BigFix OS Deployment and Bare Metal Imaging site has been updated.
Reasons for Update:
New OSD Bare Metal Server version 310.86 is available.
Fixed issues:
KB0081241: Cannot create MDT Bundle on computer in spanish/italian language
KB0084350: Volume group size is not respected on deployment of Linux captured images
KB0086085: Partitions are not aligned to physical sectors on Linux
KB0089452: Deployment of captured linux profiles failing in RH 6 on bare metal server 3.10.78
KB0089901: Wrong manifests if editing/deleting drivers on Driver Library
KB0087942: MDT Bundle creation fails is 64 bit components of WADK are installed
Security vulnerabilities addressed:
Only OSD Metal Server Web interface used by support team for troubleshooting is affected by the following vulnerabilities (see KB0090473 for more detail):
-CVE ID: CVE-2021-23841
Description: The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.
CVSS v3 Score: 5.9
-CVE ID: CVE-2021-23839
Description: OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made.
CVSS v3 Score: 3.7
-CVE ID: CVE-2020-1971
Description: The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack.
CVSS v3 Score: 5.9
-CVE ID: CVE-2021-23840
Description: Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.
CVSS v3 Score: 7.5
Note:
The old Adobe Flash based OSD dashboards are deprecated.
Published site version:
OS Deployment and Bare Metal Imaging, version 98.
The BigFix OS Deployment Team.