<font size=2 color=#2f2f2f face="sans-serif">IBM BigFix Patch has released
additional Fixlets to address the Stack Clash Vulnerabilities for CVE 2017-1000364,
CVE 2017-1000366, and CVE-2017-1000367.</font><font size=2 face="sans-serif"></font><br><br><font size=2 color=#2f2f2f face="sans-serif">Patches for CentOS6 R2
site, version 11</font><br><font size=2 color=#2f2f2f face="sans-serif">Patches for CentOS7 R2
site, version 10</font><br><font size=2 color=#2f2f2f face="sans-serif">Patches for Ubuntu 1401
site, version 206</font><br><br><font size=2 color=#2f2f2f face="sans-serif">The CVEs vary for CentOS
6 and CentOS 7. For CentOS 6, CVE-2017-1000364 is known as CESA-2017:1486
and CVE-2017-1000366 is known as CESA-2017:1480. For CentOS 7, CVE-2017-1000364
is known as CESA-2017:1484 and CVE-2017-1000366 is known as CESA-2017:1481.
CVE-2017-1000367 is known as CESA-2017:1382 in both CentOS 6 and CentOS
7.</font><br><br><font size=2 color=#2f2f2f face="sans-serif"><b>NOTE:</b> BigFix
is unable to publish the Fixlets for some operating systems because the
vendors have not published the patches for these CVEs yet. BigFix will
publish the Fixlets for these operating systems as soon as the patches
become available:</font><br><font size=2 color=#2f2f2f face="sans-serif">Oracle Linux 6 and Oracle
Linux 7: CVE-2017-1000367</font><br><font size=2 color=#2f2f2f face="sans-serif">SUSE Linux Enterprise
Desktop 11: CVE 2017-1000364 and CVE 2017-1000366</font><br><font size=2 color=#2f2f2f face="sans-serif">SUSE Linux Enterprise
Desktop/Server 11 and SUSE Linux Enterprise Server 11z: CVE-2017-1000367</font><br><font size=2 color=#2f2f2f face="sans-serif">Ubuntu 1404: CVE
2017-1000364</font><br><font size=2 color=#2f2f2f face="sans-serif">Ubuntu 1604: CVE 2017-1000364,
CVE 2017-1000366, and CVE-2017-1000367</font><br><font size=2 color=#2f2f2f face="sans-serif"> </font><br><font size=2 color=#2f2f2f face="sans-serif"><b>Actions to Take:</b><br>Given the serious nature of these vulnerabilities, it is advisable to upgrade
your systems immediately or apply the patch as soon as possible.</font><br><font size=2 color=#2f2f2f face="sans-serif">No other action is required
after applying the Fixlets.</font><br><font size=2 color=#2f2f2f face="sans-serif"> </font><br><font size=2 color=#2f2f2f face="sans-serif"><b>Additional Information:</b><br>For more information, see the following sources:</font><font size=2 color=#0082bf face="sans-serif"><br></font><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364"><font size=2 color=#0082bf face="sans-serif">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364</font></a><font size=2 color=#0082bf face="sans-serif"><br></font><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366"><font size=2 color=#0082bf face="sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366</font></a><font size=2 color=#0082bf face="sans-serif"><br></font><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000367"><font size=2 color=#0082bf face="sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000367</font></a><br><font size=2 color=#2f2f2f face="sans-serif"> </font><br><font size=2 color=#2f2f2f face="sans-serif"><i>Application Engineering
team<br>IBM BigFix Patch</i></font><BR>