2023-03-16 08:13:27 +00:00
|
|
|
{
|
|
|
|
"affected": [
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "libtiff",
|
|
|
|
"purl": "pkg:rpm/vmware/libtiff?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "4.2.0-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "linux-aws",
|
|
|
|
"purl": "pkg:rpm/vmware/linux-aws?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "5.10.25-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "curl",
|
|
|
|
"purl": "pkg:rpm/vmware/curl?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "7.75.0-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "linux-rt",
|
|
|
|
"purl": "pkg:rpm/vmware/linux-rt?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "5.10.25-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "linux-secure",
|
|
|
|
"purl": "pkg:rpm/vmware/linux-secure?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "5.10.25-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "apache-tomcat",
|
|
|
|
"purl": "pkg:rpm/vmware/apache-tomcat?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "8.5.64-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "docker",
|
|
|
|
"purl": "pkg:rpm/vmware/docker?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "19.03.15-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "glib",
|
|
|
|
"purl": "pkg:rpm/vmware/glib?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "2.68.0-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "libvirt",
|
|
|
|
"purl": "pkg:rpm/vmware/libvirt?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "7.1.0-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "mysql",
|
|
|
|
"purl": "pkg:rpm/vmware/mysql?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "8.0.23-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "nodejs",
|
|
|
|
"purl": "pkg:rpm/vmware/nodejs?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "14.16.0-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "containerd",
|
|
|
|
"purl": "pkg:rpm/vmware/containerd?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "1.4.4-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "python3",
|
|
|
|
"purl": "pkg:rpm/vmware/python3?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "3.9.1-3.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "linux",
|
|
|
|
"purl": "pkg:rpm/vmware/linux?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "5.10.25-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "openssl",
|
|
|
|
"purl": "pkg:rpm/vmware/openssl?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "1.1.1k-1.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"package": {
|
|
|
|
"ecosystem": "photon:4.0",
|
|
|
|
"name": "wpa_supplicant",
|
|
|
|
"purl": "pkg:rpm/vmware/wpa_supplicant?distro=photon-4"
|
2023-03-16 10:38:04 +00:00
|
|
|
},
|
|
|
|
"ranges": {
|
|
|
|
"events": [
|
|
|
|
{
|
|
|
|
"introduced": "0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"fixed": "2.9-3.ph4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"type": "ECOSYSTEM"
|
2023-03-16 08:13:27 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"id": "PHSA-2021-4.0-0007",
|
|
|
|
"modified": "2023-03-16T05:25:30Z",
|
|
|
|
"published": "2021-03-12T00:00:00Z",
|
|
|
|
"references": [
|
|
|
|
{
|
|
|
|
"type": "ADVISORY",
|
|
|
|
"url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-4"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"related": [
|
|
|
|
"CVE-2021-2072",
|
|
|
|
"CVE-2021-28039",
|
|
|
|
"CVE-2021-26930",
|
|
|
|
"CVE-2021-2122",
|
|
|
|
"CVE-2021-2021",
|
|
|
|
"CVE-2020-11656",
|
|
|
|
"CVE-2020-14867",
|
|
|
|
"CVE-2021-23336",
|
|
|
|
"CVE-2021-2022",
|
|
|
|
"CVE-2020-14873",
|
|
|
|
"CVE-2021-2055",
|
|
|
|
"CVE-2021-2087",
|
|
|
|
"CVE-2021-3178",
|
|
|
|
"CVE-2020-35522",
|
|
|
|
"CVE-2020-8277",
|
|
|
|
"CVE-2020-14838",
|
|
|
|
"CVE-2021-2046",
|
|
|
|
"CVE-2021-3348",
|
|
|
|
"CVE-2021-2070",
|
|
|
|
"CVE-2020-14804",
|
|
|
|
"CVE-2020-14794",
|
|
|
|
"CVE-2021-27363",
|
|
|
|
"CVE-2020-25639",
|
|
|
|
"CVE-2020-35524",
|
|
|
|
"CVE-2020-15358",
|
|
|
|
"CVE-2020-14777",
|
|
|
|
"CVE-2021-2048",
|
|
|
|
"CVE-2020-14790",
|
|
|
|
"CVE-2020-14869",
|
|
|
|
"CVE-2021-21285",
|
|
|
|
"CVE-2021-25329",
|
|
|
|
"CVE-2019-10161",
|
|
|
|
"CVE-2020-14809",
|
|
|
|
"CVE-2021-28153",
|
|
|
|
"CVE-2021-22883",
|
|
|
|
"CVE-2021-28375",
|
|
|
|
"CVE-2021-2060",
|
|
|
|
"CVE-2020-14773",
|
|
|
|
"CVE-2020-14829",
|
|
|
|
"CVE-2020-28374",
|
|
|
|
"CVE-2020-14844",
|
|
|
|
"CVE-2021-24122",
|
|
|
|
"CVE-2020-14868",
|
|
|
|
"CVE-2021-27803",
|
|
|
|
"CVE-2021-2002",
|
|
|
|
"CVE-2020-27171",
|
|
|
|
"CVE-2020-14836",
|
|
|
|
"CVE-2020-14828",
|
|
|
|
"CVE-2020-14837",
|
|
|
|
"CVE-2021-2024",
|
|
|
|
"CVE-2021-2036",
|
|
|
|
"CVE-2021-27364",
|
|
|
|
"CVE-2020-14821",
|
|
|
|
"CVE-2020-14852",
|
|
|
|
"CVE-2020-25637",
|
|
|
|
"CVE-2021-23840",
|
|
|
|
"CVE-2021-3444",
|
|
|
|
"CVE-2021-2056",
|
|
|
|
"CVE-2021-22876",
|
|
|
|
"CVE-2020-14814",
|
|
|
|
"CVE-2021-29265",
|
|
|
|
"CVE-2020-14848",
|
|
|
|
"CVE-2021-3449",
|
|
|
|
"CVE-2020-14878",
|
|
|
|
"CVE-2020-1971",
|
|
|
|
"CVE-2021-25122",
|
|
|
|
"CVE-2021-2032",
|
|
|
|
"CVE-2020-14839",
|
|
|
|
"CVE-2021-2076",
|
|
|
|
"CVE-2020-14830",
|
|
|
|
"CVE-2021-23841",
|
|
|
|
"CVE-2021-2088",
|
|
|
|
"CVE-2021-2058",
|
|
|
|
"CVE-2021-2038",
|
|
|
|
"CVE-2020-14861",
|
|
|
|
"CVE-2020-14769",
|
|
|
|
"CVE-2021-2065",
|
|
|
|
"CVE-2020-14845",
|
|
|
|
"CVE-2021-2028",
|
|
|
|
"CVE-2020-14775",
|
|
|
|
"CVE-2020-14893",
|
|
|
|
"CVE-2021-26932",
|
|
|
|
"CVE-2020-14789",
|
|
|
|
"CVE-2020-11655",
|
|
|
|
"CVE-2020-14776",
|
|
|
|
"CVE-2021-2061",
|
|
|
|
"CVE-2020-8287",
|
|
|
|
"CVE-2020-17527",
|
|
|
|
"CVE-2020-14827",
|
|
|
|
"CVE-2021-2011",
|
|
|
|
"CVE-2020-35521",
|
|
|
|
"CVE-2021-2081",
|
|
|
|
"CVE-2020-14812",
|
|
|
|
"CVE-2020-27170",
|
|
|
|
"CVE-2021-28038",
|
|
|
|
"CVE-2021-3450",
|
|
|
|
"CVE-2021-2031",
|
|
|
|
"CVE-2021-22884",
|
|
|
|
"CVE-2020-14866",
|
|
|
|
"CVE-2020-14785",
|
|
|
|
"CVE-2021-27365",
|
|
|
|
"CVE-2021-26708",
|
|
|
|
"CVE-2021-2010",
|
|
|
|
"CVE-2020-14846",
|
|
|
|
"CVE-2019-15239",
|
|
|
|
"CVE-2020-14800",
|
|
|
|
"CVE-2021-3177",
|
|
|
|
"CVE-2020-14793",
|
|
|
|
"CVE-2021-3347",
|
|
|
|
"CVE-2021-21284",
|
|
|
|
"CVE-2021-22890",
|
|
|
|
"CVE-2021-26931",
|
|
|
|
"CVE-2020-36158",
|
|
|
|
"CVE-2020-14786",
|
|
|
|
"CVE-2020-11080",
|
|
|
|
"CVE-2020-14888",
|
|
|
|
"CVE-2020-14891",
|
|
|
|
"CVE-2020-14765",
|
|
|
|
"CVE-2020-8265",
|
|
|
|
"CVE-2020-35523",
|
|
|
|
"CVE-2021-2030",
|
|
|
|
"CVE-2020-14870",
|
|
|
|
"CVE-2020-35499",
|
|
|
|
"CVE-2020-12351",
|
|
|
|
"CVE-2020-15257",
|
|
|
|
"CVE-2021-21334"
|
|
|
|
]
|
|
|
|
}
|