An update for aide is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1523 Final 1.0 1.0 2022-02-11 Initial 2022-02-11 2022-02-11 openEuler SA Tool V1.0 2022-02-11 aide security update An update for aide is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3. AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. Security Fix(es): AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.(CVE-2021-45417) An update for aide is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High aide https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1523 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-45417 https://nvd.nist.gov/vuln/detail/CVE-2021-45417 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 aide-debugsource-0.16.2-2.oe1.aarch64.rpm aide-debuginfo-0.16.2-2.oe1.aarch64.rpm aide-0.16.2-2.oe1.aarch64.rpm aide-0.16.2-2.oe1.aarch64.rpm aide-debugsource-0.16.2-2.oe1.aarch64.rpm aide-debuginfo-0.16.2-2.oe1.aarch64.rpm aide-0.16.2-3.oe1.aarch64.rpm aide-debugsource-0.16.2-3.oe1.aarch64.rpm aide-debuginfo-0.16.2-3.oe1.aarch64.rpm aide-help-0.16.2-2.oe1.noarch.rpm aide-help-0.16.2-2.oe1.noarch.rpm aide-help-0.16.2-3.oe1.noarch.rpm aide-0.16.2-2.oe1.src.rpm aide-0.16.2-2.oe1.src.rpm aide-0.16.2-3.oe1.src.rpm aide-debuginfo-0.16.2-2.oe1.x86_64.rpm aide-0.16.2-2.oe1.x86_64.rpm aide-debugsource-0.16.2-2.oe1.x86_64.rpm aide-0.16.2-2.oe1.x86_64.rpm aide-debugsource-0.16.2-2.oe1.x86_64.rpm aide-debuginfo-0.16.2-2.oe1.x86_64.rpm aide-debugsource-0.16.2-3.oe1.x86_64.rpm aide-debuginfo-0.16.2-3.oe1.x86_64.rpm aide-0.16.2-3.oe1.x86_64.rpm AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. 2022-02-11 CVE-2021-45417 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H aide security update 2022-02-11 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1523