Headline

RHSA-2022:4991: Red Hat Security Advisory: xz security update

An update for xz is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2022-1271: gzip: arbitrary-file-write vulnerability

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #linux #red_hat #ibm #sap #ssl

Synopsis

Important: xz security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for xz is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.

Security Fix(es):

gzip: arbitrary-file-write vulnerability (CVE-2022-1271)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
Red Hat Enterprise Linux Server - AUS 8.6 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
Red Hat Enterprise Linux Server - TUS 8.6 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

Fixes

BZ - 2073310 - CVE-2022-1271 gzip: arbitrary-file-write vulnerability

Red Hat Enterprise Linux for x86_64 8

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

x86_64

xz-5.2.4-4.el8_6.x86_64.rpm

SHA-256: fa4ceb20dbf23e9408a6446fefc4b709bc85e0bc563ca423569bbe08ecee2c5e

xz-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: d2550ba557d48d8161338e001e99a5cfa7f871721e664ee4cacd1d5238d10364

xz-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 30bd690001b050cabfa4f0b7010cdc1026f23b04bf75f17049313240d97e6b4a

xz-debugsource-5.2.4-4.el8_6.i686.rpm

SHA-256: f29e9a5355b53191c305f2e05a96b46e03633ce41d6605283b5796a10bcc750f

xz-debugsource-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 4fe77cdb6e33cdd77cf35452aa5671a43769fc69ae7fe5027dad62bc4fafd32c

xz-devel-5.2.4-4.el8_6.i686.rpm

SHA-256: e06d07f26d7a710c97740378913673d04a315d86dc75759d21e618633b358184

xz-devel-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 37091b6cd606b0404a2dbd5cb462d2aeaaeaf21b322f1390ab3952b2f90d763a

xz-libs-5.2.4-4.el8_6.i686.rpm

SHA-256: aa4882912d233ab4d8d7214c62cf0878d6bceed6c474e479358a7188d99ab77e

xz-libs-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 384b65e2c4f698a7aab049df1c2dc86a03a26742852a2d69d4000e028edbcf19

xz-libs-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 23a61a167fc563dd33bbfb826fab05358c709b99c70768d1ee906601ed725803

xz-libs-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6de04c5f080385596aa56409840e9ca1e0c81d8b4e969d16cd5995d4802d76ac

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 6c2e67f0ad498ec40d9301715760094b765e044900163a84265afdf2db68f60b

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 27896791994136b61a0e0c080938d1238c1f6bb6b61a7018d7b1eee3fb468b4f

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

x86_64

xz-5.2.4-4.el8_6.x86_64.rpm

SHA-256: fa4ceb20dbf23e9408a6446fefc4b709bc85e0bc563ca423569bbe08ecee2c5e

xz-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: d2550ba557d48d8161338e001e99a5cfa7f871721e664ee4cacd1d5238d10364

xz-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 30bd690001b050cabfa4f0b7010cdc1026f23b04bf75f17049313240d97e6b4a

xz-debugsource-5.2.4-4.el8_6.i686.rpm

SHA-256: f29e9a5355b53191c305f2e05a96b46e03633ce41d6605283b5796a10bcc750f

xz-debugsource-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 4fe77cdb6e33cdd77cf35452aa5671a43769fc69ae7fe5027dad62bc4fafd32c

xz-devel-5.2.4-4.el8_6.i686.rpm

SHA-256: e06d07f26d7a710c97740378913673d04a315d86dc75759d21e618633b358184

xz-devel-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 37091b6cd606b0404a2dbd5cb462d2aeaaeaf21b322f1390ab3952b2f90d763a

xz-libs-5.2.4-4.el8_6.i686.rpm

SHA-256: aa4882912d233ab4d8d7214c62cf0878d6bceed6c474e479358a7188d99ab77e

xz-libs-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 384b65e2c4f698a7aab049df1c2dc86a03a26742852a2d69d4000e028edbcf19

xz-libs-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 23a61a167fc563dd33bbfb826fab05358c709b99c70768d1ee906601ed725803

xz-libs-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6de04c5f080385596aa56409840e9ca1e0c81d8b4e969d16cd5995d4802d76ac

