RHSA-2022:0473: Red Hat Security Advisory: aide security update

Skip to navigation Skip to main content

Utilities

• Subscriptions
• Downloads
• Containers
• Support Cases

Infrastructure and Management

• Red Hat Enterprise Linux
• Red Hat Virtualization
• Red Hat Identity Management
• Red Hat Directory Server
• Red Hat Certificate System
• Red Hat Satellite
• Red Hat Subscription Management
• Red Hat Update Infrastructure
• Red Hat Insights
• Red Hat Ansible Automation Platform

Cloud Computing

• Red Hat OpenShift
• Red Hat CloudForms
• Red Hat OpenStack Platform
• Red Hat OpenShift Container Platform
• Red Hat OpenShift Data Science
• Red Hat OpenShift Online
• Red Hat OpenShift Dedicated
• Red Hat Advanced Cluster Security for Kubernetes
• Red Hat Advanced Cluster Management for Kubernetes
• Red Hat Quay
• Red Hat CodeReady Workspaces
• Red Hat OpenShift Service on AWS

Storage

• Red Hat Gluster Storage
• Red Hat Hyperconverged Infrastructure
• Red Hat Ceph Storage
• Red Hat OpenShift Data Foundation

Runtimes

• Red Hat Runtimes
• Red Hat JBoss Enterprise Application Platform
• Red Hat Data Grid
• Red Hat JBoss Web Server
• Red Hat Single Sign On
• Red Hat support for Spring Boot
• Red Hat build of Node.js
• Red Hat build of Thorntail
• Red Hat build of Eclipse Vert.x
• Red Hat build of OpenJDK
• Red Hat build of Quarkus
• Red Hat CodeReady Studio

Integration and Automation

• Red Hat Process Automation
• Red Hat Process Automation Manager
• Red Hat Decision Manager

All Products

Issued:

2022-02-08

Updated:

2022-02-08

RHSA-2022:0473 - Security Advisory

• Overview
• Updated Packages

Synopsis

Important: aide security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for aide is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Advanced Intrusion Detection Environment (AIDE) is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions.

Security Fix(es):

• aide: heap-based buffer overflow on outputs larger than B64_BUF (CVE-2021-45417)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux for IBM z Systems 7 s390x
• Red Hat Enterprise Linux for Power, big endian 7 ppc64
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

• BZ - 2041489 - CVE-2021-45417 aide: heap-based buffer overflow on outputs larger than B64_BUF

Red Hat Enterprise Linux Server 7

SRPM

aide-0.15.1-13.el7_9.1.src.rpm

SHA-256: aeeb13045e8b49871dda943489376cdfc2c060cc37ac878c67975c50b5808240

x86_64

aide-0.15.1-13.el7_9.1.x86_64.rpm

SHA-256: 2c90cc38f86ea98bbd882944bdbad256e1a6c0efc91f5ebef367f60d04a721b6

aide-debuginfo-0.15.1-13.el7_9.1.x86_64.rpm

SHA-256: f721fd34c98220b06ec678a9b1045250971920a6783ceb9233fa11e53e742a74

Red Hat Enterprise Linux Workstation 7

SRPM

aide-0.15.1-13.el7_9.1.src.rpm

SHA-256: aeeb13045e8b49871dda943489376cdfc2c060cc37ac878c67975c50b5808240

x86_64

aide-0.15.1-13.el7_9.1.x86_64.rpm

SHA-256: 2c90cc38f86ea98bbd882944bdbad256e1a6c0efc91f5ebef367f60d04a721b6

aide-debuginfo-0.15.1-13.el7_9.1.x86_64.rpm

SHA-256: f721fd34c98220b06ec678a9b1045250971920a6783ceb9233fa11e53e742a74

Red Hat Enterprise Linux Desktop 7

SRPM

aide-0.15.1-13.el7_9.1.src.rpm

SHA-256: aeeb13045e8b49871dda943489376cdfc2c060cc37ac878c67975c50b5808240

x86_64

aide-0.15.1-13.el7_9.1.x86_64.rpm

SHA-256: 2c90cc38f86ea98bbd882944bdbad256e1a6c0efc91f5ebef367f60d04a721b6

aide-debuginfo-0.15.1-13.el7_9.1.x86_64.rpm

SHA-256: f721fd34c98220b06ec678a9b1045250971920a6783ceb9233fa11e53e742a74

Red Hat Enterprise Linux for IBM z Systems 7

SRPM

aide-0.15.1-13.el7_9.1.src.rpm

SHA-256: aeeb13045e8b49871dda943489376cdfc2c060cc37ac878c67975c50b5808240

s390x

aide-0.15.1-13.el7_9.1.s390x.rpm

SHA-256: d34f1f973bb0b59b35ebcb6416f43133dcb3bc5c1e5b9a144e088ac8da399b68

aide-debuginfo-0.15.1-13.el7_9.1.s390x.rpm

SHA-256: d935fe9b0eaba53e061d7115f64e9996c3c10a5b3c4ef62f093e5b7313b89217

Red Hat Enterprise Linux for Power, big endian 7

SRPM

aide-0.15.1-13.el7_9.1.src.rpm

SHA-256: aeeb13045e8b49871dda943489376cdfc2c060cc37ac878c67975c50b5808240

ppc64

aide-0.15.1-13.el7_9.1.ppc64.rpm

SHA-256: 9ace8a51d79fd8286db5d738b7166305016478d3b5eda59cb870d664b4918438

aide-debuginfo-0.15.1-13.el7_9.1.ppc64.rpm

SHA-256: ba180c41b5687fbb51d78c6e3dafebdd6673ed934e47a86b63307498eaf4d4e1

Red Hat Enterprise Linux for Power, little endian 7

SRPM

aide-0.15.1-13.el7_9.1.src.rpm

SHA-256: aeeb13045e8b49871dda943489376cdfc2c060cc37ac878c67975c50b5808240

ppc64le

aide-0.15.1-13.el7_9.1.ppc64le.rpm

SHA-256: 4b678789fb574b2933deeac98a0000e046ebd61851acc11d44015b04d95b492f

aide-debuginfo-0.15.1-13.el7_9.1.ppc64le.rpm

SHA-256: e9733f5a393946d2cbbfdb35509b115cde0736fedade6a2df9dcc5d3bbd5a1bb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.