Headline
RHSA-2023:3361: Red Hat Security Advisory: gnutls security update
An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-0361: A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
Synopsis
Moderate: gnutls security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.
Security Fix(es):
- gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Fixes
- BZ - 2162596 - CVE-2023-0361 gnutls: timing side-channel in the TLS RSA key exchange code
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
gnutls-3.6.16-5.el8_6.1.src.rpm
SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429
x86_64
gnutls-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 29be74f0d460563c20506e9eadae0c63e654fc0cfd14dd289705e9e56b542728
gnutls-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: b2b2b479a0e46a98fa986826b51b825cf665dc39179c27036d1b0d18c14ce5dc
gnutls-c+±3.6.16-5.el8_6.1.i686.rpm
SHA-256: d34ecce56feb0d959ff9b9ec14426074de8e9c3b43efaaa5e870106e0600f8db
gnutls-c+±3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 0a3aeeabdaf85b1760ee61d801b76162452c416e3f2fd398516aac1c7f3c8d30
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8
gnutls-dane-3.6.16-5.el8_6.1.i686.rpm
SHA-256: ce8799f8b5802e8db058de6d0febe82a7e8d98b976b52a1b987daf69df93756c
gnutls-dane-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: f1ba1ecbaa3459d411f1618fe2cddcf71f00a4eadc220e997ca4fb376b56b0f1
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8
gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f
gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f
gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784
gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784
gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm
SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239
gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm
SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239
gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b
gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b
gnutls-devel-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 4dd23dcdfda693be187f81b441a5ff175d0bc64ee1442e10bab59093bf59949c
gnutls-devel-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: b40d479822e9a29dc8e52ed7a9733412c657609a894cf246e520bb4b56c8d49a
gnutls-utils-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: dc242ddc27d064cbf2bd33208b7d56c3feee8bb3bb2ba6b60cca07abf124a045
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b
Red Hat Enterprise Linux Server - AUS 8.6
SRPM
gnutls-3.6.16-5.el8_6.1.src.rpm
SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429
x86_64
gnutls-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 29be74f0d460563c20506e9eadae0c63e654fc0cfd14dd289705e9e56b542728
gnutls-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: b2b2b479a0e46a98fa986826b51b825cf665dc39179c27036d1b0d18c14ce5dc
gnutls-c+±3.6.16-5.el8_6.1.i686.rpm
SHA-256: d34ecce56feb0d959ff9b9ec14426074de8e9c3b43efaaa5e870106e0600f8db
gnutls-c+±3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 0a3aeeabdaf85b1760ee61d801b76162452c416e3f2fd398516aac1c7f3c8d30
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8
gnutls-dane-3.6.16-5.el8_6.1.i686.rpm
SHA-256: ce8799f8b5802e8db058de6d0febe82a7e8d98b976b52a1b987daf69df93756c
gnutls-dane-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: f1ba1ecbaa3459d411f1618fe2cddcf71f00a4eadc220e997ca4fb376b56b0f1
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8
gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f
gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f
gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784
gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784
gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm
SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239
gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm
SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239
gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b
gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b
gnutls-devel-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 4dd23dcdfda693be187f81b441a5ff175d0bc64ee1442e10bab59093bf59949c
gnutls-devel-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: b40d479822e9a29dc8e52ed7a9733412c657609a894cf246e520bb4b56c8d49a
gnutls-utils-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: dc242ddc27d064cbf2bd33208b7d56c3feee8bb3bb2ba6b60cca07abf124a045
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6
SRPM
gnutls-3.6.16-5.el8_6.1.src.rpm
SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429
s390x
gnutls-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 8d5f97aaac444620930d9953ab2487e30638448e5cd0e9a4faa0f949559f8cb9
gnutls-c+±3.6.16-5.el8_6.1.s390x.rpm
SHA-256: bcb4de1e88889384f69268be876feb2feda7576120745f15b272af71aa7d41a1
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 68e644845576580e79e9d15327679c81a6921a1bc6333a72adb16dd8505341b7
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 68e644845576580e79e9d15327679c81a6921a1bc6333a72adb16dd8505341b7
gnutls-dane-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 97d01d3d7db164bca15f174df3abe75932db1b81ed68c382610a3d70edf6d39e
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 78f2f0c306203d1f954aac7c6375301bce3d1262e8ef8a852b1fde1c73410eed
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 78f2f0c306203d1f954aac7c6375301bce3d1262e8ef8a852b1fde1c73410eed
gnutls-debuginfo-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 14f7479fda186580fc388122173591b1619146a197a02e73ed00f821c5426f03
gnutls-debuginfo-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 14f7479fda186580fc388122173591b1619146a197a02e73ed00f821c5426f03
gnutls-debugsource-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 7ec1ce3bd24652c2b583e01c09d32f272a23463610615338da8687b828bf0d16
gnutls-debugsource-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 7ec1ce3bd24652c2b583e01c09d32f272a23463610615338da8687b828bf0d16
gnutls-devel-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 8012cecbd70d29949e25f08872c9f88467098998fd6c607b1b9e3d0a4572b38b
gnutls-utils-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 54f00f789ac3a7e61dad4b853af13683b8801a9657ea19a1bb9b11194b8b8e87
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 0bb57ebe2a432ab733cedbde783844940c50fb8822c26f55fdb3c1d66aadff78
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.s390x.rpm
SHA-256: 0bb57ebe2a432ab733cedbde783844940c50fb8822c26f55fdb3c1d66aadff78
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
SRPM
gnutls-3.6.16-5.el8_6.1.src.rpm
SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429
ppc64le
gnutls-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 19683b783c30c2debe806d6a9e03b158ba19b5a17fc04164848f5e690fe63c93
gnutls-c+±3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 460efd10716e676e29b54c3085460d687d623c464ebd975c4a2ef5f533476f11
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 4dab4a9d97eb505a21874ac4ded097c06bcd684bb831d9dd2f7fecc8816ae006
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 4dab4a9d97eb505a21874ac4ded097c06bcd684bb831d9dd2f7fecc8816ae006
gnutls-dane-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: e42cd6e90b792b84701f9ffbdbbe10a0a821ddde7e0b7f86c6a9da67a7845819
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 1ceebe5569a815e3f616d7f03e17adbb5b729a636ed726ede5869a6efb37cd0d
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 1ceebe5569a815e3f616d7f03e17adbb5b729a636ed726ede5869a6efb37cd0d
gnutls-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: d88512977a61ddbc01e285590bc96f553b740be940020fa592954400dc692c42
gnutls-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: d88512977a61ddbc01e285590bc96f553b740be940020fa592954400dc692c42
gnutls-debugsource-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: bb8736f0c43a2a0806d9eaaf1f4fdc4aa4df6208ae882454ce6f58bbfeb4cec1
gnutls-debugsource-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: bb8736f0c43a2a0806d9eaaf1f4fdc4aa4df6208ae882454ce6f58bbfeb4cec1
gnutls-devel-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 94db475de9558e7aae9041de93349de6188685b01b03fd2af48898f0904f1f18
gnutls-utils-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: bc213a91d7ce591807548e407d62714bb8f328dc50801b0745cbfaf96a792783
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 189b9468ecc8d9a7e7eabd0e9fe2b1f9e7e7dde4c056f9b90f26b617fb22bc6e
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 189b9468ecc8d9a7e7eabd0e9fe2b1f9e7e7dde4c056f9b90f26b617fb22bc6e
Red Hat Enterprise Linux Server - TUS 8.6
SRPM
gnutls-3.6.16-5.el8_6.1.src.rpm
SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429
x86_64
gnutls-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 29be74f0d460563c20506e9eadae0c63e654fc0cfd14dd289705e9e56b542728
gnutls-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: b2b2b479a0e46a98fa986826b51b825cf665dc39179c27036d1b0d18c14ce5dc
gnutls-c+±3.6.16-5.el8_6.1.i686.rpm
SHA-256: d34ecce56feb0d959ff9b9ec14426074de8e9c3b43efaaa5e870106e0600f8db
gnutls-c+±3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 0a3aeeabdaf85b1760ee61d801b76162452c416e3f2fd398516aac1c7f3c8d30
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8
gnutls-dane-3.6.16-5.el8_6.1.i686.rpm
SHA-256: ce8799f8b5802e8db058de6d0febe82a7e8d98b976b52a1b987daf69df93756c
gnutls-dane-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: f1ba1ecbaa3459d411f1618fe2cddcf71f00a4eadc220e997ca4fb376b56b0f1