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 6c2e67f0ad498ec40d9301715760094b765e044900163a84265afdf2db68f60b

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 27896791994136b61a0e0c080938d1238c1f6bb6b61a7018d7b1eee3fb468b4f

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

x86_64

xz-5.2.4-4.el8_6.x86_64.rpm

SHA-256: fa4ceb20dbf23e9408a6446fefc4b709bc85e0bc563ca423569bbe08ecee2c5e

xz-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: d2550ba557d48d8161338e001e99a5cfa7f871721e664ee4cacd1d5238d10364

xz-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 30bd690001b050cabfa4f0b7010cdc1026f23b04bf75f17049313240d97e6b4a

xz-debugsource-5.2.4-4.el8_6.i686.rpm

SHA-256: f29e9a5355b53191c305f2e05a96b46e03633ce41d6605283b5796a10bcc750f

xz-debugsource-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 4fe77cdb6e33cdd77cf35452aa5671a43769fc69ae7fe5027dad62bc4fafd32c

xz-devel-5.2.4-4.el8_6.i686.rpm

SHA-256: e06d07f26d7a710c97740378913673d04a315d86dc75759d21e618633b358184

xz-devel-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 37091b6cd606b0404a2dbd5cb462d2aeaaeaf21b322f1390ab3952b2f90d763a

xz-libs-5.2.4-4.el8_6.i686.rpm

SHA-256: aa4882912d233ab4d8d7214c62cf0878d6bceed6c474e479358a7188d99ab77e

xz-libs-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 384b65e2c4f698a7aab049df1c2dc86a03a26742852a2d69d4000e028edbcf19

xz-libs-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 23a61a167fc563dd33bbfb826fab05358c709b99c70768d1ee906601ed725803

xz-libs-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6de04c5f080385596aa56409840e9ca1e0c81d8b4e969d16cd5995d4802d76ac

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 6c2e67f0ad498ec40d9301715760094b765e044900163a84265afdf2db68f60b

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 27896791994136b61a0e0c080938d1238c1f6bb6b61a7018d7b1eee3fb468b4f

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

s390x

xz-5.2.4-4.el8_6.s390x.rpm

SHA-256: 7fb678077d965dd6aeb09df28ce05cba9c22e4110d4b52f1ee43986beb87a5ff

xz-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: c9d7ae21642c69635ca5060df409e181a9f8b7e4bbd74ec89de6f95930681fe4

xz-debugsource-5.2.4-4.el8_6.s390x.rpm

SHA-256: 450e8a14bcb62eaf5875a12f39d1b18c3f2b54b42fae70928721dbfad4d54251

xz-devel-5.2.4-4.el8_6.s390x.rpm

SHA-256: 0b557e42f120958dceb68fcaccea23d22aa7b57d806ccd951c8b11bafd21fbd0

xz-libs-5.2.4-4.el8_6.s390x.rpm

SHA-256: 2d8304b058faf1fd062ce26fff2a7b0a02e82a16c07c42b59c3c639505dbdb32

xz-libs-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: b0083867ff7f026e71718caa6cba544b6f9866c0b0ff84866af1e071f008a7ab

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: de51abcc03deeac6d78f7d1f5bab202a8f92439c368977c13eca0c1d475f81ba

