Headline
RHSA-2022:7089: Red Hat Security Advisory: libksba security update
An update for libksba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-3515: libksba: integer overflow may lead to remote code execution
Synopsis
Important: libksba security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for libksba is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.
Security Fix(es):
- libksba: integer overflow may lead to remote code execution (CVE-2022-3515)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64
Fixes
- BZ - 2135610 - CVE-2022-3515 libksba: integer overflow may lead to remote code execution
Red Hat Enterprise Linux for x86_64 8
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
x86_64
libksba-1.3.5-8.el8_6.i686.rpm
SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f
libksba-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258
libksba-debuginfo-1.3.5-8.el8_6.i686.rpm
SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c
libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a
libksba-debugsource-1.3.5-8.el8_6.i686.rpm
SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea
libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
x86_64
libksba-1.3.5-8.el8_6.i686.rpm
SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f
libksba-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258
libksba-debuginfo-1.3.5-8.el8_6.i686.rpm
SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c
libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a
libksba-debugsource-1.3.5-8.el8_6.i686.rpm
SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea
libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d
Red Hat Enterprise Linux Server - AUS 8.6
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
x86_64
libksba-1.3.5-8.el8_6.i686.rpm
SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f
libksba-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258
libksba-debuginfo-1.3.5-8.el8_6.i686.rpm
SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c
libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a
libksba-debugsource-1.3.5-8.el8_6.i686.rpm
SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea
libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
s390x
libksba-1.3.5-8.el8_6.s390x.rpm
SHA-256: 35208dcb955082c6168bb53a96176446689d9ff5d21f1db310fcf3a255652d68
libksba-debuginfo-1.3.5-8.el8_6.s390x.rpm
SHA-256: 9fcea0b70bc2e7ed8390742e9229c1bf45d2a25a8a4861351dabdc23c5babccc
libksba-debugsource-1.3.5-8.el8_6.s390x.rpm
SHA-256: 724a96c3e37045e2de0475a3d0809e1f946231eef5fd46673f30862d1ed115a3
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
s390x
libksba-1.3.5-8.el8_6.s390x.rpm
SHA-256: 35208dcb955082c6168bb53a96176446689d9ff5d21f1db310fcf3a255652d68
libksba-debuginfo-1.3.5-8.el8_6.s390x.rpm
SHA-256: 9fcea0b70bc2e7ed8390742e9229c1bf45d2a25a8a4861351dabdc23c5babccc
libksba-debugsource-1.3.5-8.el8_6.s390x.rpm
SHA-256: 724a96c3e37045e2de0475a3d0809e1f946231eef5fd46673f30862d1ed115a3
Red Hat Enterprise Linux for Power, little endian 8
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
ppc64le
libksba-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 461266de5092f91f0006b9f0f99fe854692e7138d756295da0224851f6c2fe5c
libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974
libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
ppc64le
libksba-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 461266de5092f91f0006b9f0f99fe854692e7138d756295da0224851f6c2fe5c
libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974
libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1
Red Hat Enterprise Linux Server - TUS 8.6
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
x86_64
libksba-1.3.5-8.el8_6.i686.rpm
SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f
libksba-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258
libksba-debuginfo-1.3.5-8.el8_6.i686.rpm
SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c
libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a
libksba-debugsource-1.3.5-8.el8_6.i686.rpm
SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea
libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d
Red Hat Enterprise Linux for ARM 64 8
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
aarch64
libksba-1.3.5-8.el8_6.aarch64.rpm
SHA-256: 0ba29cd913223ca261118ff402fd9feee3fd33a31b6c3327b5c825d52476d333
libksba-debuginfo-1.3.5-8.el8_6.aarch64.rpm
SHA-256: cec4b69f8076a26165b81d5ca773c9d246ff25584450b1bd30e9328e2ce5b65d
libksba-debugsource-1.3.5-8.el8_6.aarch64.rpm
SHA-256: d94a0f887220291532bd1387139ba6a88ec39b67f5e714044fd95a9d43477db3
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
ppc64le
libksba-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 461266de5092f91f0006b9f0f99fe854692e7138d756295da0224851f6c2fe5c
libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974
libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
x86_64
libksba-1.3.5-8.el8_6.i686.rpm
SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f
libksba-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258
libksba-debuginfo-1.3.5-8.el8_6.i686.rpm
SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c
libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a
libksba-debugsource-1.3.5-8.el8_6.i686.rpm
SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea
libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d
Red Hat CodeReady Linux Builder for x86_64 8
SRPM
x86_64
libksba-debuginfo-1.3.5-8.el8_6.i686.rpm
SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c
libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a
libksba-debugsource-1.3.5-8.el8_6.i686.rpm
SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea
libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d
libksba-devel-1.3.5-8.el8_6.i686.rpm
SHA-256: fa8735b9759eec2db1a7f25416e2021be2b069bf631f8bc996176d4618c06f06
libksba-devel-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 25cb8fede45eaee66b45f6e79f9c0b32c33b2ce2af1f95d600cd6bf4c9242d49
Red Hat CodeReady Linux Builder for Power, little endian 8
SRPM
ppc64le
libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974
libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1
libksba-devel-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 630a39c43cd2489608ff6a05627e526d658e413efb92b6ee1ee4df162950f7ca
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM
aarch64
libksba-debuginfo-1.3.5-8.el8_6.aarch64.rpm
SHA-256: cec4b69f8076a26165b81d5ca773c9d246ff25584450b1bd30e9328e2ce5b65d
libksba-debugsource-1.3.5-8.el8_6.aarch64.rpm
SHA-256: d94a0f887220291532bd1387139ba6a88ec39b67f5e714044fd95a9d43477db3
libksba-devel-1.3.5-8.el8_6.aarch64.rpm
SHA-256: a35a04562a09f1ffda2301b7d2779cebfb66abd522627d475f164aae0e69d0c7
Red Hat CodeReady Linux Builder for IBM z Systems 8
SRPM
s390x
libksba-debuginfo-1.3.5-8.el8_6.s390x.rpm
SHA-256: 9fcea0b70bc2e7ed8390742e9229c1bf45d2a25a8a4861351dabdc23c5babccc
libksba-debugsource-1.3.5-8.el8_6.s390x.rpm
SHA-256: 724a96c3e37045e2de0475a3d0809e1f946231eef5fd46673f30862d1ed115a3
libksba-devel-1.3.5-8.el8_6.s390x.rpm
SHA-256: 5514894bac96fee2456fa3a53a6ee1d88ddd887cff2a8050516d0dbd08577a04
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6
SRPM
libksba-1.3.5-8.el8_6.src.rpm
SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8
aarch64
libksba-1.3.5-8.el8_6.aarch64.rpm
SHA-256: 0ba29cd913223ca261118ff402fd9feee3fd33a31b6c3327b5c825d52476d333
libksba-debuginfo-1.3.5-8.el8_6.aarch64.rpm
SHA-256: cec4b69f8076a26165b81d5ca773c9d246ff25584450b1bd30e9328e2ce5b65d
libksba-debugsource-1.3.5-8.el8_6.aarch64.rpm
SHA-256: d94a0f887220291532bd1387139ba6a88ec39b67f5e714044fd95a9d43477db3
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6
SRPM
x86_64
libksba-debuginfo-1.3.5-8.el8_6.i686.rpm
SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c
libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a
libksba-debugsource-1.3.5-8.el8_6.i686.rpm
SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea
libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d
libksba-devel-1.3.5-8.el8_6.i686.rpm
SHA-256: fa8735b9759eec2db1a7f25416e2021be2b069bf631f8bc996176d4618c06f06
libksba-devel-1.3.5-8.el8_6.x86_64.rpm
SHA-256: 25cb8fede45eaee66b45f6e79f9c0b32c33b2ce2af1f95d600cd6bf4c9242d49
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6
SRPM
ppc64le
libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974
libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1
libksba-devel-1.3.5-8.el8_6.ppc64le.rpm
SHA-256: 630a39c43cd2489608ff6a05627e526d658e413efb92b6ee1ee4df162950f7ca
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6
SRPM
s390x
libksba-debuginfo-1.3.5-8.el8_6.s390x.rpm
SHA-256: 9fcea0b70bc2e7ed8390742e9229c1bf45d2a25a8a4861351dabdc23c5babccc
libksba-debugsource-1.3.5-8.el8_6.s390x.rpm
SHA-256: 724a96c3e37045e2de0475a3d0809e1f946231eef5fd46673f30862d1ed115a3
libksba-devel-1.3.5-8.el8_6.s390x.rpm
SHA-256: 5514894bac96fee2456fa3a53a6ee1d88ddd887cff2a8050516d0dbd08577a04
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6
SRPM
aarch64
libksba-debuginfo-1.3.5-8.el8_6.aarch64.rpm
SHA-256: cec4b69f8076a26165b81d5ca773c9d246ff25584450b1bd30e9328e2ce5b65d
libksba-debugsource-1.3.5-8.el8_6.aarch64.rpm
SHA-256: d94a0f887220291532bd1387139ba6a88ec39b67f5e714044fd95a9d43477db3
libksba-devel-1.3.5-8.el8_6.aarch64.rpm
SHA-256: a35a04562a09f1ffda2301b7d2779cebfb66abd522627d475f164aae0e69d0c7
Related news
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...
Red Hat Security Advisory 2023-0786-01 - Network observability is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console.
Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.
Red Hat Security Advisory 2023-0542-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release. Issues addressed include denial of service and spoofing vulnerabilities.
Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
Red Hat Security Advisory 2022-8938-01 - Version 1.26.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements.
Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...
Red Hat OpenShift Virtualization release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * CVE-2022-28327: golang: crypto/elliptic: panic caus...
Red Hat Security Advisory 2022-8609-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.7 images. Issues addressed include a bypass vulnerability.
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code * CVE-2022-40674: ex...
An update is now available for Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays...
Red Hat Security Advisory 2022-7927-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-7434-01 - A Red Hat OpenShift security update has been provided for the Logging Subsystem.
An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
An update for service-binding-operator-bundle-container and service-binding-operator-container is now available for OpenShift Developer Tools and Services for OCP 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2022-7283-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-25887: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS * CVE-2022-25896: passport: incorrect ses...
Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)
Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...
An update for libksba is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution
Red Hat Security Advisory 2022-7209-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
Ubuntu Security Notice 5688-2 - USN-5688-1 fixed vulnerabilities in Libksba. This update provides the corresponding update for Ubuntu 22.10. It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.
An update for libksba is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution
Red Hat Security Advisory 2022-7089-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-7090-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-7088-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
An update for libksba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution
An update for libksba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution
Ubuntu Security Notice 5688-1 - It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.