Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:3361: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-0361: A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
Red Hat Security Data
#vulnerability#linux#red_hat#c++#ibm#sap#ssl

Synopsis

Moderate: gnutls security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

  • gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2162596 - CVE-2023-0361 gnutls: timing side-channel in the TLS RSA key exchange code

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

gnutls-3.6.16-5.el8_6.1.src.rpm

SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429

x86_64

gnutls-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 29be74f0d460563c20506e9eadae0c63e654fc0cfd14dd289705e9e56b542728

gnutls-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: b2b2b479a0e46a98fa986826b51b825cf665dc39179c27036d1b0d18c14ce5dc

gnutls-c+±3.6.16-5.el8_6.1.i686.rpm

SHA-256: d34ecce56feb0d959ff9b9ec14426074de8e9c3b43efaaa5e870106e0600f8db

gnutls-c+±3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 0a3aeeabdaf85b1760ee61d801b76162452c416e3f2fd398516aac1c7f3c8d30

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8

gnutls-dane-3.6.16-5.el8_6.1.i686.rpm

SHA-256: ce8799f8b5802e8db058de6d0febe82a7e8d98b976b52a1b987daf69df93756c

gnutls-dane-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: f1ba1ecbaa3459d411f1618fe2cddcf71f00a4eadc220e997ca4fb376b56b0f1

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8

gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f

gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f

gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784

gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784

gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm

SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239

gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm

SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239

gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b

gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b

gnutls-devel-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 4dd23dcdfda693be187f81b441a5ff175d0bc64ee1442e10bab59093bf59949c

gnutls-devel-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: b40d479822e9a29dc8e52ed7a9733412c657609a894cf246e520bb4b56c8d49a

gnutls-utils-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: dc242ddc27d064cbf2bd33208b7d56c3feee8bb3bb2ba6b60cca07abf124a045

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

gnutls-3.6.16-5.el8_6.1.src.rpm

SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429

x86_64

gnutls-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 29be74f0d460563c20506e9eadae0c63e654fc0cfd14dd289705e9e56b542728

gnutls-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: b2b2b479a0e46a98fa986826b51b825cf665dc39179c27036d1b0d18c14ce5dc

gnutls-c+±3.6.16-5.el8_6.1.i686.rpm

SHA-256: d34ecce56feb0d959ff9b9ec14426074de8e9c3b43efaaa5e870106e0600f8db

gnutls-c+±3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 0a3aeeabdaf85b1760ee61d801b76162452c416e3f2fd398516aac1c7f3c8d30

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8

gnutls-dane-3.6.16-5.el8_6.1.i686.rpm

SHA-256: ce8799f8b5802e8db058de6d0febe82a7e8d98b976b52a1b987daf69df93756c

gnutls-dane-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: f1ba1ecbaa3459d411f1618fe2cddcf71f00a4eadc220e997ca4fb376b56b0f1

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8

gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f

gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f

gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784

gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784

gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm

SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239

gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm

SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239

gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b

gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b

gnutls-devel-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 4dd23dcdfda693be187f81b441a5ff175d0bc64ee1442e10bab59093bf59949c

gnutls-devel-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: b40d479822e9a29dc8e52ed7a9733412c657609a894cf246e520bb4b56c8d49a

gnutls-utils-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: dc242ddc27d064cbf2bd33208b7d56c3feee8bb3bb2ba6b60cca07abf124a045

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM

gnutls-3.6.16-5.el8_6.1.src.rpm

SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429

s390x

gnutls-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 8d5f97aaac444620930d9953ab2487e30638448e5cd0e9a4faa0f949559f8cb9

gnutls-c+±3.6.16-5.el8_6.1.s390x.rpm

SHA-256: bcb4de1e88889384f69268be876feb2feda7576120745f15b272af71aa7d41a1

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 68e644845576580e79e9d15327679c81a6921a1bc6333a72adb16dd8505341b7

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 68e644845576580e79e9d15327679c81a6921a1bc6333a72adb16dd8505341b7

gnutls-dane-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 97d01d3d7db164bca15f174df3abe75932db1b81ed68c382610a3d70edf6d39e

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 78f2f0c306203d1f954aac7c6375301bce3d1262e8ef8a852b1fde1c73410eed

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 78f2f0c306203d1f954aac7c6375301bce3d1262e8ef8a852b1fde1c73410eed

gnutls-debuginfo-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 14f7479fda186580fc388122173591b1619146a197a02e73ed00f821c5426f03

gnutls-debuginfo-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 14f7479fda186580fc388122173591b1619146a197a02e73ed00f821c5426f03

gnutls-debugsource-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 7ec1ce3bd24652c2b583e01c09d32f272a23463610615338da8687b828bf0d16

gnutls-debugsource-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 7ec1ce3bd24652c2b583e01c09d32f272a23463610615338da8687b828bf0d16

gnutls-devel-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 8012cecbd70d29949e25f08872c9f88467098998fd6c607b1b9e3d0a4572b38b

gnutls-utils-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 54f00f789ac3a7e61dad4b853af13683b8801a9657ea19a1bb9b11194b8b8e87

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 0bb57ebe2a432ab733cedbde783844940c50fb8822c26f55fdb3c1d66aadff78

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.s390x.rpm

SHA-256: 0bb57ebe2a432ab733cedbde783844940c50fb8822c26f55fdb3c1d66aadff78

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

gnutls-3.6.16-5.el8_6.1.src.rpm

SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429

ppc64le

gnutls-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 19683b783c30c2debe806d6a9e03b158ba19b5a17fc04164848f5e690fe63c93

gnutls-c+±3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 460efd10716e676e29b54c3085460d687d623c464ebd975c4a2ef5f533476f11

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 4dab4a9d97eb505a21874ac4ded097c06bcd684bb831d9dd2f7fecc8816ae006

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 4dab4a9d97eb505a21874ac4ded097c06bcd684bb831d9dd2f7fecc8816ae006

gnutls-dane-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: e42cd6e90b792b84701f9ffbdbbe10a0a821ddde7e0b7f86c6a9da67a7845819

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 1ceebe5569a815e3f616d7f03e17adbb5b729a636ed726ede5869a6efb37cd0d

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 1ceebe5569a815e3f616d7f03e17adbb5b729a636ed726ede5869a6efb37cd0d

gnutls-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: d88512977a61ddbc01e285590bc96f553b740be940020fa592954400dc692c42

gnutls-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: d88512977a61ddbc01e285590bc96f553b740be940020fa592954400dc692c42

gnutls-debugsource-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: bb8736f0c43a2a0806d9eaaf1f4fdc4aa4df6208ae882454ce6f58bbfeb4cec1

gnutls-debugsource-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: bb8736f0c43a2a0806d9eaaf1f4fdc4aa4df6208ae882454ce6f58bbfeb4cec1

gnutls-devel-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 94db475de9558e7aae9041de93349de6188685b01b03fd2af48898f0904f1f18

gnutls-utils-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: bc213a91d7ce591807548e407d62714bb8f328dc50801b0745cbfaf96a792783

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 189b9468ecc8d9a7e7eabd0e9fe2b1f9e7e7dde4c056f9b90f26b617fb22bc6e

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 189b9468ecc8d9a7e7eabd0e9fe2b1f9e7e7dde4c056f9b90f26b617fb22bc6e

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

gnutls-3.6.16-5.el8_6.1.src.rpm

SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429

x86_64

gnutls-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 29be74f0d460563c20506e9eadae0c63e654fc0cfd14dd289705e9e56b542728

gnutls-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: b2b2b479a0e46a98fa986826b51b825cf665dc39179c27036d1b0d18c14ce5dc

gnutls-c+±3.6.16-5.el8_6.1.i686.rpm

SHA-256: d34ecce56feb0d959ff9b9ec14426074de8e9c3b43efaaa5e870106e0600f8db

gnutls-c+±3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 0a3aeeabdaf85b1760ee61d801b76162452c416e3f2fd398516aac1c7f3c8d30

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8

gnutls-dane-3.6.16-5.el8_6.1.i686.rpm

SHA-256: ce8799f8b5802e8db058de6d0febe82a7e8d98b976b52a1b987daf69df93756c

gnutls-dane-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: f1ba1ecbaa3459d411f1618fe2cddcf71f00a4eadc220e997ca4fb376b56b0f1

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8

gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f

gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f

gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784

gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784

gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm

SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239

gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm

SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239

gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b

gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b

gnutls-devel-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 4dd23dcdfda693be187f81b441a5ff175d0bc64ee1442e10bab59093bf59949c

gnutls-devel-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: b40d479822e9a29dc8e52ed7a9733412c657609a894cf246e520bb4b56c8d49a

gnutls-utils-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: dc242ddc27d064cbf2bd33208b7d56c3feee8bb3bb2ba6b60cca07abf124a045

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM

gnutls-3.6.16-5.el8_6.1.src.rpm

SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429

aarch64

gnutls-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: af294dea0a463a366c3acb3e49a4d49ff6cdc611cb536515bbf30a0d6570891e

gnutls-c+±3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 91535f8c0dac86577326754e4babb89de50ddee5dfad4abd6dcfdd428258c5ef

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 24df7d6b42b5ab4c4c47f8cc6418e0cadbd128e3878b33b81eb1e4808554c088

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 24df7d6b42b5ab4c4c47f8cc6418e0cadbd128e3878b33b81eb1e4808554c088

gnutls-dane-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 6200870d590ab9edddfb5762553aa4012a5a5130c32210e1bd0b858053f2d4dd

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 0b0044b1caab9a680f514add92637248cd0bf063a32788a25300cc10da92f062

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 0b0044b1caab9a680f514add92637248cd0bf063a32788a25300cc10da92f062

gnutls-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 6faaa2e840a41a1dd1dc46a865e8a22c72b33f5420a7a31543dff11cb54b851e

gnutls-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 6faaa2e840a41a1dd1dc46a865e8a22c72b33f5420a7a31543dff11cb54b851e

gnutls-debugsource-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: eb92d00541ba0f61e42417bdb28006a5110932a8450c3246429a8e59405153e0

gnutls-debugsource-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: eb92d00541ba0f61e42417bdb28006a5110932a8450c3246429a8e59405153e0

gnutls-devel-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: d23a505a4901360a5ef194c4c619e094aa7ac340e47e789402b23a05282a06ad

gnutls-utils-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 0559ca8aa7cc3de028fef9d0276bad92e558e70ee4c041c2b876dd82819f9e3d

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 6144d50b96445caf17d20905f87a3c4d59cc3d616964969226f97beafbb3c770

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.aarch64.rpm

SHA-256: 6144d50b96445caf17d20905f87a3c4d59cc3d616964969226f97beafbb3c770

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

gnutls-3.6.16-5.el8_6.1.src.rpm

SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429

ppc64le

gnutls-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 19683b783c30c2debe806d6a9e03b158ba19b5a17fc04164848f5e690fe63c93

gnutls-c+±3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 460efd10716e676e29b54c3085460d687d623c464ebd975c4a2ef5f533476f11

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 4dab4a9d97eb505a21874ac4ded097c06bcd684bb831d9dd2f7fecc8816ae006

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 4dab4a9d97eb505a21874ac4ded097c06bcd684bb831d9dd2f7fecc8816ae006

gnutls-dane-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: e42cd6e90b792b84701f9ffbdbbe10a0a821ddde7e0b7f86c6a9da67a7845819

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 1ceebe5569a815e3f616d7f03e17adbb5b729a636ed726ede5869a6efb37cd0d

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 1ceebe5569a815e3f616d7f03e17adbb5b729a636ed726ede5869a6efb37cd0d

gnutls-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: d88512977a61ddbc01e285590bc96f553b740be940020fa592954400dc692c42

gnutls-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: d88512977a61ddbc01e285590bc96f553b740be940020fa592954400dc692c42

gnutls-debugsource-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: bb8736f0c43a2a0806d9eaaf1f4fdc4aa4df6208ae882454ce6f58bbfeb4cec1

gnutls-debugsource-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: bb8736f0c43a2a0806d9eaaf1f4fdc4aa4df6208ae882454ce6f58bbfeb4cec1

gnutls-devel-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 94db475de9558e7aae9041de93349de6188685b01b03fd2af48898f0904f1f18

gnutls-utils-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: bc213a91d7ce591807548e407d62714bb8f328dc50801b0745cbfaf96a792783

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 189b9468ecc8d9a7e7eabd0e9fe2b1f9e7e7dde4c056f9b90f26b617fb22bc6e

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.ppc64le.rpm

SHA-256: 189b9468ecc8d9a7e7eabd0e9fe2b1f9e7e7dde4c056f9b90f26b617fb22bc6e

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

gnutls-3.6.16-5.el8_6.1.src.rpm

SHA-256: ef6aab618d7307d27e4a7f9718b5c508ecd31fb6deec642d3ee3936b520d8429

x86_64

gnutls-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 29be74f0d460563c20506e9eadae0c63e654fc0cfd14dd289705e9e56b542728

gnutls-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: b2b2b479a0e46a98fa986826b51b825cf665dc39179c27036d1b0d18c14ce5dc

gnutls-c+±3.6.16-5.el8_6.1.i686.rpm

SHA-256: d34ecce56feb0d959ff9b9ec14426074de8e9c3b43efaaa5e870106e0600f8db

gnutls-c+±3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 0a3aeeabdaf85b1760ee61d801b76162452c416e3f2fd398516aac1c7f3c8d30

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 18e0213bd4ae16973cdf31d335c2d4d236f921c5c441614eb035e321629772e5

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8

gnutls-c+±debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 8244673a94de0cc20a7ce0f71a40cd29baa3869fa52f6e0cf2d823dafda33ce8

gnutls-dane-3.6.16-5.el8_6.1.i686.rpm

SHA-256: ce8799f8b5802e8db058de6d0febe82a7e8d98b976b52a1b987daf69df93756c

gnutls-dane-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: f1ba1ecbaa3459d411f1618fe2cddcf71f00a4eadc220e997ca4fb376b56b0f1

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 64fb80e40d36a67721944c3b8cfedd72f97f6727c7d831b88c0d7f3aeaecf43f

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8

gnutls-dane-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: eb29acdda0576422b87cb7a1a6ef12e86c1ae99835ef70601b4e0e2f1f5015e8

gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f

gnutls-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 5215c9a163cab045b39345b93cd061a4bd75bf2c0e5b2c7c630242d2e9df616f

gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784

gnutls-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: d69937d001a4745e7e0ed563a135a5e12d45177dc5a41296befcefdf3a55e784

gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm

SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239

gnutls-debugsource-3.6.16-5.el8_6.1.i686.rpm

SHA-256: c2133463ff8d900495dcf3fdb9311a6a948ff623d0030661d8ef24b607ff8239

gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b

gnutls-debugsource-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 26dc4977edb804c198160ff0dbc42f6396bc0217ed2336bd4b6c36092b94665b

gnutls-devel-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 4dd23dcdfda693be187f81b441a5ff175d0bc64ee1442e10bab59093bf59949c

gnutls-devel-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: b40d479822e9a29dc8e52ed7a9733412c657609a894cf246e520bb4b56c8d49a

gnutls-utils-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: dc242ddc27d064cbf2bd33208b7d56c3feee8bb3bb2ba6b60cca07abf124a045

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.i686.rpm

SHA-256: 068e8f0deb320d2a5acbafdf706ef967c9d1bcf51f63d2408bd05914cd43c175

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b

gnutls-utils-debuginfo-3.6.16-5.el8_6.1.x86_64.rpm

SHA-256: 990d48551a8c3a66fe509b2fb04037758d73b4b3a4f807924e2f5a1ee6481a0b

Related news

Red Hat Security Advisory 2023-5103-01

Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.

Red Hat Security Advisory 2023-4576-01

Red Hat Security Advisory 2023-4576-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.

RHSA-2023:4488: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 6.0.1[security update]

The components for Red Hat OpenShift support for Windows Containers 6.0.1 are now available. This product release includes bug fixes and security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject...

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

RHSA-2023:4112: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.8 security update

Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...

RHSA-2023:3615: Red Hat Security Advisory: OpenShift Container Platform 4.12.22 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...

RHSA-2023:3614: Red Hat Security Advisory: OpenShift Container Platform 4.13.4 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...

RHSA-2023:3342: Red Hat Security Advisory: OpenShift Container Platform 4.13.4 CNF vRAN extras security update

An update for ztp-site-generate-container, topology-aware-lifecycle-manager and bare-metal-event-relay is now available for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM identities and roles may be manipulate...

Red Hat Security Advisory 2023-3624-01

Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

RHSA-2023:3455: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0

OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...

Red Hat Security Advisory 2023-3379-01

Red Hat Security Advisory 2023-3379-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes. This release of RHACS includes a fix for CVE-2023-24540 by building RHACS with updated Golang.

Red Hat Security Advisory 2023-0584-01

Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.

RHSA-2023:0584: Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 security update

Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query ...

Red Hat Security Advisory 2023-1326-01

Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-2083-01

Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.

RHSA-2023:2041: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.1.0 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect ...

Red Hat Security Advisory 2023-1953-01

Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.

Red Hat Security Advisory 2023-1887-01

Red Hat Security Advisory 2023-1887-01 - Multicluster Engine for Kubernetes 2.2.3 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

RHSA-2023:1953: Red Hat Security Advisory: Logging Subsystem 5.6.5 - Red Hat OpenShift security update

Logging Subsystem 5.6.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-27539: A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service. * CVE-2023-28120: A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrus...

RHSA-2023:1888: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.3 security fixes and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.7.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3841: A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauth...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...