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8
gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f
gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f
gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784
gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784
gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm
SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239
gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm
SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239
gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b
gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b
gnutls-devel-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 4dd23dcdfda693be187f81b441a5ff175d0bc64ee1442e10bab59093bf59949c
gnutls-devel-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: b40d479822e9a29dc8e52ed7a9733412c657609a894cf246e520bb4b56c8d49a
gnutls-utils-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: dc242ddc27d064cbf2bd33208b7d56c3feee8bb3bb2ba6b60cca07abf124a045
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6
SRPM
gnutls-3.6.16-5.el8_6.1.src.rpm
SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429
aarch64
gnutls-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: af294dea0a463a366c3acb3e49a4d49ff6cdc611cb536515bbf30a0d6570891e
gnutls-c+±3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 91535f8c0dac86577326754e4babb89de50ddee5dfad4abd6dcfdd428258c5ef
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 24df7d6b42b5ab4c4c47f8cc6418e0cadbd128e3878b33b81eb1e4808554c088
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 24df7d6b42b5ab4c4c47f8cc6418e0cadbd128e3878b33b81eb1e4808554c088
gnutls-dane-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 6200870d590ab9edddfb5762553aa4012a5a5130c32210e1bd0b858053f2d4dd
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 0b0044b1caab9a680f514add92637248cd0bf063a32788a25300cc10da92f062
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 0b0044b1caab9a680f514add92637248cd0bf063a32788a25300cc10da92f062
gnutls-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 6faaa2e840a41a1dd1dc46a865e8a22c72b33f5420a7a31543dff11cb54b851e
gnutls-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 6faaa2e840a41a1dd1dc46a865e8a22c72b33f5420a7a31543dff11cb54b851e
gnutls-debugsource-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: eb92d00541ba0f61e42417bdb28006a5110932a8450c3246429a8e59405153e0
gnutls-debugsource-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: eb92d00541ba0f61e42417bdb28006a5110932a8450c3246429a8e59405153e0
gnutls-devel-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: d23a505a4901360a5ef194c4c619e094aa7ac340e47e789402b23a05282a06ad
gnutls-utils-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 0559ca8aa7cc3de028fef9d0276bad92e558e70ee4c041c2b876dd82819f9e3d
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 6144d50b96445caf17d20905f87a3c4d59cc3d616964969226f97beafbb3c770
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm
SHA-256: 6144d50b96445caf17d20905f87a3c4d59cc3d616964969226f97beafbb3c770
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
SRPM
gnutls-3.6.16-5.el8_6.1.src.rpm
SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429
ppc64le
gnutls-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 19683b783c30c2debe806d6a9e03b158ba19b5a17fc04164848f5e690fe63c93
gnutls-c+±3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 460efd10716e676e29b54c3085460d687d623c464ebd975c4a2ef5f533476f11
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 4dab4a9d97eb505a21874ac4ded097c06bcd684bb831d9dd2f7fecc8816ae006
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 4dab4a9d97eb505a21874ac4ded097c06bcd684bb831d9dd2f7fecc8816ae006
gnutls-dane-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: e42cd6e90b792b84701f9ffbdbbe10a0a821ddde7e0b7f86c6a9da67a7845819
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 1ceebe5569a815e3f616d7f03e17adbb5b729a636ed726ede5869a6efb37cd0d
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 1ceebe5569a815e3f616d7f03e17adbb5b729a636ed726ede5869a6efb37cd0d
gnutls-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: d88512977a61ddbc01e285590bc96f553b740be940020fa592954400dc692c42
gnutls-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: d88512977a61ddbc01e285590bc96f553b740be940020fa592954400dc692c42
gnutls-debugsource-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: bb8736f0c43a2a0806d9eaaf1f4fdc4aa4df6208ae882454ce6f58bbfeb4cec1
gnutls-debugsource-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: bb8736f0c43a2a0806d9eaaf1f4fdc4aa4df6208ae882454ce6f58bbfeb4cec1
gnutls-devel-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 94db475de9558e7aae9041de93349de6188685b01b03fd2af48898f0904f1f18
