Issued:: 2018-03-15
Updated:: 2018-03-15

RHSA-2018:0528 - Security Advisory

Overview
Updated Packages

Synopsis

Low: erlang security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for erlang is now available for Red Hat OpenStack Platform 9.0 (Mitaka).

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance.

Security Fix(es):

An erlang TLS server configured with cipher suites using RSA key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA. This may result in plain-text recovery of encrypted messages and/or a man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server’s private key itself. (CVE-2017-1000385)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenStack 9 x86_64

Fixes

BZ - 1520400 - CVE-2017-1000385 erlang: TLS server vulnerable to Adaptive Chosen Ciphertext attack allowing plaintext recovery or MITM attack

CVEs

CVE-2017-1000385

References

https://access.redhat.com/security/updates/classification/#low

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 9

SRPM
erlang-18.3.4.7-1.el7ost.src.rpm	SHA-256: 8ba3e69a746032203a18d3da421774cc867eddda036e17daa93e9d8dcbd22ad3
x86_64
erlang-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 52aa732c99415b10caa4795a0ca6e659aaad960524b37bee19305785b7dba665
erlang-asn1-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 03bfe7f03a0b3586899090c04d34732874453a9c3ee168a297d7d75b59570542
erlang-compiler-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 55db3664a7fee539f4e8f32494280b65b58e18d688ea4e534de795ce09ffb5bb
erlang-cosEvent-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: ccc90a4bfbdc6d80d9b02c43b9f95c243f36d5fdceba4cf27efd934f355805f8
erlang-cosEventDomain-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 3f300753e55519376de49f6384a3b7883fbe7222a28757c89fb1001063f3bf29
erlang-cosFileTransfer-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: b7ba1c859c6e871f0a27c924ded9c38a80481e9acb15cd5d53dcf925868f8021
erlang-cosNotification-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 1ea5cb9ac1b5354e70facde4e7082b7ea18dde000bff313c12d9a29b6589b49e
erlang-cosProperty-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 2337a18a63b25ad0f9aa591dbce6871f8b2014e5b0338e823eec7e90457cff7a
erlang-cosTime-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 5668299ca92739753991a70eb4112a6d26a0ea273721108ff0cc447b8788cf8b
erlang-cosTransactions-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: c672c09b7ba80f725c16fac26a58e398784cb54e3f04a3a1931c0b1fd751fab0
erlang-crypto-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: c4f9e00fd6abdcf22f2f8ea66fc370c28a24deb5520ec4f64178a09448bd7174
erlang-debuginfo-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 35222fd9714fb2561df61e112f80703905549575f3a2cf9b4d1b9bd26d92cbba
erlang-diameter-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 1250fbf572b3d0220e89c6b440c5cec619c773daa968b86a10733e62e452aac5
erlang-edoc-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 49fe64380d811a87562dd7bbb121c6ad171b34c4da49560f2fc55f42df276842
erlang-eldap-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 11f9ed3efccd55721b031b68ab481f7fbf74e4e2a605ee5591c3aeda3b44a91e
erlang-erl_docgen-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 89416d1b277b8444f6f3cfeeb096d153768b05af58507e9fb27d5da730574cd2
erlang-erl_interface-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: c1e3d41789369ff5176f454db00ddcbda27737839207ecbe141927dfb204ee16
erlang-erts-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 56f51eb46ee2ccceaa46225652757215b863025f52e5efbcf65d7ee2c7f0b04a
erlang-eunit-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: ed76d388921a99c67e3446ab6f0f2e4431c27d8aca0f0d93c3f3ad87e8192cbc
erlang-hipe-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: cbf347ab14247134365654313ee7b268f2eab926160323c764b50e3db170e5a2
erlang-ic-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: a0bd3dc59a83c4fdddf0b040d683af4beaa82bd63a72dd7ac761c7059dcee96c
erlang-inets-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 67027036237394e3892b4ada159c1da971c77c0035e9af26e537172026f834b5
erlang-kernel-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: d0907e9fe478cb5bed9728e3264eb374bc2da5013358eae3c8683cbae0e6055b
erlang-mnesia-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 6e146c5be1e01124d964e32441601cfc110d5545901a4c7e5d8ef8607d58437a
erlang-odbc-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: b03e913abcec4d13d81e616bb54b86bee37a54534d4730ec8be0395807a5d40a
erlang-orber-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 9547ef4d84a982305a1fab0ab387115dd5727a7cef26ed41347b51da7431ef67
erlang-os_mon-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 6d0f5888de3e360c85acb5f63acb3ea961e03e08663c10f4b1c53bc879818d8a
erlang-ose-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 74064a9266d7a40ee018acf20dac5966637f84b336d9af2267c9bebf5c58dcee
erlang-otp_mibs-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: f9aa0c26767bb7386f1f926f3c3bd10ec60c88e1b7fa57771c507b25fc6fbf62
erlang-parsetools-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 73da3b062c5bad611b4f2792c1dac51247a54e8914d05603f59d84eddfb535cb
erlang-percept-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: abef7f08f0a4264644b55b4d90875c3ff945f34e703ca20021db69180ff1aaa7
erlang-public_key-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 68f6ccb3c73b6689ecc9cdd6cce1399c213e7e5a181b4ea63ac408f570b6b918
erlang-runtime_tools-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 8a5ba985eb410f0eafa04c01529d5007af0b888ed276705c78a23d052bafbfa7
erlang-sasl-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: ad2369ad46f38307b44fdbb1455b56d57e69eab5dd0ba085824093e80d1d4fcc
erlang-snmp-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: db0fdb2bf823370347d0bf578f626e8ff5a67e11cfef3ea468e1f363681a5f83
erlang-ssh-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 039043c183728238140f9aab955da3b6df0c1a794954077937f6e6ea04accb09
erlang-ssl-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: fccb82fd88a4fdd37a0b0fb5791fab1fc507140b1cc92f5126917078f659c9ce
erlang-stdlib-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 7b532932bedba5d27449df71c9cc7abbfb8d87438f79df8604d84dc3ae6b8de0
erlang-syntax_tools-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: fe412370cad21c1636362150df4595ee43f9f714747790b792e1152b1c7e8534
erlang-tools-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 44bb6c8d94d77081838c4fabf7241d97d0a84663a420c7e2822a0a654753d138
erlang-xmerl-18.3.4.7-1.el7ost.x86_64.rpm	SHA-256: 2cd1dde25d5a94259b98ff84281b5ce29ee5c2eee056bbc3762b7951a84eb950

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation