Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:4992: Red Hat Security Advisory: xz security update

An update for xz is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-1271: gzip: arbitrary-file-write vulnerability
Red Hat Security Data
#vulnerability#linux#red_hat#ibm#sap#ssl

Synopsis

Important: xz security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for xz is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.

Security Fix(es):

  • gzip: arbitrary-file-write vulnerability (CVE-2022-1271)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.2 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64

Fixes

  • BZ - 2073310 - CVE-2022-1271 gzip: arbitrary-file-write vulnerability

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2

SRPM

xz-5.2.4-4.el8_2.src.rpm

SHA-256: 5206db38df3d0d36ca9468616a9ebdff482ee59ebb98cb4795b0d7e615059add

x86_64

xz-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 376be7c5a400295092ef517184b7700a7dd79e34d824b645758f905b6a298382

xz-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 21d4af297b95e4a4f09ae5bbe8e54f8cfacd6da86d36a134e341ca787f4c4ea5

xz-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e9ec0fb04760aadb2a0c5d356005af30d01b1e6ca835cd5e6fc00071d7625790

xz-debugsource-5.2.4-4.el8_2.i686.rpm

SHA-256: f563edf3f75e9411181a06c888c80a92be2b6cf464768a72d99279dcc3013c77

xz-debugsource-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 098b04530de81820a38e319d9139ad29107b9bd0ed6f49c76446dc15ebda5977

xz-devel-5.2.4-4.el8_2.i686.rpm

SHA-256: f7c801236eac1c02ee590371f5efad9abce7cce36f92f6f35117cf7b86ebd7e5

xz-devel-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 9626af9fed6b7abda55de2745981ce99191591ead3a6a5aaa1afd948ae979208

xz-libs-5.2.4-4.el8_2.i686.rpm

SHA-256: adf16846d646ed06689128c4312ef587da20d79c2d5b79c37df7b8530eedd1bb

xz-libs-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e1d57d8b1ae62f51c22a632c02b3511ac78ef4c45a5ba6127f46cdd52bcf63a3

xz-libs-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 47036e310e923b980bce95f7d5d3c49edb58b20895d5b24bd490282ebf8da021

xz-libs-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 1e1a8fa1f1347b857fd3426cffd6a6cec4dc3bc66b7a352df28001a86da86d2a

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 4da27bfb80d422585aaab32c075d767e5a40f4809d87e22985f840ace806e3aa

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 4aee3590117b4fc81741bbc01d9ffd7f14b90576fcecbe60ccc4cf50dc0880ec

Red Hat Enterprise Linux Server - AUS 8.2

SRPM

xz-5.2.4-4.el8_2.src.rpm

SHA-256: 5206db38df3d0d36ca9468616a9ebdff482ee59ebb98cb4795b0d7e615059add

x86_64

xz-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 376be7c5a400295092ef517184b7700a7dd79e34d824b645758f905b6a298382

xz-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 21d4af297b95e4a4f09ae5bbe8e54f8cfacd6da86d36a134e341ca787f4c4ea5

xz-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e9ec0fb04760aadb2a0c5d356005af30d01b1e6ca835cd5e6fc00071d7625790

xz-debugsource-5.2.4-4.el8_2.i686.rpm

SHA-256: f563edf3f75e9411181a06c888c80a92be2b6cf464768a72d99279dcc3013c77

xz-debugsource-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 098b04530de81820a38e319d9139ad29107b9bd0ed6f49c76446dc15ebda5977

xz-devel-5.2.4-4.el8_2.i686.rpm

SHA-256: f7c801236eac1c02ee590371f5efad9abce7cce36f92f6f35117cf7b86ebd7e5

xz-devel-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 9626af9fed6b7abda55de2745981ce99191591ead3a6a5aaa1afd948ae979208

xz-libs-5.2.4-4.el8_2.i686.rpm

SHA-256: adf16846d646ed06689128c4312ef587da20d79c2d5b79c37df7b8530eedd1bb

xz-libs-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e1d57d8b1ae62f51c22a632c02b3511ac78ef4c45a5ba6127f46cdd52bcf63a3

xz-libs-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 47036e310e923b980bce95f7d5d3c49edb58b20895d5b24bd490282ebf8da021

xz-libs-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 1e1a8fa1f1347b857fd3426cffd6a6cec4dc3bc66b7a352df28001a86da86d2a

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 4da27bfb80d422585aaab32c075d767e5a40f4809d87e22985f840ace806e3aa

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 4aee3590117b4fc81741bbc01d9ffd7f14b90576fcecbe60ccc4cf50dc0880ec

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2

SRPM

xz-5.2.4-4.el8_2.src.rpm

SHA-256: 5206db38df3d0d36ca9468616a9ebdff482ee59ebb98cb4795b0d7e615059add

s390x

xz-5.2.4-4.el8_2.s390x.rpm

SHA-256: ddfb1e619e7257e1184bd715c7aecb662c00ab22ec8a89c1f77c24dacef65f1e

xz-debuginfo-5.2.4-4.el8_2.s390x.rpm

SHA-256: 2044c5b12eb4ddf75a3fb5e5891102d1a69479292b857712fd94f7f16c79124e

xz-debugsource-5.2.4-4.el8_2.s390x.rpm

SHA-256: 665a99e53175df8b9ea5cecff903e29bf0f46a23f1507747c2327e318518f2f5

xz-devel-5.2.4-4.el8_2.s390x.rpm

SHA-256: 65a3b2229cd640275ce75e82dd38ba12e434582ccee77dcf7747d04cd56110fc

xz-libs-5.2.4-4.el8_2.s390x.rpm

SHA-256: 2b06cc4e5f953c7e2c0fba5d6f05495458391746d79992de55407fafdf8ff4d4

xz-libs-debuginfo-5.2.4-4.el8_2.s390x.rpm

SHA-256: 5d066ab7ff8f401c757ce1c188044af0293866cda47e517e4f37f0339d9ed9ee

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.s390x.rpm

SHA-256: fcc7efa312605f3203cf12c07327fccd7264fb66fa847dd899997ff9036f754a

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2

SRPM

xz-5.2.4-4.el8_2.src.rpm

SHA-256: 5206db38df3d0d36ca9468616a9ebdff482ee59ebb98cb4795b0d7e615059add

ppc64le

xz-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: f82167e6cc9d98fdeb67c1844e9fba5570144f9cafa163f7683de5e18dd554b9

xz-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 442f498be2f5dfd740a0942fb2f62fb3ae83d43e7edc7188004a8685026fd91e

xz-debugsource-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: cff4033b9d243ec3bf40f56552b9e74dedb2e694d7137c5f500dea8b2498e5d6

xz-devel-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 29ae8cc5fa9d1b47a0c76440b7fb1b33f51195a26cf5e397075ca7a34afec12c

xz-libs-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: bf20a6c4691d4c8ec26e605e69304559c6f6abcfee937e50c5391bc9a318e12a

xz-libs-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 3021d58292b98a1a1061a8af6a3b96f6f83748d65ada1b210b62343dff77d646

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 4c1b06bf74ca2dda2b0d6b62edbe9b520c2ec8123d4af1a9cc315b19d1a77d71

Red Hat Enterprise Linux Server - TUS 8.2

SRPM

xz-5.2.4-4.el8_2.src.rpm

SHA-256: 5206db38df3d0d36ca9468616a9ebdff482ee59ebb98cb4795b0d7e615059add

x86_64

xz-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 376be7c5a400295092ef517184b7700a7dd79e34d824b645758f905b6a298382

xz-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 21d4af297b95e4a4f09ae5bbe8e54f8cfacd6da86d36a134e341ca787f4c4ea5

xz-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e9ec0fb04760aadb2a0c5d356005af30d01b1e6ca835cd5e6fc00071d7625790

xz-debugsource-5.2.4-4.el8_2.i686.rpm

SHA-256: f563edf3f75e9411181a06c888c80a92be2b6cf464768a72d99279dcc3013c77

xz-debugsource-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 098b04530de81820a38e319d9139ad29107b9bd0ed6f49c76446dc15ebda5977

xz-devel-5.2.4-4.el8_2.i686.rpm

SHA-256: f7c801236eac1c02ee590371f5efad9abce7cce36f92f6f35117cf7b86ebd7e5

xz-devel-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 9626af9fed6b7abda55de2745981ce99191591ead3a6a5aaa1afd948ae979208

xz-libs-5.2.4-4.el8_2.i686.rpm

SHA-256: adf16846d646ed06689128c4312ef587da20d79c2d5b79c37df7b8530eedd1bb

xz-libs-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e1d57d8b1ae62f51c22a632c02b3511ac78ef4c45a5ba6127f46cdd52bcf63a3

xz-libs-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 47036e310e923b980bce95f7d5d3c49edb58b20895d5b24bd490282ebf8da021

xz-libs-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 1e1a8fa1f1347b857fd3426cffd6a6cec4dc3bc66b7a352df28001a86da86d2a

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 4da27bfb80d422585aaab32c075d767e5a40f4809d87e22985f840ace806e3aa

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 4aee3590117b4fc81741bbc01d9ffd7f14b90576fcecbe60ccc4cf50dc0880ec

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2

SRPM

xz-5.2.4-4.el8_2.src.rpm

SHA-256: 5206db38df3d0d36ca9468616a9ebdff482ee59ebb98cb4795b0d7e615059add

aarch64

xz-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 5622a7651664c2a6ce79a545722a89276fb7041d4540c5cdb2f0dc4c0d610da4

xz-debuginfo-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 49badb1c97357da8bc9e7b54c1710aa4c3da03ea2b41e00061dec5218ca57c30

xz-debugsource-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 1c6f692f4d2e2ef36fc25a0dcde42dc8ec013cb5559495404d7482c812c1ce63

xz-devel-5.2.4-4.el8_2.aarch64.rpm

SHA-256: dbabc609ffa27552bd891e2d95988e02297f82eb88958d07a1f1c76a4407b337

xz-libs-5.2.4-4.el8_2.aarch64.rpm

SHA-256: bd450ea00792fb6ffdc75ff69c6d1092b398b167d28e103056aff67e0983c37b

xz-libs-debuginfo-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 60f882b28e015e497c171dc00aec43e2275cf39b7c329317d9ed08f7cd0786ee

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 4e804e8105f9a45a188df5e28d02550975ca5e4363891f900516b0e16b2725b4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM

xz-5.2.4-4.el8_2.src.rpm

SHA-256: 5206db38df3d0d36ca9468616a9ebdff482ee59ebb98cb4795b0d7e615059add

ppc64le

xz-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: f82167e6cc9d98fdeb67c1844e9fba5570144f9cafa163f7683de5e18dd554b9

xz-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 442f498be2f5dfd740a0942fb2f62fb3ae83d43e7edc7188004a8685026fd91e

xz-debugsource-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: cff4033b9d243ec3bf40f56552b9e74dedb2e694d7137c5f500dea8b2498e5d6

xz-devel-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 29ae8cc5fa9d1b47a0c76440b7fb1b33f51195a26cf5e397075ca7a34afec12c

xz-libs-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: bf20a6c4691d4c8ec26e605e69304559c6f6abcfee937e50c5391bc9a318e12a

xz-libs-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 3021d58292b98a1a1061a8af6a3b96f6f83748d65ada1b210b62343dff77d646

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 4c1b06bf74ca2dda2b0d6b62edbe9b520c2ec8123d4af1a9cc315b19d1a77d71

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM

xz-5.2.4-4.el8_2.src.rpm

SHA-256: 5206db38df3d0d36ca9468616a9ebdff482ee59ebb98cb4795b0d7e615059add

x86_64

xz-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 376be7c5a400295092ef517184b7700a7dd79e34d824b645758f905b6a298382

xz-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 21d4af297b95e4a4f09ae5bbe8e54f8cfacd6da86d36a134e341ca787f4c4ea5

xz-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e9ec0fb04760aadb2a0c5d356005af30d01b1e6ca835cd5e6fc00071d7625790

xz-debugsource-5.2.4-4.el8_2.i686.rpm

SHA-256: f563edf3f75e9411181a06c888c80a92be2b6cf464768a72d99279dcc3013c77

xz-debugsource-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 098b04530de81820a38e319d9139ad29107b9bd0ed6f49c76446dc15ebda5977

xz-devel-5.2.4-4.el8_2.i686.rpm

SHA-256: f7c801236eac1c02ee590371f5efad9abce7cce36f92f6f35117cf7b86ebd7e5

xz-devel-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 9626af9fed6b7abda55de2745981ce99191591ead3a6a5aaa1afd948ae979208

xz-libs-5.2.4-4.el8_2.i686.rpm

SHA-256: adf16846d646ed06689128c4312ef587da20d79c2d5b79c37df7b8530eedd1bb

xz-libs-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e1d57d8b1ae62f51c22a632c02b3511ac78ef4c45a5ba6127f46cdd52bcf63a3

xz-libs-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 47036e310e923b980bce95f7d5d3c49edb58b20895d5b24bd490282ebf8da021

xz-libs-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 1e1a8fa1f1347b857fd3426cffd6a6cec4dc3bc66b7a352df28001a86da86d2a

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.i686.rpm

SHA-256: 4da27bfb80d422585aaab32c075d767e5a40f4809d87e22985f840ace806e3aa

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 4aee3590117b4fc81741bbc01d9ffd7f14b90576fcecbe60ccc4cf50dc0880ec

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2

SRPM

x86_64

xz-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: e9ec0fb04760aadb2a0c5d356005af30d01b1e6ca835cd5e6fc00071d7625790

xz-debugsource-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 098b04530de81820a38e319d9139ad29107b9bd0ed6f49c76446dc15ebda5977

xz-libs-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 1e1a8fa1f1347b857fd3426cffd6a6cec4dc3bc66b7a352df28001a86da86d2a

xz-lzma-compat-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 515a89e312c7d3da72b888f0f174e01104111eda48551154118b5e6d0ac7dcc4

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.x86_64.rpm

SHA-256: 4aee3590117b4fc81741bbc01d9ffd7f14b90576fcecbe60ccc4cf50dc0880ec

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2

SRPM

ppc64le

xz-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 442f498be2f5dfd740a0942fb2f62fb3ae83d43e7edc7188004a8685026fd91e

xz-debugsource-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: cff4033b9d243ec3bf40f56552b9e74dedb2e694d7137c5f500dea8b2498e5d6

xz-libs-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 3021d58292b98a1a1061a8af6a3b96f6f83748d65ada1b210b62343dff77d646

xz-lzma-compat-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 77d703bb7a903b213ae294751d85c23a83ecc0bb55bcd8739b35a689a989270a

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.ppc64le.rpm

SHA-256: 4c1b06bf74ca2dda2b0d6b62edbe9b520c2ec8123d4af1a9cc315b19d1a77d71

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.2

SRPM

s390x

xz-debuginfo-5.2.4-4.el8_2.s390x.rpm

SHA-256: 2044c5b12eb4ddf75a3fb5e5891102d1a69479292b857712fd94f7f16c79124e

xz-debugsource-5.2.4-4.el8_2.s390x.rpm

SHA-256: 665a99e53175df8b9ea5cecff903e29bf0f46a23f1507747c2327e318518f2f5

xz-libs-debuginfo-5.2.4-4.el8_2.s390x.rpm

SHA-256: 5d066ab7ff8f401c757ce1c188044af0293866cda47e517e4f37f0339d9ed9ee

xz-lzma-compat-5.2.4-4.el8_2.s390x.rpm

SHA-256: c874310301e758e0438a7c312bd42c5f5c95a2c13670056bcf55018752435a19

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.s390x.rpm

SHA-256: fcc7efa312605f3203cf12c07327fccd7264fb66fa847dd899997ff9036f754a

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2

SRPM

aarch64

xz-debuginfo-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 49badb1c97357da8bc9e7b54c1710aa4c3da03ea2b41e00061dec5218ca57c30

xz-debugsource-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 1c6f692f4d2e2ef36fc25a0dcde42dc8ec013cb5559495404d7482c812c1ce63

xz-libs-debuginfo-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 60f882b28e015e497c171dc00aec43e2275cf39b7c329317d9ed08f7cd0786ee

xz-lzma-compat-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 868e9b0d786fb573ade26754366569b6b16862275634cf6e93eb6dc6c03e7d9c

xz-lzma-compat-debuginfo-5.2.4-4.el8_2.aarch64.rpm

SHA-256: 4e804e8105f9a45a188df5e28d02550975ca5e4363891f900516b0e16b2725b4

Related news

RHSA-2023:4053: Red Hat Security Advisory: OpenShift Container Platform 4.11.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21235: A flaw was found in the VCS package, caused by improper validation of user-supplied input. By using a specially-crafted argument, a remote attacker could execute arbitrary commands o...

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

Red Hat Security Advisory 2023-0786-01

Red Hat Security Advisory 2023-0786-01 - Network observability is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Red Hat Security Advisory 2022-6890-01

Red Hat Security Advisory 2022-6890-01 - Red Hat OpenShift Virtualization release 4.8.7 is now available with updates to packages and images that fix several bugs and add enhancements.