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

s390x

xz-5.2.4-4.el8_6.s390x.rpm

SHA-256: 7fb678077d965dd6aeb09df28ce05cba9c22e4110d4b52f1ee43986beb87a5ff

xz-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: c9d7ae21642c69635ca5060df409e181a9f8b7e4bbd74ec89de6f95930681fe4

xz-debugsource-5.2.4-4.el8_6.s390x.rpm

SHA-256: 450e8a14bcb62eaf5875a12f39d1b18c3f2b54b42fae70928721dbfad4d54251

xz-devel-5.2.4-4.el8_6.s390x.rpm

SHA-256: 0b557e42f120958dceb68fcaccea23d22aa7b57d806ccd951c8b11bafd21fbd0

xz-libs-5.2.4-4.el8_6.s390x.rpm

SHA-256: 2d8304b058faf1fd062ce26fff2a7b0a02e82a16c07c42b59c3c639505dbdb32

xz-libs-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: b0083867ff7f026e71718caa6cba544b6f9866c0b0ff84866af1e071f008a7ab

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: de51abcc03deeac6d78f7d1f5bab202a8f92439c368977c13eca0c1d475f81ba

Red Hat Enterprise Linux for Power, little endian 8

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

ppc64le

xz-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 80d2fc754452ae52b3b36504e5cceb5cd5435a97999351402ae7a28298592a01

xz-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 0b657dfc98f5f4bfb5de3e3916bbe3613e440233bf5d3d030b2510de634b3ff6

xz-debugsource-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: cb4892a6ec49495c5cfbf3d49c438b8ced11d28ec1821c832f5f9a1b284e4f2b

xz-devel-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 2508ea8df7bdbf6665c5250948f726af0465f6fa4da13ad8c58e6584849b2fe3

xz-libs-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: e36fd1e6fd97ebf2fd83631d14928faf557a7a8459676b641eb0a4140059f97c

xz-libs-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 30ba77ce0a67f87f2b0a41b05465ebdf45c63720c0aa3e562bb58aec7897df4f

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: ef1d9ebba5dd9298c063331567adf29f91a90b7ff2dc7a2eec756df67f703562

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

ppc64le

xz-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 80d2fc754452ae52b3b36504e5cceb5cd5435a97999351402ae7a28298592a01

xz-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 0b657dfc98f5f4bfb5de3e3916bbe3613e440233bf5d3d030b2510de634b3ff6

xz-debugsource-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: cb4892a6ec49495c5cfbf3d49c438b8ced11d28ec1821c832f5f9a1b284e4f2b

xz-devel-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 2508ea8df7bdbf6665c5250948f726af0465f6fa4da13ad8c58e6584849b2fe3

xz-libs-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: e36fd1e6fd97ebf2fd83631d14928faf557a7a8459676b641eb0a4140059f97c

xz-libs-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 30ba77ce0a67f87f2b0a41b05465ebdf45c63720c0aa3e562bb58aec7897df4f

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: ef1d9ebba5dd9298c063331567adf29f91a90b7ff2dc7a2eec756df67f703562

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

x86_64

xz-5.2.4-4.el8_6.x86_64.rpm

SHA-256: fa4ceb20dbf23e9408a6446fefc4b709bc85e0bc563ca423569bbe08ecee2c5e

xz-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: d2550ba557d48d8161338e001e99a5cfa7f871721e664ee4cacd1d5238d10364

xz-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 30bd690001b050cabfa4f0b7010cdc1026f23b04bf75f17049313240d97e6b4a

xz-debugsource-5.2.4-4.el8_6.i686.rpm

SHA-256: f29e9a5355b53191c305f2e05a96b46e03633ce41d6605283b5796a10bcc750f

xz-debugsource-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 4fe77cdb6e33cdd77cf35452aa5671a43769fc69ae7fe5027dad62bc4fafd32c

xz-devel-5.2.4-4.el8_6.i686.rpm

SHA-256: e06d07f26d7a710c97740378913673d04a315d86dc75759d21e618633b358184

xz-devel-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 37091b6cd606b0404a2dbd5cb462d2aeaaeaf21b322f1390ab3952b2f90d763a

xz-libs-5.2.4-4.el8_6.i686.rpm

SHA-256: aa4882912d233ab4d8d7214c62cf0878d6bceed6c474e479358a7188d99ab77e

xz-libs-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 384b65e2c4f698a7aab049df1c2dc86a03a26742852a2d69d4000e028edbcf19

xz-libs-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 23a61a167fc563dd33bbfb826fab05358c709b99c70768d1ee906601ed725803

xz-libs-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6de04c5f080385596aa56409840e9ca1e0c81d8b4e969d16cd5995d4802d76ac

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 6c2e67f0ad498ec40d9301715760094b765e044900163a84265afdf2db68f60b

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 27896791994136b61a0e0c080938d1238c1f6bb6b61a7018d7b1eee3fb468b4f

Red Hat Enterprise Linux for ARM 64 8

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

aarch64

xz-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 342a2504cb34c9a5c1d43906f534cb1f3bf1de58ac517d575cff57053d04ab00

xz-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 699f6e5a0ffc02144c185c558b97a1db5821c416e5e18f0b117d55b5bed57d77

xz-debugsource-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 537c8aaa07ece58b5bdacacc714707303853bf3d007ce822cdd854104d7ecbda

xz-devel-5.2.4-4.el8_6.aarch64.rpm

SHA-256: ca1c0e8bb3d71ff6eb802f17d8e294ea87d80fb1ac42a4be99fb47af3def8b38

xz-libs-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 68aca19285724ade9cd611fb230bab9ae0660dbd651424c0c9d039cf7178dfc8

xz-libs-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: d489cda2686b6ad743b75c1c8e75abbed446d9ef16a2c296298a493c2203b519

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 08c601129d4efe9fd0254fb6195e550e6f9086a1561f3a6295fbbb33f0c84689

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

ppc64le

xz-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 80d2fc754452ae52b3b36504e5cceb5cd5435a97999351402ae7a28298592a01

xz-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 0b657dfc98f5f4bfb5de3e3916bbe3613e440233bf5d3d030b2510de634b3ff6

xz-debugsource-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: cb4892a6ec49495c5cfbf3d49c438b8ced11d28ec1821c832f5f9a1b284e4f2b

xz-devel-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 2508ea8df7bdbf6665c5250948f726af0465f6fa4da13ad8c58e6584849b2fe3

xz-libs-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: e36fd1e6fd97ebf2fd83631d14928faf557a7a8459676b641eb0a4140059f97c

xz-libs-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 30ba77ce0a67f87f2b0a41b05465ebdf45c63720c0aa3e562bb58aec7897df4f

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: ef1d9ebba5dd9298c063331567adf29f91a90b7ff2dc7a2eec756df67f703562

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

x86_64

xz-5.2.4-4.el8_6.x86_64.rpm

SHA-256: fa4ceb20dbf23e9408a6446fefc4b709bc85e0bc563ca423569bbe08ecee2c5e

xz-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: d2550ba557d48d8161338e001e99a5cfa7f871721e664ee4cacd1d5238d10364

xz-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 30bd690001b050cabfa4f0b7010cdc1026f23b04bf75f17049313240d97e6b4a

xz-debugsource-5.2.4-4.el8_6.i686.rpm

SHA-256: f29e9a5355b53191c305f2e05a96b46e03633ce41d6605283b5796a10bcc750f

xz-debugsource-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 4fe77cdb6e33cdd77cf35452aa5671a43769fc69ae7fe5027dad62bc4fafd32c

xz-devel-5.2.4-4.el8_6.i686.rpm

SHA-256: e06d07f26d7a710c97740378913673d04a315d86dc75759d21e618633b358184

xz-devel-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 37091b6cd606b0404a2dbd5cb462d2aeaaeaf21b322f1390ab3952b2f90d763a

xz-libs-5.2.4-4.el8_6.i686.rpm

SHA-256: aa4882912d233ab4d8d7214c62cf0878d6bceed6c474e479358a7188d99ab77e

xz-libs-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 384b65e2c4f698a7aab049df1c2dc86a03a26742852a2d69d4000e028edbcf19

xz-libs-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 23a61a167fc563dd33bbfb826fab05358c709b99c70768d1ee906601ed725803

xz-libs-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6de04c5f080385596aa56409840e9ca1e0c81d8b4e969d16cd5995d4802d76ac

