qWvqQnn6PNmhg9awp3d1mh5780u78acyYQQMlCkoBUU+DD4ygZ42Ln
Woixv68gObJV445ivC09eMToRbewMJho0QfmRaJc8OPPf0llhAO2rudpZS0MFVSu
L2+TB73PGokSjkJi13x73sgtrz2HvkmXRrn/8dKdVKLMIaluvQMhjDPt3iqiEuka
xPvPr6KJ6XQPY64xu9FZWGSb+9XceArEL+1nET5FA+eu8ZW7xRw/NBHgLIDrD7yH
5pqtbPgnLxhSFGamPUXv1GvNd75N7jmz9JCEUnilpwdQzAqRxjVuseEicOApUC5j
17EmC1oaNulApRbKg0g9sqzevkq/sw5ew0ZXbtqImDwQzvvyq1DmUZCcOqFhTBmV
VA2btDBAOL8=
=5Zom
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce