Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7089: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-3515: libksba: integer overflow may lead to remote code execution
Red Hat Security Data
#vulnerability#linux#red_hat#rce#ibm#sap#ssl

Synopsis

Important: libksba security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libksba is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.

Security Fix(es):

  • libksba: integer overflow may lead to remote code execution (CVE-2022-3515)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

Fixes

  • BZ - 2135610 - CVE-2022-3515 libksba: integer overflow may lead to remote code execution

Red Hat Enterprise Linux for x86_64 8

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

x86_64

libksba-1.3.5-8.el8_6.i686.rpm

SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f

libksba-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258

libksba-debuginfo-1.3.5-8.el8_6.i686.rpm

SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c

libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a

libksba-debugsource-1.3.5-8.el8_6.i686.rpm

SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea

libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

x86_64

libksba-1.3.5-8.el8_6.i686.rpm

SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f

libksba-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258

libksba-debuginfo-1.3.5-8.el8_6.i686.rpm

SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c

libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a

libksba-debugsource-1.3.5-8.el8_6.i686.rpm

SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea

libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

x86_64

libksba-1.3.5-8.el8_6.i686.rpm

SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f

libksba-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258

libksba-debuginfo-1.3.5-8.el8_6.i686.rpm

SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c

libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a

libksba-debugsource-1.3.5-8.el8_6.i686.rpm

SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea

libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

s390x

libksba-1.3.5-8.el8_6.s390x.rpm

SHA-256: 35208dcb955082c6168bb53a96176446689d9ff5d21f1db310fcf3a255652d68

libksba-debuginfo-1.3.5-8.el8_6.s390x.rpm

SHA-256: 9fcea0b70bc2e7ed8390742e9229c1bf45d2a25a8a4861351dabdc23c5babccc

libksba-debugsource-1.3.5-8.el8_6.s390x.rpm

SHA-256: 724a96c3e37045e2de0475a3d0809e1f946231eef5fd46673f30862d1ed115a3

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

s390x

libksba-1.3.5-8.el8_6.s390x.rpm

SHA-256: 35208dcb955082c6168bb53a96176446689d9ff5d21f1db310fcf3a255652d68

libksba-debuginfo-1.3.5-8.el8_6.s390x.rpm

SHA-256: 9fcea0b70bc2e7ed8390742e9229c1bf45d2a25a8a4861351dabdc23c5babccc

libksba-debugsource-1.3.5-8.el8_6.s390x.rpm

SHA-256: 724a96c3e37045e2de0475a3d0809e1f946231eef5fd46673f30862d1ed115a3

Red Hat Enterprise Linux for Power, little endian 8

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

ppc64le

libksba-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 461266de5092f91f0006b9f0f99fe854692e7138d756295da0224851f6c2fe5c

libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974

libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

ppc64le

libksba-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 461266de5092f91f0006b9f0f99fe854692e7138d756295da0224851f6c2fe5c

libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974

libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

x86_64

libksba-1.3.5-8.el8_6.i686.rpm

SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f

libksba-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258

libksba-debuginfo-1.3.5-8.el8_6.i686.rpm

SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c

libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a

libksba-debugsource-1.3.5-8.el8_6.i686.rpm

SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea

libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d

Red Hat Enterprise Linux for ARM 64 8

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

aarch64

libksba-1.3.5-8.el8_6.aarch64.rpm

SHA-256: 0ba29cd913223ca261118ff402fd9feee3fd33a31b6c3327b5c825d52476d333

libksba-debuginfo-1.3.5-8.el8_6.aarch64.rpm

SHA-256: cec4b69f8076a26165b81d5ca773c9d246ff25584450b1bd30e9328e2ce5b65d

libksba-debugsource-1.3.5-8.el8_6.aarch64.rpm

SHA-256: d94a0f887220291532bd1387139ba6a88ec39b67f5e714044fd95a9d43477db3

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

ppc64le

libksba-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 461266de5092f91f0006b9f0f99fe854692e7138d756295da0224851f6c2fe5c

libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974

libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

x86_64

libksba-1.3.5-8.el8_6.i686.rpm

SHA-256: d5583722cc2faf090d7936bb87df143dbfab2149573fb828c69541849ce40c3f

libksba-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 7c1bf3e03e870d49970d85a53d62f57a82afbc9c2d19c7b3fa9afc70ffba6258

libksba-debuginfo-1.3.5-8.el8_6.i686.rpm

SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c

libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a

libksba-debugsource-1.3.5-8.el8_6.i686.rpm

SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea

libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

libksba-debuginfo-1.3.5-8.el8_6.i686.rpm

SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c

libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a

libksba-debugsource-1.3.5-8.el8_6.i686.rpm

SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea

libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d

libksba-devel-1.3.5-8.el8_6.i686.rpm

SHA-256: fa8735b9759eec2db1a7f25416e2021be2b069bf631f8bc996176d4618c06f06

libksba-devel-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 25cb8fede45eaee66b45f6e79f9c0b32c33b2ce2af1f95d600cd6bf4c9242d49

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974

libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1

libksba-devel-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 630a39c43cd2489608ff6a05627e526d658e413efb92b6ee1ee4df162950f7ca

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

libksba-debuginfo-1.3.5-8.el8_6.aarch64.rpm

SHA-256: cec4b69f8076a26165b81d5ca773c9d246ff25584450b1bd30e9328e2ce5b65d

libksba-debugsource-1.3.5-8.el8_6.aarch64.rpm

SHA-256: d94a0f887220291532bd1387139ba6a88ec39b67f5e714044fd95a9d43477db3

libksba-devel-1.3.5-8.el8_6.aarch64.rpm

SHA-256: a35a04562a09f1ffda2301b7d2779cebfb66abd522627d475f164aae0e69d0c7

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

libksba-debuginfo-1.3.5-8.el8_6.s390x.rpm

SHA-256: 9fcea0b70bc2e7ed8390742e9229c1bf45d2a25a8a4861351dabdc23c5babccc

libksba-debugsource-1.3.5-8.el8_6.s390x.rpm

SHA-256: 724a96c3e37045e2de0475a3d0809e1f946231eef5fd46673f30862d1ed115a3

libksba-devel-1.3.5-8.el8_6.s390x.rpm

SHA-256: 5514894bac96fee2456fa3a53a6ee1d88ddd887cff2a8050516d0dbd08577a04

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM

libksba-1.3.5-8.el8_6.src.rpm

SHA-256: 61024dfeef60dd8db3887b796a6a5460828a922cec6267551e7713461af7bfd8

aarch64

libksba-1.3.5-8.el8_6.aarch64.rpm

SHA-256: 0ba29cd913223ca261118ff402fd9feee3fd33a31b6c3327b5c825d52476d333

libksba-debuginfo-1.3.5-8.el8_6.aarch64.rpm

SHA-256: cec4b69f8076a26165b81d5ca773c9d246ff25584450b1bd30e9328e2ce5b65d

libksba-debugsource-1.3.5-8.el8_6.aarch64.rpm

SHA-256: d94a0f887220291532bd1387139ba6a88ec39b67f5e714044fd95a9d43477db3

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM

x86_64

libksba-debuginfo-1.3.5-8.el8_6.i686.rpm

SHA-256: 67b46ac78ac6584e86f5405f5ebb89471a1d3c3515e02a36f6dc71ac110bb32c

libksba-debuginfo-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 168aa9d210043ba04645841f9040e29a71893c10f7e0f48be8e94a598a70863a

libksba-debugsource-1.3.5-8.el8_6.i686.rpm

SHA-256: 56b69c381afcd2ddad294a258b27d7f33bad816d131a5aa7cddaa160d44386ea

libksba-debugsource-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 78c6db972fbd096479864925ad6dc9551d21d759e6940a2eab9676f7491a305d

libksba-devel-1.3.5-8.el8_6.i686.rpm

SHA-256: fa8735b9759eec2db1a7f25416e2021be2b069bf631f8bc996176d4618c06f06

libksba-devel-1.3.5-8.el8_6.x86_64.rpm

SHA-256: 25cb8fede45eaee66b45f6e79f9c0b32c33b2ce2af1f95d600cd6bf4c9242d49

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM

ppc64le

libksba-debuginfo-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 02ba076e81d5078725a5628932a768e95fa4eb17bf937425f695c312c5e03974

libksba-debugsource-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: b5645b4eeaf691237ef61b27a90b902c51fba8915354dec7aadb929eda9df9f1

libksba-devel-1.3.5-8.el8_6.ppc64le.rpm

SHA-256: 630a39c43cd2489608ff6a05627e526d658e413efb92b6ee1ee4df162950f7ca

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM

s390x

libksba-debuginfo-1.3.5-8.el8_6.s390x.rpm

SHA-256: 9fcea0b70bc2e7ed8390742e9229c1bf45d2a25a8a4861351dabdc23c5babccc

libksba-debugsource-1.3.5-8.el8_6.s390x.rpm

SHA-256: 724a96c3e37045e2de0475a3d0809e1f946231eef5fd46673f30862d1ed115a3

libksba-devel-1.3.5-8.el8_6.s390x.rpm

SHA-256: 5514894bac96fee2456fa3a53a6ee1d88ddd887cff2a8050516d0dbd08577a04

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM

aarch64

libksba-debuginfo-1.3.5-8.el8_6.aarch64.rpm

SHA-256: cec4b69f8076a26165b81d5ca773c9d246ff25584450b1bd30e9328e2ce5b65d

libksba-debugsource-1.3.5-8.el8_6.aarch64.rpm

SHA-256: d94a0f887220291532bd1387139ba6a88ec39b67f5e714044fd95a9d43477db3

libksba-devel-1.3.5-8.el8_6.aarch64.rpm

SHA-256: a35a04562a09f1ffda2301b7d2779cebfb66abd522627d475f164aae0e69d0c7

Related news

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

Red Hat Security Advisory 2023-0786-01

Red Hat Security Advisory 2023-0786-01 - Network observability is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console.

RHSA-2023:0795: Red Hat Security Advisory: RHSA: Submariner 0.13.3 - security updates and bug fixes

Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.

Red Hat Security Advisory 2023-0542-01

Red Hat Security Advisory 2023-0542-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release. Issues addressed include denial of service and spoofing vulnerabilities.

RHSA-2023:0408: Red Hat Security Advisory: OpenShift Virtualization 4.12.0 Images security update

Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...

CVE-2022-3515: rK4b7d9cd4a018

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

Red Hat Security Advisory 2022-8938-01

Red Hat Security Advisory 2022-8938-01 - Version 1.26.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements.

RHSA-2022:8781: Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update

Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...

RHSA-2022:8750: Red Hat Security Advisory: OpenShift Virtualization 4.11.1 security and bug fix update

Red Hat OpenShift Virtualization release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * CVE-2022-28327: golang: crypto/elliptic: panic caus...

Red Hat Security Advisory 2022-8609-01

Red Hat Security Advisory 2022-8609-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.7 images. Issues addressed include a bypass vulnerability.

RHSA-2022:8598: Red Hat Security Advisory: Red Hat Virtualization Host security update [ovirt-4.5.3-1]

An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code * CVE-2022-40674: ex...

RHSA-2022:7435: Red Hat Security Advisory: Logging Subsystem 5.4.8 - Red Hat OpenShift security update

An update is now available for Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays...

Red Hat Security Advisory 2022-7927-01

Red Hat Security Advisory 2022-7927-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2022-7434-01

Red Hat Security Advisory 2022-7434-01 - A Red Hat OpenShift security update has been provided for the Logging Subsystem.

RHSA-2022:6882: Red Hat Security Advisory: Openshift Logging 5.3.13 security and bug fix release

An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

RHSA-2022:7407: Red Hat Security Advisory: Service Binding Operator 1.3.1 security update

An update for service-binding-operator-bundle-container and service-binding-operator-container is now available for OpenShift Developer Tools and Services for OCP 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

Red Hat Security Advisory 2022-7201-01

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7276-01

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7283-01

Red Hat Security Advisory 2022-7283-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2022:7313: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-25887: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS * CVE-2022-25896: passport: incorrect ses...

RHSA-2022:7201: Red Hat Security Advisory: OpenShift Container Platform 4.11.12 security update

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

RHSA-2022:7276: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

RHSA-2022:7283: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution

Red Hat Security Advisory 2022-7209-01

Red Hat Security Advisory 2022-7209-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Ubuntu Security Notice USN-5688-2

Ubuntu Security Notice 5688-2 - USN-5688-1 fixed vulnerabilities in Libksba. This update provides the corresponding update for Ubuntu 22.10. It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.

RHSA-2022:7209: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution

Red Hat Security Advisory 2022-7089-01

Red Hat Security Advisory 2022-7089-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2022-7090-01

Red Hat Security Advisory 2022-7090-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2022-7088-01

Red Hat Security Advisory 2022-7088-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2022:7090: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution

RHSA-2022:7088: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution

Ubuntu Security Notice USN-5688-1

Ubuntu Security Notice 5688-1 - It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.