RHSA-2022:6681: Red Hat Security Advisory: OpenShift Virtualization 4.9.6 Images security and bug fix update

Red Hat OpenShift Virtualization release 4.9.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1798: kubeVirt: Arbitrary file read on the host from KubeVirt VMs

Gentoo Linux Security Advisory 202209-01

Gentoo Linux Security Advisory 202209-1 - A vulnerability has been discovered in GNU Gzip and XZ Utils' grep helpers which could result in writes to arbitrary files. Versions less than 1.12 are affected.

RHSA-2022:6252: Red Hat Security Advisory: OpenShift Container Platform 3.11.784 security update

Red Hat OpenShift Container Platform release 3.11.784 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-39226: grafana: Snapshot authentication bypass

Red Hat Security Advisory 2022-5070-01

Red Hat Security Advisory 2022-5070-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include denial of service, out of bounds read, and traversal vulnerabilities.

RHSA-2022:5069: Red Hat Security Advisory: OpenShift Container Platform 4.11.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2021-23648: sanitize-url: XSS * CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion * CVE-2021-44906:...

Red Hat Security Advisory 2022-5909-01

Red Hat Security Advisory 2022-5909-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2022-5908-01

Red Hat Security Advisory 2022-5908-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2022-5556-01

Red Hat Security Advisory 2022-5556-01 - Logging Subsystem 5.4.3 has security updates. Issues addressed include denial of service and out of bounds read vulnerabilities.

CVE-2022-21586: Oracle Critical Patch Update Advisory - July 2022

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).

RHSA-2022:5483: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3807: nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes * CVE-2022-0235: node-fetch: exposure of sensitive information to an unauthorized actor * CVE-2022-0536: follow-redirects: Exposure of Sensitive Information via Authorization Header leak

Red Hat Security Advisory 2022-5153-01

Red Hat Security Advisory 2022-5153-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a cross site scripting vulnerability.

Red Hat Security Advisory 2022-5189-01

Red Hat Security Advisory 2022-5189-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

RHSA-2022:5187: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.3 on OpenShift 4.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31016: argocd: vulnerable to an uncontrolled memory consumption bug * CVE-2022-31034: argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI. * CVE-2022-31035: argocd: cross-site scripting (XSS) allow a malicious user to inject a javascript link in the UI * CVE-2022-31036: argocd: vulnerable to a...

Red Hat Security Advisory 2022-5132-01

Red Hat Security Advisory 2022-5132-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

Red Hat Security Advisory 2022-5052-01

Red Hat Security Advisory 2022-5052-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.

Red Hat Security Advisory 2022-4991-01

Red Hat Security Advisory 2022-4991-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.

RHSA-2022:5052: Red Hat Security Advisory: xz security update

An update for xz is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1271: gzip: arbitrary-file-write vulnerability

RHSA-2022:4993: Red Hat Security Advisory: xz security update

An update for xz is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1271: gzip: arbitrary-file-write vulnerability

RHSA-2022:4880: Red Hat Security Advisory: ACS 3.70 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug fixes and feature improvements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23820: json-pointer: type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays * CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion

Red Hat Security Advisory 2022-4814-01

Red Hat Security Advisory 2022-4814-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include denial of service and memory exhaustion vulnerabilities.

RHSA-2022:4814: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.6.5 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3807: nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes * CVE-2021-39293: golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)

Red Hat Security Advisory 2022-2265-01

Red Hat Security Advisory 2022-2265-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.58.

Red Hat Security Advisory 2022-2272-01

Red Hat Security Advisory 2022-2272-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.41.

RHSA-2022:2272: Red Hat Security Advisory: OpenShift Container Platform 4.8.41 bug fix and security update

Red Hat OpenShift Container Platform release 4.8.41 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1677: openshift/router: route hijacking attack via crafted HAProxy configuration file

Red Hat Security Advisory 2022-2216-01

Red Hat Security Advisory 2022-2216-01 - Logging Subsystem 5.4.1 - Red Hat OpenShift. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

RHSA-2022:2217: Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.3.7

Openshift Logging Bug Fix Release (5.3.7) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37136: netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data * CVE-2021-37137: netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way * CVE-2021-43797: netty: control chars in header names may lead to HTTP request smuggling * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead to...

RHSA-2022:2218: Red Hat Security Advisory: Openshift Logging Security and Bug update Release (5.2.10)

Openshift Logging Bug Fix Release (5.2.10) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37136: netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data * CVE-2021-37137: netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way * CVE-2021-43797: netty: control chars in header names may lead to HTTP request smuggling * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead t...