Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0624: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL’s signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
Red Hat Security Data
#vulnerability#linux#red_hat#ibm#sap#ssl

Synopsis

Important: libksba security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libksba is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.

Security Fix(es):

  • libksba: integer overflow to code executiona (CVE-2022-47629)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64

Fixes

  • BZ - 2161571 - CVE-2022-47629 libksba: integer overflow to code execution

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM

libksba-1.3.5-9.el8_4.src.rpm

SHA-256: a4d5cf4c46c0f9eb562c7838904a6b8303589c4a94ccc07196bfe037b05a32bc

x86_64

libksba-1.3.5-9.el8_4.i686.rpm

SHA-256: 5fc4a15d8fd532a02aadd6ce11b7a14cb3627b6c63e83f40e30069fc975f4e42

libksba-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 59f8b71dbd02686f45b7e0fc979c61688f728c0dd79c01fb73c74952b8357863

libksba-debuginfo-1.3.5-9.el8_4.i686.rpm

SHA-256: 21fb475a859f16eeb65fd8d715bb881c1182bb43121b84eef7c93f802351246b

libksba-debuginfo-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 1baa6ee5dfd50a2d863315e31e79a2f7cae000359891b778250c0cb5782162cd

libksba-debugsource-1.3.5-9.el8_4.i686.rpm

SHA-256: 18a9ba26f3505b94c1c9445b535a5e3a741e2967839c0c52102f9920c26f3a63

libksba-debugsource-1.3.5-9.el8_4.x86_64.rpm

SHA-256: eb976f7a08ac384aaeb78e7747319e680236d373ce0e0bdc4f3dbf85f3332650

Red Hat Enterprise Linux Server - AUS 8.4

SRPM

libksba-1.3.5-9.el8_4.src.rpm

SHA-256: a4d5cf4c46c0f9eb562c7838904a6b8303589c4a94ccc07196bfe037b05a32bc

x86_64

libksba-1.3.5-9.el8_4.i686.rpm

SHA-256: 5fc4a15d8fd532a02aadd6ce11b7a14cb3627b6c63e83f40e30069fc975f4e42

libksba-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 59f8b71dbd02686f45b7e0fc979c61688f728c0dd79c01fb73c74952b8357863

libksba-debuginfo-1.3.5-9.el8_4.i686.rpm

SHA-256: 21fb475a859f16eeb65fd8d715bb881c1182bb43121b84eef7c93f802351246b

libksba-debuginfo-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 1baa6ee5dfd50a2d863315e31e79a2f7cae000359891b778250c0cb5782162cd

libksba-debugsource-1.3.5-9.el8_4.i686.rpm

SHA-256: 18a9ba26f3505b94c1c9445b535a5e3a741e2967839c0c52102f9920c26f3a63

libksba-debugsource-1.3.5-9.el8_4.x86_64.rpm

SHA-256: eb976f7a08ac384aaeb78e7747319e680236d373ce0e0bdc4f3dbf85f3332650

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM

libksba-1.3.5-9.el8_4.src.rpm

SHA-256: a4d5cf4c46c0f9eb562c7838904a6b8303589c4a94ccc07196bfe037b05a32bc

s390x

libksba-1.3.5-9.el8_4.s390x.rpm

SHA-256: 6ea7eeb97be5a43902e3f8e1672f271a715b8f4ef72bc017127fea33e4e36425

libksba-debuginfo-1.3.5-9.el8_4.s390x.rpm

SHA-256: 724149503d1d7a8090407a10565267257ed9b9ce0cf1147f399d23dd274f3524

libksba-debugsource-1.3.5-9.el8_4.s390x.rpm

SHA-256: 363105e7d397315095c0affe53dfcca886e1bdf4a8cd807b2580228dbcc28500

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM

libksba-1.3.5-9.el8_4.src.rpm

SHA-256: a4d5cf4c46c0f9eb562c7838904a6b8303589c4a94ccc07196bfe037b05a32bc

ppc64le

libksba-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: ce7a26dc384780e2f81a1a7ecac20ad83ea085a39c854c7ed3a4997616af9a35

libksba-debuginfo-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: 46839a6f3bb5465966671918d6c95d005005caab9fedcb48a50bc86e6c57070d

libksba-debugsource-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: 69afa81ee30b2df8361ae98dbdecfd8d411f7793e50384a511350074f256de4d

