Security Advisory Important: piranha security and bug fix update

Advisory: RHSA-2014:0175-1
Type: Security Advisory
Severity: Important
Issued on: 2014-02-13
Last updated on: 2014-02-13
Affected Products: Red Hat Enterprise Linux Load Balancer (v. 6)
Red Hat Enterprise Linux Load Balancer EUS (v. 6.5.z)
CVEs (cve.mitre.org): CVE-2013-6492

Details

An updated piranha package that fixes one security issue and one bug is now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
Important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Piranha provides high-availability and load-balancing services for Red Hat
Enterprise Linux. The piranha packages contain various tools to administer
and configure the Linux Virtual Server (LVS), as well as the heartbeat and
failover components. LVS is a dynamically-adjusted kernel routing mechanism
that provides load balancing, primarily for Web and FTP servers.

It was discovered that the Piranha Configuration Tool did not properly
restrict access to its web pages. A remote attacker able to connect to the
Piranha Configuration Tool web server port could use this flaw to read or
modify the LVS configuration without providing valid administrative
credentials. (CVE-2013-6492)

This update also fixes the following bug:

* When the lvsd service attempted to start, the sem_timedwait() function
received the interrupted function call (EINTR) error and exited, causing
the lvsd service to fail to start. With this update, EINTR errors are
correctly ignored during the start-up of the lvsd service. (BZ#1055709)

All piranha users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Load Balancer (v. 6)

SRPMS:
piranha-0.8.6-4.el6_5.2.src.rpm     MD5: 8044ee3ed0843ee9a95a96a394242668
SHA-256: 1d663d45224945b8047decf909e54fa28b07b8d02f7e4391e7646b9002a1c808
 
IA-32:
piranha-0.8.6-4.el6_5.2.i686.rpm     MD5: 528fb9b161e5d6b17386ee4ff9fb0cd7
SHA-256: 94fdc612e56f500e5801d448698c28695de385e6f29964250ddb13e01168579f
piranha-debuginfo-0.8.6-4.el6_5.2.i686.rpm     MD5: 6c664a75de128b7b415572fefbf16971
SHA-256: 08b8041a818f6d30561c3044b6bd5e882081012f9bc08a24069aa3eb1a6ce4e9
 
x86_64:
piranha-0.8.6-4.el6_5.2.x86_64.rpm     MD5: 954b1c41fc2c31d3fccaa837cbdde1e4
SHA-256: e33e46e6453a2aeb3da3caf1b928ec7372561003adaed167f0b8f73dbb3a2f2d
piranha-debuginfo-0.8.6-4.el6_5.2.x86_64.rpm     MD5: 97597ae1363577d130387e49c79c9b83
SHA-256: 901c216db08685ce389ec93d8a0a68fa6ee3d22c395017346f952362eca6bbdd
 
Red Hat Enterprise Linux Load Balancer EUS (v. 6.5.z)

SRPMS:
piranha-0.8.6-4.el6_5.2.src.rpm     MD5: 8044ee3ed0843ee9a95a96a394242668
SHA-256: 1d663d45224945b8047decf909e54fa28b07b8d02f7e4391e7646b9002a1c808
 
IA-32:
piranha-0.8.6-4.el6_5.2.i686.rpm     MD5: 528fb9b161e5d6b17386ee4ff9fb0cd7
SHA-256: 94fdc612e56f500e5801d448698c28695de385e6f29964250ddb13e01168579f
piranha-debuginfo-0.8.6-4.el6_5.2.i686.rpm     MD5: 6c664a75de128b7b415572fefbf16971
SHA-256: 08b8041a818f6d30561c3044b6bd5e882081012f9bc08a24069aa3eb1a6ce4e9
 
x86_64:
piranha-0.8.6-4.el6_5.2.x86_64.rpm     MD5: 954b1c41fc2c31d3fccaa837cbdde1e4
SHA-256: e33e46e6453a2aeb3da3caf1b928ec7372561003adaed167f0b8f73dbb3a2f2d
piranha-debuginfo-0.8.6-4.el6_5.2.x86_64.rpm     MD5: 97597ae1363577d130387e49c79c9b83
SHA-256: 901c216db08685ce389ec93d8a0a68fa6ee3d22c395017346f952362eca6bbdd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1043040 - CVE-2013-6492 piranha: web UI authentication bypass using POST requests
1055709 - pulse: ignore EINTR while waiting for semaphore


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/