Friday, February 21, 2020

Security Bulletin: Vulnerabilities in Curl affect PowerSC (CVE-2019-5481, CVE-2019-5482)

Feb 21, 2020 7:00 pm EST

Categorized: Medium Severity

Share this post:

There are vulnerabilities in Curl that affect PowerSC.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
PowerSC 1.2
PowerSC 1.3

The vulnerabilities in the following filesets are being addressed:

key_fileset = powerscStd.tnc_pm

key_fileset = curl-7.67.0-1.ppc.rpm

Fileset  Lower Level  Upper Level 

powerscStd.tnc_pm 

1.2.0.3  1.3.0.0 

curl-7.67.0-1.ppc.rpm

 7.65.4 7.67.01

Note:  To find out whether the affected PowerSC filesets are installed on your systems, refer to the lslpp command found in AIX user's guide. To find out whether the affected curl filesets are installed on your systems, refer to the rpm command found in AIX user's guide.

 

Example:  lslpp -l | grep powerscStd

Example:  rpm -qa | grep curl

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/3243915



from IBM Product Security Incident Response Team https://ift.tt/2ViRdgK

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.