-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: sysstat security update Advisory ID: RHSA-2020:4638-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4638 Issue date: 2020-11-03 CVE Names: CVE-2019-16167 ==================================================================== 1. Summary: An update for sysstat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security Fix(es): * sysstat: memory corruption due to an integer overflow in remap_struct in sa_common.c (CVE-2019-16167) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1768970 - CVE-2019-16167 sysstat: memory corruption due to an integer overflow in remap_struct in sa_common.c 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: sysstat-11.7.3-5.el8.src.rpm aarch64: sysstat-11.7.3-5.el8.aarch64.rpm sysstat-debuginfo-11.7.3-5.el8.aarch64.rpm sysstat-debugsource-11.7.3-5.el8.aarch64.rpm ppc64le: sysstat-11.7.3-5.el8.ppc64le.rpm sysstat-debuginfo-11.7.3-5.el8.ppc64le.rpm sysstat-debugsource-11.7.3-5.el8.ppc64le.rpm s390x: sysstat-11.7.3-5.el8.s390x.rpm sysstat-debuginfo-11.7.3-5.el8.s390x.rpm sysstat-debugsource-11.7.3-5.el8.s390x.rpm x86_64: sysstat-11.7.3-5.el8.x86_64.rpm sysstat-debuginfo-11.7.3-5.el8.x86_64.rpm sysstat-debugsource-11.7.3-5.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-16167 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX6IyNdzjgjWX9erEAQgysxAAjN6HSr3mvmEvdETwgR2TX8aYIelAbQrw 4IOYE6NWivPvqSa0jx+LvVGucVvv9PW9ingZyWB+8QyEsYt7L3D4bF21nw2lb02O 7UvQjTW2FG5hZJEt8Jn0ZsmZJ3r06ZW1gHlaPuklE74skTgPIlMsZEnNE+098T4/ 5ppucyxN3B7GGXfTPjsMAV4rrRrQY7B3QXKudGkwS9nHe2Pd11DgnW/AaZ2tb/xH wRuZKexs++B8l/73tftltfOhpC7iOyHlzD1B/2VzNqLWymyJztKkheCYnIWKDCoO c2wJgpC/lug2oTv12ccHwSsQZkq4NVWGYQ5nN4wsEIg4s1nEExXtJ3Exv6H/mIMt e3vth0NGaccvHAdZSzKvgHnntb6uf3ninnN2QGdDhyZvs4wj2hBzQZlH8Z6kfnSn PAskhh/N3TMEkIXR1s0S4VPup0Dfdt6ShVJsLLaUYWRs1Er4Co1JEsCtGJD4OVTr EnFTZJGFZK0s4k/8RFM6Jj/Z1pN3Cr+tLmjO7unGHAn7fRNVFV+/E3hyCsH9/mw4 xnvop4Ymz6B03Ws/G1CY2Kjyd0WIKL5o18kVEyD0qht/ppzV3tZzTAOmqsTwSZyu WmCv/Q6vh07gZB9P4r5HBpXxq01AauxAnlnz000w2FYpghs8eVg1ZiTm8PMQ++UO gvD3WIAuCRk=ybnG -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce