Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0629: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL’s signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm#sap#ssl

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-02-07

Updated:

2023-02-07

RHSA-2023:0629 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: libksba security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libksba is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.

Security Fix(es):

  • libksba: integer overflow to code executiona (CVE-2022-47629)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2161571 - CVE-2022-47629 libksba: integer overflow to code execution

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM

libksba-1.5.1-6.el9_0.src.rpm

SHA-256: f0ad58da0f4cfd58795fe41c377b5b8375641d11f696b092a9099c341f02adbf

x86_64

libksba-1.5.1-6.el9_0.i686.rpm

SHA-256: b96b325bbab9ce5d62fdf4c23e3826ef2c5be341766286f7808aeccbc224f97f

libksba-1.5.1-6.el9_0.x86_64.rpm

SHA-256: 3654700334ebf16e744135c90552876c85f5bc14d4f9797ad64286a5ee8b3d9c

libksba-debuginfo-1.5.1-6.el9_0.i686.rpm

SHA-256: 49a77bee1866c7763db4176dbaeb9287be74d71b15394de3fda744aca5119969

libksba-debuginfo-1.5.1-6.el9_0.x86_64.rpm

SHA-256: 68885fa33c94e7038a57730c9169ea8a21e61f4d87e6acaaa5c78b9cb94a2542

libksba-debugsource-1.5.1-6.el9_0.i686.rpm

SHA-256: 835c4280bdf33921c139b36c41e31ff68bb44556d7662b780a0e4c20b47d03ea

libksba-debugsource-1.5.1-6.el9_0.x86_64.rpm

SHA-256: 74b87a1ede6aa62f53d05bad19757025414cc156c6bf30bcca352d88f61b5da1

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM

libksba-1.5.1-6.el9_0.src.rpm

SHA-256: f0ad58da0f4cfd58795fe41c377b5b8375641d11f696b092a9099c341f02adbf

s390x

libksba-1.5.1-6.el9_0.s390x.rpm

SHA-256: 8c8df94f9a695a0fa5972028c0550eb630a918c6ece41c957f49b87306d0917d

libksba-debuginfo-1.5.1-6.el9_0.s390x.rpm

SHA-256: 7a1f90b79d21e1252e63ea92c3593e96bf81b6c7aaf21af35ddcf9495c92824d

libksba-debugsource-1.5.1-6.el9_0.s390x.rpm

SHA-256: b6fbab6bbcca405587fb9dbd56fd9f6eede45c5369eddb686b0c683c5b9ff32f

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM

libksba-1.5.1-6.el9_0.src.rpm

SHA-256: f0ad58da0f4cfd58795fe41c377b5b8375641d11f696b092a9099c341f02adbf

ppc64le

libksba-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: 86abeeb498c290dbe89970859562f2c35c7d2abdf722e467bbd6dd656e849b68

libksba-debuginfo-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: d33b5512ccf402bb17b75c0f62c096010149472c5f7932337a14167185ff415b

libksba-debugsource-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: 4747dd98c12b4a111066780ea55696703b64b34e9f83fd1f768db479a91ddc91

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM

libksba-1.5.1-6.el9_0.src.rpm

SHA-256: f0ad58da0f4cfd58795fe41c377b5b8375641d11f696b092a9099c341f02adbf

aarch64

libksba-1.5.1-6.el9_0.aarch64.rpm

SHA-256: 53bc3e147521e70d68fa56887673b3c0c9a2de9cf70f1e5298671ecdecb6e452

libksba-debuginfo-1.5.1-6.el9_0.aarch64.rpm

SHA-256: e7aabd8c094ff54d79f15e4ef3416a9ad9c609a95da0e544498d838b36e4fde4

libksba-debugsource-1.5.1-6.el9_0.aarch64.rpm

SHA-256: f7067997066678eddc1d3bed41e99018bdc98d8f48aa21847ba455e733f8c36b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM

libksba-1.5.1-6.el9_0.src.rpm

SHA-256: f0ad58da0f4cfd58795fe41c377b5b8375641d11f696b092a9099c341f02adbf

ppc64le

libksba-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: 86abeeb498c290dbe89970859562f2c35c7d2abdf722e467bbd6dd656e849b68

libksba-debuginfo-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: d33b5512ccf402bb17b75c0f62c096010149472c5f7932337a14167185ff415b

libksba-debugsource-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: 4747dd98c12b4a111066780ea55696703b64b34e9f83fd1f768db479a91ddc91

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM

libksba-1.5.1-6.el9_0.src.rpm

SHA-256: f0ad58da0f4cfd58795fe41c377b5b8375641d11f696b092a9099c341f02adbf

x86_64

libksba-1.5.1-6.el9_0.i686.rpm

SHA-256: b96b325bbab9ce5d62fdf4c23e3826ef2c5be341766286f7808aeccbc224f97f

libksba-1.5.1-6.el9_0.x86_64.rpm

SHA-256: 3654700334ebf16e744135c90552876c85f5bc14d4f9797ad64286a5ee8b3d9c

libksba-debuginfo-1.5.1-6.el9_0.i686.rpm

SHA-256: 49a77bee1866c7763db4176dbaeb9287be74d71b15394de3fda744aca5119969

libksba-debuginfo-1.5.1-6.el9_0.x86_64.rpm

SHA-256: 68885fa33c94e7038a57730c9169ea8a21e61f4d87e6acaaa5c78b9cb94a2542

libksba-debugsource-1.5.1-6.el9_0.i686.rpm

SHA-256: 835c4280bdf33921c139b36c41e31ff68bb44556d7662b780a0e4c20b47d03ea

libksba-debugsource-1.5.1-6.el9_0.x86_64.rpm

SHA-256: 74b87a1ede6aa62f53d05bad19757025414cc156c6bf30bcca352d88f61b5da1

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0

SRPM

x86_64

libksba-debuginfo-1.5.1-6.el9_0.i686.rpm

SHA-256: 49a77bee1866c7763db4176dbaeb9287be74d71b15394de3fda744aca5119969

libksba-debuginfo-1.5.1-6.el9_0.x86_64.rpm

SHA-256: 68885fa33c94e7038a57730c9169ea8a21e61f4d87e6acaaa5c78b9cb94a2542

libksba-debugsource-1.5.1-6.el9_0.i686.rpm

SHA-256: 835c4280bdf33921c139b36c41e31ff68bb44556d7662b780a0e4c20b47d03ea

libksba-debugsource-1.5.1-6.el9_0.x86_64.rpm

SHA-256: 74b87a1ede6aa62f53d05bad19757025414cc156c6bf30bcca352d88f61b5da1

libksba-devel-1.5.1-6.el9_0.i686.rpm

SHA-256: 0d55284f66c393d785553fa3f8c4f9cd1ca7fa4afd4df9c05be01bdc18d6a4f4

libksba-devel-1.5.1-6.el9_0.x86_64.rpm

SHA-256: e3df6444fd840cbcccea01d484334edc1e7aa0d90c29d8adee41c94bb5b10d02

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0

SRPM

ppc64le

libksba-debuginfo-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: d33b5512ccf402bb17b75c0f62c096010149472c5f7932337a14167185ff415b

libksba-debugsource-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: 4747dd98c12b4a111066780ea55696703b64b34e9f83fd1f768db479a91ddc91

libksba-devel-1.5.1-6.el9_0.ppc64le.rpm

SHA-256: 52b8f3ccdbc9abc3c8e88fa2ac1f2bf8e2bfc978a005b5b985636b33f0dd8c3f

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0

SRPM

s390x

libksba-debuginfo-1.5.1-6.el9_0.s390x.rpm

SHA-256: 7a1f90b79d21e1252e63ea92c3593e96bf81b6c7aaf21af35ddcf9495c92824d

libksba-debugsource-1.5.1-6.el9_0.s390x.rpm

SHA-256: b6fbab6bbcca405587fb9dbd56fd9f6eede45c5369eddb686b0c683c5b9ff32f

libksba-devel-1.5.1-6.el9_0.s390x.rpm

SHA-256: 0edf4b231baf588a0e55c3138e6cc26a4df1716dc617475a82e2f7d1ba3f9584

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0

SRPM

aarch64

libksba-debuginfo-1.5.1-6.el9_0.aarch64.rpm

SHA-256: e7aabd8c094ff54d79f15e4ef3416a9ad9c609a95da0e544498d838b36e4fde4

libksba-debugsource-1.5.1-6.el9_0.aarch64.rpm

SHA-256: f7067997066678eddc1d3bed41e99018bdc98d8f48aa21847ba455e733f8c36b

libksba-devel-1.5.1-6.el9_0.aarch64.rpm

SHA-256: 830f59e303c3a003560caf0871c5e53db14ac8d14b6f2ffc0ced676de6d7b86d

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0

SRPM

libksba-1.5.1-6.el9_0.src.rpm

SHA-256: f0ad58da0f4cfd58795fe41c377b5b8375641d11f696b092a9099c341f02adbf

aarch64

libksba-1.5.1-6.el9_0.aarch64.rpm

SHA-256: 53bc3e147521e70d68fa56887673b3c0c9a2de9cf70f1e5298671ecdecb6e452

libksba-debuginfo-1.5.1-6.el9_0.aarch64.rpm

SHA-256: e7aabd8c094ff54d79f15e4ef3416a9ad9c609a95da0e544498d838b36e4fde4

libksba-debugsource-1.5.1-6.el9_0.aarch64.rpm

SHA-256: f7067997066678eddc1d3bed41e99018bdc98d8f48aa21847ba455e733f8c36b

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0

SRPM

libksba-1.5.1-6.el9_0.src.rpm

SHA-256: f0ad58da0f4cfd58795fe41c377b5b8375641d11f696b092a9099c341f02adbf

s390x

libksba-1.5.1-6.el9_0.s390x.rpm

SHA-256: 8c8df94f9a695a0fa5972028c0550eb630a918c6ece41c957f49b87306d0917d

libksba-debuginfo-1.5.1-6.el9_0.s390x.rpm

SHA-256: 7a1f90b79d21e1252e63ea92c3593e96bf81b6c7aaf21af35ddcf9495c92824d

libksba-debugsource-1.5.1-6.el9_0.s390x.rpm

SHA-256: b6fbab6bbcca405587fb9dbd56fd9f6eede45c5369eddb686b0c683c5b9ff32f

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2023-4053-01

Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

Red Hat Security Advisory 2023-0584-01

Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.

RHSA-2023:1326: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...

RHSA-2023:1448: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.2 security update

Red Hat OpenShift Service Mesh Containers for 2.3.2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server t...

RHSA-2023:1286: Red Hat Security Advisory: Migration Toolkit for Runtimes security bug fix and enhancement update

Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system. * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an atta...

Red Hat Security Advisory 2023-1170-01

Red Hat Security Advisory 2023-1170-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

Red Hat Security Advisory 2023-1079-01

Red Hat Security Advisory 2023-1079-01 - An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train).

RHSA-2023:1079: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container) security update

An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to c...

RHSA-2023:0977: Red Hat Security Advisory: Red Hat OpenShift Data Science 1.22.1 security update

An update for kubeflow, dashboard, deployer is now available for Red Hat OpenShift Data Science 1.22. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0923: A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues.

Red Hat Security Advisory 2023-0918-01

Red Hat Security Advisory 2023-0918-01 - Service Binding manages the data plane for applications and backing services.

Red Hat Security Advisory 2023-0859-01

Red Hat Security Advisory 2023-0859-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2023:0804: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...

RHSA-2023:0803: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...

Red Hat Security Advisory 2023-0794-01

Red Hat Security Advisory 2023-0794-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

Red Hat Security Advisory 2023-0633-01

Red Hat Security Advisory 2023-0633-01 - Logging Subsystem 5.5.7 - Red Hat OpenShift.

Red Hat Security Advisory 2023-0632-01

Red Hat Security Advisory 2023-0632-01 - Logging Subsystem 5.4.11 - Red Hat OpenShift.

RHSA-2023:0698: Red Hat Security Advisory: OpenShift Container Platform 4.10.52 security update

Red Hat OpenShift Container Platform release 4.10.52 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.

RHSA-2023:0756: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 XP 4.0.0.GA Security release

JBoss EAP XP 4.0.0.GA Security release on the EAP 7.4.9 base. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-0341: In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...

Red Hat Security Advisory 2023-0626-01

Red Hat Security Advisory 2023-0626-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0594-01

Red Hat Security Advisory 2023-0594-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2023:0624: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0626: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0625: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0594: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0592: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system ...

RHSA-2023:0593: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

Red Hat Security Advisory 2023-0530-01

Red Hat Security Advisory 2023-0530-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2023:0530: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: libksba: integer overflow to code execution

Ubuntu Security Notice USN-5787-2

Ubuntu Security Notice 5787-2 - USN-5787-1 fixed vulnerabilities in Libksba. This update provides the corresponding updates for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5787-1

Ubuntu Security Notice 5787-1 - It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.

Gentoo Linux Security Advisory 202212-07

Gentoo Linux Security Advisory 202212-7 - An integer overflow vulnerability has been found in libksba which could result in remote code execution. Versions less than 1.6.3 are affected.

CVE-2022-47629: ⚓ T6284 Another integer overflow in Libksba

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.