Red Hat Enterprise Linux Server - TUS 8.4

SRPM

libksba-1.3.5-9.el8_4.src.rpm

SHA-256: a4d5cf4c46c0f9eb562c7838904a6b8303589c4a94ccc07196bfe037b05a32bc

x86_64

libksba-1.3.5-9.el8_4.i686.rpm

SHA-256: 5fc4a15d8fd532a02aadd6ce11b7a14cb3627b6c63e83f40e30069fc975f4e42

libksba-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 59f8b71dbd02686f45b7e0fc979c61688f728c0dd79c01fb73c74952b8357863

libksba-debuginfo-1.3.5-9.el8_4.i686.rpm

SHA-256: 21fb475a859f16eeb65fd8d715bb881c1182bb43121b84eef7c93f802351246b

libksba-debuginfo-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 1baa6ee5dfd50a2d863315e31e79a2f7cae000359891b778250c0cb5782162cd

libksba-debugsource-1.3.5-9.el8_4.i686.rpm

SHA-256: 18a9ba26f3505b94c1c9445b535a5e3a741e2967839c0c52102f9920c26f3a63

libksba-debugsource-1.3.5-9.el8_4.x86_64.rpm

SHA-256: eb976f7a08ac384aaeb78e7747319e680236d373ce0e0bdc4f3dbf85f3332650

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM

libksba-1.3.5-9.el8_4.src.rpm

SHA-256: a4d5cf4c46c0f9eb562c7838904a6b8303589c4a94ccc07196bfe037b05a32bc

aarch64

libksba-1.3.5-9.el8_4.aarch64.rpm

SHA-256: d067d1167b5c6a511986868b898e137f0da16a9d2cc8a01cfdc2e0d50d268c5c

libksba-debuginfo-1.3.5-9.el8_4.aarch64.rpm

SHA-256: df7ce1c218d8d8944eff2d28e7dd8d39fcffb4113c485a60ef6feff9a847a5b0

libksba-debugsource-1.3.5-9.el8_4.aarch64.rpm

SHA-256: 541c6cab9882306dd9f2606e387e68ee0a34646f30e8c602f95d1121a338e9b9

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM

libksba-1.3.5-9.el8_4.src.rpm

SHA-256: a4d5cf4c46c0f9eb562c7838904a6b8303589c4a94ccc07196bfe037b05a32bc

ppc64le

libksba-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: ce7a26dc384780e2f81a1a7ecac20ad83ea085a39c854c7ed3a4997616af9a35

libksba-debuginfo-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: 46839a6f3bb5465966671918d6c95d005005caab9fedcb48a50bc86e6c57070d

libksba-debugsource-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: 69afa81ee30b2df8361ae98dbdecfd8d411f7793e50384a511350074f256de4d

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM

libksba-1.3.5-9.el8_4.src.rpm

SHA-256: a4d5cf4c46c0f9eb562c7838904a6b8303589c4a94ccc07196bfe037b05a32bc

x86_64

libksba-1.3.5-9.el8_4.i686.rpm

SHA-256: 5fc4a15d8fd532a02aadd6ce11b7a14cb3627b6c63e83f40e30069fc975f4e42

libksba-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 59f8b71dbd02686f45b7e0fc979c61688f728c0dd79c01fb73c74952b8357863

libksba-debuginfo-1.3.5-9.el8_4.i686.rpm

SHA-256: 21fb475a859f16eeb65fd8d715bb881c1182bb43121b84eef7c93f802351246b

libksba-debuginfo-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 1baa6ee5dfd50a2d863315e31e79a2f7cae000359891b778250c0cb5782162cd

libksba-debugsource-1.3.5-9.el8_4.i686.rpm

SHA-256: 18a9ba26f3505b94c1c9445b535a5e3a741e2967839c0c52102f9920c26f3a63

libksba-debugsource-1.3.5-9.el8_4.x86_64.rpm

SHA-256: eb976f7a08ac384aaeb78e7747319e680236d373ce0e0bdc4f3dbf85f3332650

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4

SRPM

x86_64

libksba-debuginfo-1.3.5-9.el8_4.i686.rpm

SHA-256: 21fb475a859f16eeb65fd8d715bb881c1182bb43121b84eef7c93f802351246b

libksba-debuginfo-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 1baa6ee5dfd50a2d863315e31e79a2f7cae000359891b778250c0cb5782162cd

libksba-debugsource-1.3.5-9.el8_4.i686.rpm

SHA-256: 18a9ba26f3505b94c1c9445b535a5e3a741e2967839c0c52102f9920c26f3a63

libksba-debugsource-1.3.5-9.el8_4.x86_64.rpm

SHA-256: eb976f7a08ac384aaeb78e7747319e680236d373ce0e0bdc4f3dbf85f3332650

libksba-devel-1.3.5-9.el8_4.i686.rpm

SHA-256: 5302b652f7d7ec4724d430981d60375c90fc40465ece47d9b4fe6f77007eb622

libksba-devel-1.3.5-9.el8_4.x86_64.rpm

SHA-256: 9112189af85f5509b5563b7549aa0decb2ba1b5ac73e3fc455bd624af82f25cb

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4

SRPM

ppc64le

libksba-debuginfo-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: 46839a6f3bb5465966671918d6c95d005005caab9fedcb48a50bc86e6c57070d

libksba-debugsource-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: 69afa81ee30b2df8361ae98dbdecfd8d411f7793e50384a511350074f256de4d