gnutls-utils-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: bc213a91d7ce591807548e407d62714bb8f328dc50801b0745cbfaf96a792783
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 189b9468ecc8d9a7e7eabd0e9fe2b1f9e7e7dde4c056f9b90f26b617fb22bc6e
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm
SHA-256: 189b9468ecc8d9a7e7eabd0e9fe2b1f9e7e7dde4c056f9b90f26b617fb22bc6e
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
SRPM
gnutls-3.6.16-5.el8_6.1.src.rpm
SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429
x86_64
gnutls-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 29be74f0d460563c20506e9eadae0c63e654fc0cfd14dd289705e9e56b542728
gnutls-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: b2b2b479a0e46a98fa986826b51b825cf665dc39179c27036d1b0d18c14ce5dc
gnutls-c+±3.6.16-5.el8_6.1.i686.rpm
SHA-256: d34ecce56feb0d959ff9b9ec14426074de8e9c3b43efaaa5e870106e0600f8db
gnutls-c+±3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 0a3aeeabdaf85b1760ee61d801b76162452c416e3f2fd398516aac1c7f3c8d30
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8
gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8
gnutls-dane-3.6.16-5.el8_6.1.i686.rpm
SHA-256: ce8799f8b5802e8db058de6d0febe82a7e8d98b976b52a1b987daf69df93756c
gnutls-dane-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: f1ba1ecbaa3459d411f1618fe2cddcf71f00a4eadc220e997ca4fb376b56b0f1
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8
gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8
gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f
gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f
gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784
gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784
gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm
SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239
gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm
SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239
gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b
gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b
gnutls-devel-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 4dd23dcdfda693be187f81b441a5ff175d0bc64ee1442e10bab59093bf59949c
gnutls-devel-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: b40d479822e9a29dc8e52ed7a9733412c657609a894cf246e520bb4b56c8d49a
gnutls-utils-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: dc242ddc27d064cbf2bd33208b7d56c3feee8bb3bb2ba6b60cca07abf124a045
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm
SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b
gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm
SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b
Related news
Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.
Red Hat Security Advisory 2023-4576-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.
The components for Red Hat OpenShift support for Windows Containers 6.0.1 are now available. This product release includes bug fixes and security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject...
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...
Red Hat OpenShift Container Platform release 4.12.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...
Red Hat OpenShift Container Platform release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...
An update for ztp-site-generate-container, topology-aware-lifecycle-manager and bare-metal-event-relay is now available for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM identities and roles may be manipulate...
Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...
OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...
Red Hat Security Advisory 2023-3379-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes. This release of RHACS includes a fix for CVE-2023-24540 by building RHACS with updated Golang.
Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.
Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query ...
Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.
Migration Toolkit for Applications 6.1.0 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect ...
Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.
Red Hat Security Advisory 2023-1887-01 - Multicluster Engine for Kubernetes 2.2.3 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
Logging Subsystem 5.6.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-27539: A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service. * CVE-2023-28120: A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrus...
Red Hat Advanced Cluster Management for Kubernetes 2.7.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3841: A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauth...
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...