Issued:: 2020-11-10
Updated:: 2020-11-10

RHSA-2020:4999 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: unixODBC security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for unixODBC is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol.

Security Fix(es):

unixODBC: Buffer overflow in unicode_to_ansi_copy() can lead to crash or other unspecified impact (CVE-2018-7409)
unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c (CVE-2018-7485)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
Red Hat Enterprise Linux Server - AUS 7.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
Red Hat Enterprise Linux Server - TUS 7.6 x86_64
Red Hat Enterprise Linux for ARM 64 7 aarch64
Red Hat Enterprise Linux for Power 9 7 ppc64le
Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6 x86_64
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

BZ - 1548305 - CVE-2018-7409 unixODBC: Buffer overflow in unicode_to_ansi_copy() can lead to crash or other unspecified impact
BZ - 1549636 - CVE-2018-7485 unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
x86_64
unixODBC-2.3.1-14.el7_6.i686.rpm	SHA-256: 9a97d5301e71ab0caaba9dd5b9d7d32712b874fd8e98a56c17aa294628d4f604
unixODBC-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 98abf8398c4a5cde4c47d1171f1025caf9dfea6bff1914d06bc474550ce13ac1
unixODBC-debuginfo-2.3.1-14.el7_6.i686.rpm	SHA-256: 9b7b6c03fea5e97720c961e995a9ee36b42ce7064b23a460c0b7aea3c6df0846
unixODBC-debuginfo-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 1bd4a4189c7e7f6c173a794ea8ab0a4cb424c188a528a84ac4002e4de3d45556
unixODBC-devel-2.3.1-14.el7_6.i686.rpm	SHA-256: 6d7d275e38904b50970c513f76f7ca2e1ae409165134c3c38c2062bdf1ee4cb6
unixODBC-devel-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 6e29a560dbc8f9a04008f679d65a876074d163496af4e898fcf4e6c60e1b1c4b

Red Hat Enterprise Linux Server - AUS 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
x86_64
unixODBC-2.3.1-14.el7_6.i686.rpm	SHA-256: 9a97d5301e71ab0caaba9dd5b9d7d32712b874fd8e98a56c17aa294628d4f604
unixODBC-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 98abf8398c4a5cde4c47d1171f1025caf9dfea6bff1914d06bc474550ce13ac1
unixODBC-debuginfo-2.3.1-14.el7_6.i686.rpm	SHA-256: 9b7b6c03fea5e97720c961e995a9ee36b42ce7064b23a460c0b7aea3c6df0846
unixODBC-debuginfo-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 1bd4a4189c7e7f6c173a794ea8ab0a4cb424c188a528a84ac4002e4de3d45556
unixODBC-devel-2.3.1-14.el7_6.i686.rpm	SHA-256: 6d7d275e38904b50970c513f76f7ca2e1ae409165134c3c38c2062bdf1ee4cb6
unixODBC-devel-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 6e29a560dbc8f9a04008f679d65a876074d163496af4e898fcf4e6c60e1b1c4b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
s390x
unixODBC-2.3.1-14.el7_6.s390.rpm	SHA-256: a189bddf5f78f03e83e3cb417bac5b009055cc51d2427954041581362123b8ec
unixODBC-2.3.1-14.el7_6.s390x.rpm	SHA-256: f2ab62d65800c68007ec31931873dd8a216fb9effe4eb6bfa4e737833eaaa7b9
unixODBC-debuginfo-2.3.1-14.el7_6.s390.rpm	SHA-256: 11247b5522ad38eec1d99ac26e0298454667da2516a2146e2f8532b66d3e6924
unixODBC-debuginfo-2.3.1-14.el7_6.s390x.rpm	SHA-256: 6bdd9fe739ee1f0c6e3f7fc3b252bf18e3a6a2f4b1b9f8832628141424e5256b
unixODBC-devel-2.3.1-14.el7_6.s390.rpm	SHA-256: 6c5138ec3019108a0309268c9baafe154a04300817f9d4d226276ca8c9faa589
unixODBC-devel-2.3.1-14.el7_6.s390x.rpm	SHA-256: ba2d4137014deb35faa96418832cd0866a66396f30e10df4ad127ce9df9a1713

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
ppc64
unixODBC-2.3.1-14.el7_6.ppc.rpm	SHA-256: 76e1471025d441ab235af71d556ff20816bc1899430be1b0e9d981c5e7ccf3c6
unixODBC-2.3.1-14.el7_6.ppc64.rpm	SHA-256: 10ae5c02859de79ce3b06168eb60c0ffa1768e498b7bd23716c480cea0a4595b
unixODBC-debuginfo-2.3.1-14.el7_6.ppc.rpm	SHA-256: 95c8b343cd041733296ae10b6d5a2399915d5f971ccf84c59da7ae27ea71dcfa
unixODBC-debuginfo-2.3.1-14.el7_6.ppc64.rpm	SHA-256: b46b30b439d9c02396bb2c71f5c4d1fe1a5be5da7ffcec36abb0d943988d05f3
unixODBC-devel-2.3.1-14.el7_6.ppc.rpm	SHA-256: ec8c866f61691117ebdf9e7fd0a187910530f31ccd214202e2edb208d929f2d0
unixODBC-devel-2.3.1-14.el7_6.ppc64.rpm	SHA-256: 4bab3090cadedc829fa768a0a7cfd167df7382b12454918a190b352637dfdf4b

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
ppc64le
unixODBC-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: 76e020c3028ac3c7bd9f8ae9fcdf860f8dc5463404ded2b2417193e66c6df193
unixODBC-debuginfo-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: cd19003effba2d38bb672a55893c634759afa0a171d4c568158de0eaaaf5618a
unixODBC-devel-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: cede05bd4baa1f5a3ff9ab99df0456e7ae6d6e87b7c970ca58719bcc7f8736a2

Red Hat Enterprise Linux Server - TUS 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
x86_64
unixODBC-2.3.1-14.el7_6.i686.rpm	SHA-256: 9a97d5301e71ab0caaba9dd5b9d7d32712b874fd8e98a56c17aa294628d4f604
unixODBC-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 98abf8398c4a5cde4c47d1171f1025caf9dfea6bff1914d06bc474550ce13ac1
unixODBC-debuginfo-2.3.1-14.el7_6.i686.rpm	SHA-256: 9b7b6c03fea5e97720c961e995a9ee36b42ce7064b23a460c0b7aea3c6df0846
unixODBC-debuginfo-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 1bd4a4189c7e7f6c173a794ea8ab0a4cb424c188a528a84ac4002e4de3d45556
unixODBC-devel-2.3.1-14.el7_6.i686.rpm	SHA-256: 6d7d275e38904b50970c513f76f7ca2e1ae409165134c3c38c2062bdf1ee4cb6
unixODBC-devel-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 6e29a560dbc8f9a04008f679d65a876074d163496af4e898fcf4e6c60e1b1c4b

Red Hat Enterprise Linux for ARM 64 7

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
aarch64
unixODBC-2.3.1-14.el7_6.aarch64.rpm	SHA-256: 1135386a83b1eab22ea253615223d2ae929a74c9a80903431b204e4357ebe931
unixODBC-debuginfo-2.3.1-14.el7_6.aarch64.rpm	SHA-256: de415793d872af9408c9a264f38dc78c056a6a94b07d01d883db4c2e9f101618
unixODBC-devel-2.3.1-14.el7_6.aarch64.rpm	SHA-256: 0aa941230f26a9a0d1340adbc442f1ec64a86e39aed1aa46cdd218b1640696a3

Red Hat Enterprise Linux for Power 9 7

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
ppc64le
unixODBC-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: 76e020c3028ac3c7bd9f8ae9fcdf860f8dc5463404ded2b2417193e66c6df193
unixODBC-debuginfo-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: cd19003effba2d38bb672a55893c634759afa0a171d4c568158de0eaaaf5618a
unixODBC-devel-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: cede05bd4baa1f5a3ff9ab99df0456e7ae6d6e87b7c970ca58719bcc7f8736a2

Red Hat Enterprise Linux EUS Compute Node 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
x86_64
unixODBC-2.3.1-14.el7_6.i686.rpm	SHA-256: 9a97d5301e71ab0caaba9dd5b9d7d32712b874fd8e98a56c17aa294628d4f604
unixODBC-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 98abf8398c4a5cde4c47d1171f1025caf9dfea6bff1914d06bc474550ce13ac1
unixODBC-debuginfo-2.3.1-14.el7_6.i686.rpm	SHA-256: 9b7b6c03fea5e97720c961e995a9ee36b42ce7064b23a460c0b7aea3c6df0846
unixODBC-debuginfo-2.3.1-14.el7_6.i686.rpm	SHA-256: 9b7b6c03fea5e97720c961e995a9ee36b42ce7064b23a460c0b7aea3c6df0846
unixODBC-debuginfo-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 1bd4a4189c7e7f6c173a794ea8ab0a4cb424c188a528a84ac4002e4de3d45556
unixODBC-debuginfo-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 1bd4a4189c7e7f6c173a794ea8ab0a4cb424c188a528a84ac4002e4de3d45556
unixODBC-devel-2.3.1-14.el7_6.i686.rpm	SHA-256: 6d7d275e38904b50970c513f76f7ca2e1ae409165134c3c38c2062bdf1ee4cb6
unixODBC-devel-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 6e29a560dbc8f9a04008f679d65a876074d163496af4e898fcf4e6c60e1b1c4b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
ppc64le
unixODBC-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: 76e020c3028ac3c7bd9f8ae9fcdf860f8dc5463404ded2b2417193e66c6df193
unixODBC-debuginfo-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: cd19003effba2d38bb672a55893c634759afa0a171d4c568158de0eaaaf5618a
unixODBC-devel-2.3.1-14.el7_6.ppc64le.rpm	SHA-256: cede05bd4baa1f5a3ff9ab99df0456e7ae6d6e87b7c970ca58719bcc7f8736a2

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
x86_64
unixODBC-2.3.1-14.el7_6.i686.rpm	SHA-256: 9a97d5301e71ab0caaba9dd5b9d7d32712b874fd8e98a56c17aa294628d4f604
unixODBC-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 98abf8398c4a5cde4c47d1171f1025caf9dfea6bff1914d06bc474550ce13ac1
unixODBC-debuginfo-2.3.1-14.el7_6.i686.rpm	SHA-256: 9b7b6c03fea5e97720c961e995a9ee36b42ce7064b23a460c0b7aea3c6df0846
unixODBC-debuginfo-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 1bd4a4189c7e7f6c173a794ea8ab0a4cb424c188a528a84ac4002e4de3d45556
unixODBC-devel-2.3.1-14.el7_6.i686.rpm	SHA-256: 6d7d275e38904b50970c513f76f7ca2e1ae409165134c3c38c2062bdf1ee4cb6
unixODBC-devel-2.3.1-14.el7_6.x86_64.rpm	SHA-256: 6e29a560dbc8f9a04008f679d65a876074d163496af4e898fcf4e6c60e1b1c4b

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
unixODBC-2.3.1-14.el7_6.src.rpm	SHA-256: 42520b5ea7d96e9220eb4446d027c52b4a8dc08f2ae7d34ff2d97232cf609e66
s390x
unixODBC-2.3.1-14.el7_6.s390.rpm	SHA-256: a189bddf5f78f03e83e3cb417bac5b009055cc51d2427954041581362123b8ec
unixODBC-2.3.1-14.el7_6.s390x.rpm	SHA-256: f2ab62d65800c68007ec31931873dd8a216fb9effe4eb6bfa4e737833eaaa7b9
unixODBC-debuginfo-2.3.1-14.el7_6.s390.rpm	SHA-256: 11247b5522ad38eec1d99ac26e0298454667da2516a2146e2f8532b66d3e6924
unixODBC-debuginfo-2.3.1-14.el7_6.s390x.rpm	SHA-256: 6bdd9fe739ee1f0c6e3f7fc3b252bf18e3a6a2f4b1b9f8832628141424e5256b
unixODBC-devel-2.3.1-14.el7_6.s390.rpm	SHA-256: 6c5138ec3019108a0309268c9baafe154a04300817f9d4d226276ca8c9faa589
unixODBC-devel-2.3.1-14.el7_6.s390x.rpm	SHA-256: ba2d4137014deb35faa96418832cd0866a66396f30e10df4ad127ce9df9a1713

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation