virus logo FortiClient Vulnerability

RedHat python-httplib2 CVE-2020-11078 CRLF Injection Vulnerability

description-logoDescription

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): * python-httplib2: CRLF injection via an attacker controlled unescaped part of uri for httplib2.Http.request function (CVE-2020-11078) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * fence_lpar: Long username, HMC hostname, or managed system name causes failures [RHEL 7] (BZ#1860545) * InstanceHA does not evacuate instances created with private flavor in tenant project (RHEL7) (BZ#1862024)

affected-products-logoAffected Applications

python-httplib2

CVE References

CVE-2020-11078

Other References

https://access.redhat.com/errata/RHSA-2020:5003
ID 65637
Created Nov 14, 2020
Description
Updated		 Dec 20, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor RedHat
Patch auto
Application python-httplib2