libksba-devel-1.3.5-9.el8_4.ppc64le.rpm

SHA-256: 3420449393fd9268746b24188221140e03f5c09ec825b85b5f5ca17d67d46de6

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4

SRPM

s390x

libksba-debuginfo-1.3.5-9.el8_4.s390x.rpm

SHA-256: 724149503d1d7a8090407a10565267257ed9b9ce0cf1147f399d23dd274f3524

libksba-debugsource-1.3.5-9.el8_4.s390x.rpm

SHA-256: 363105e7d397315095c0affe53dfcca886e1bdf4a8cd807b2580228dbcc28500

libksba-devel-1.3.5-9.el8_4.s390x.rpm

SHA-256: f963c459452124a4c249055be5eef26894825874ca69a0203284942685668918

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4

SRPM

aarch64

libksba-debuginfo-1.3.5-9.el8_4.aarch64.rpm

SHA-256: df7ce1c218d8d8944eff2d28e7dd8d39fcffb4113c485a60ef6feff9a847a5b0

libksba-debugsource-1.3.5-9.el8_4.aarch64.rpm

SHA-256: 541c6cab9882306dd9f2606e387e68ee0a34646f30e8c602f95d1121a338e9b9

libksba-devel-1.3.5-9.el8_4.aarch64.rpm

SHA-256: 7a80bc34dff8269598f8f4dad2035a3e692933ec619d304439af4f6a92d76995

Related news

CVE-2022-4039

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

Red Hat Security Advisory 2023-4053-01

Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

Red Hat Security Advisory 2023-0584-01

Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.

RHSA-2023:1326: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...

RHSA-2023:1448: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.2 security update

Red Hat OpenShift Service Mesh Containers for 2.3.2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server t...

RHSA-2023:1286: Red Hat Security Advisory: Migration Toolkit for Runtimes security bug fix and enhancement update

Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system. * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an atta...

RHSA-2023:1174: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.2 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic. * CVE-2022...

RHSA-2023:1047: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 for OpenShift image security and enhancement update

A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-14040: In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. * CVE-2018-14042: In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. * CVE-2019-11358: A Prototype Pollution vulnerability was found in jque...

RHSA-2023:0934: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...

Red Hat Security Advisory 2023-0778-01

Red Hat Security Advisory 2023-0778-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.56.

Red Hat Security Advisory 2023-0859-01

Red Hat Security Advisory 2023-0859-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0814-01

Red Hat Security Advisory 2023-0814-01 - The Cryostat 2 on RHEL 8 container images have been updated to fix "CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key" and to address the following security advisory: RHSA-2023:0625 Users of Cryostat 2 on RHEL 8 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images. Issues addressed include bypass, code execution, and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0803-01

Red Hat Security Advisory 2023-0803-01 - An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important.

Red Hat Security Advisory 2023-0804-01

Red Hat Security Advisory 2023-0804-01 - An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important.

RHSA-2023:0804: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...

RHSA-2023:0803: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...

Red Hat Security Advisory 2023-0698-01

Red Hat Security Advisory 2023-0698-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.52.

Red Hat Security Advisory 2023-0632-01

Red Hat Security Advisory 2023-0632-01 - Logging Subsystem 5.4.11 - Red Hat OpenShift.

RHSA-2023:0698: Red Hat Security Advisory: OpenShift Container Platform 4.10.52 security update

Red Hat OpenShift Container Platform release 4.10.52 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.

RHSA-2023:0756: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 XP 4.0.0.GA Security release

JBoss EAP XP 4.0.0.GA Security release on the EAP 7.4.9 base. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-0341: In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...

Red Hat Security Advisory 2023-0625-01

Red Hat Security Advisory 2023-0625-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0624-01

Red Hat Security Advisory 2023-0624-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0626-01

Red Hat Security Advisory 2023-0626-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0594-01

Red Hat Security Advisory 2023-0594-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2023:0629: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0626: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0625: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0592: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system ...

Red Hat Security Advisory 2023-0530-01

Red Hat Security Advisory 2023-0530-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2023:0530: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: libksba: integer overflow to code execution

Ubuntu Security Notice USN-5787-2

Ubuntu Security Notice 5787-2 - USN-5787-1 fixed vulnerabilities in Libksba. This update provides the corresponding updates for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5787-1

Ubuntu Security Notice 5787-1 - It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.

Gentoo Linux Security Advisory 202212-07

Gentoo Linux Security Advisory 202212-7 - An integer overflow vulnerability has been found in libksba which could result in remote code execution. Versions less than 1.6.3 are affected.

Debian Security Advisory 5305-1

Debian Linux Security Advisory 5305-1 - An integer overflow flaw was discovered in the CRL signature parser in libksba, an X.509 and CMS support library, which could result in denial of service or the execution of arbitrary code.

CVE-2022-47629: ⚓ T6284 Another integer overflow in Libksba

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.