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.i686.rpm

SHA-256: 6c2e67f0ad498ec40d9301715760094b765e044900163a84265afdf2db68f60b

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 27896791994136b61a0e0c080938d1238c1f6bb6b61a7018d7b1eee3fb468b4f

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

xz-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 30bd690001b050cabfa4f0b7010cdc1026f23b04bf75f17049313240d97e6b4a

xz-debugsource-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 4fe77cdb6e33cdd77cf35452aa5671a43769fc69ae7fe5027dad62bc4fafd32c

xz-libs-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6de04c5f080385596aa56409840e9ca1e0c81d8b4e969d16cd5995d4802d76ac

xz-lzma-compat-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6fd17b04f3c4039beca39d31b3a93b50d09190e3bb75fa9a022074735ae55edb

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 27896791994136b61a0e0c080938d1238c1f6bb6b61a7018d7b1eee3fb468b4f

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

xz-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 0b657dfc98f5f4bfb5de3e3916bbe3613e440233bf5d3d030b2510de634b3ff6

xz-debugsource-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: cb4892a6ec49495c5cfbf3d49c438b8ced11d28ec1821c832f5f9a1b284e4f2b

xz-libs-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 30ba77ce0a67f87f2b0a41b05465ebdf45c63720c0aa3e562bb58aec7897df4f

xz-lzma-compat-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 8a05711cb23a6d6af9db14cb834a2844f010d767c6134151e9e01ab6f2efc2ea

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: ef1d9ebba5dd9298c063331567adf29f91a90b7ff2dc7a2eec756df67f703562

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

xz-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 699f6e5a0ffc02144c185c558b97a1db5821c416e5e18f0b117d55b5bed57d77

xz-debugsource-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 537c8aaa07ece58b5bdacacc714707303853bf3d007ce822cdd854104d7ecbda

xz-libs-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: d489cda2686b6ad743b75c1c8e75abbed446d9ef16a2c296298a493c2203b519

xz-lzma-compat-5.2.4-4.el8_6.aarch64.rpm

SHA-256: d8fe6304c10145a276d7f6b7006147a090bc09dbe79bf972708971b604dd7938

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 08c601129d4efe9fd0254fb6195e550e6f9086a1561f3a6295fbbb33f0c84689

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

xz-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: c9d7ae21642c69635ca5060df409e181a9f8b7e4bbd74ec89de6f95930681fe4

xz-debugsource-5.2.4-4.el8_6.s390x.rpm

SHA-256: 450e8a14bcb62eaf5875a12f39d1b18c3f2b54b42fae70928721dbfad4d54251

xz-libs-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: b0083867ff7f026e71718caa6cba544b6f9866c0b0ff84866af1e071f008a7ab

xz-lzma-compat-5.2.4-4.el8_6.s390x.rpm

SHA-256: 86ee739faea668c34a182dd5897d58bd423bcf05e8b42720866a8e67b35fd97a

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: de51abcc03deeac6d78f7d1f5bab202a8f92439c368977c13eca0c1d475f81ba

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM

xz-5.2.4-4.el8_6.src.rpm

SHA-256: 7914b320eefa2db6dad68e5f01e99f8e661072a1f13acb3d19cba8c1295ae40a

aarch64

xz-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 342a2504cb34c9a5c1d43906f534cb1f3bf1de58ac517d575cff57053d04ab00

xz-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 699f6e5a0ffc02144c185c558b97a1db5821c416e5e18f0b117d55b5bed57d77

xz-debugsource-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 537c8aaa07ece58b5bdacacc714707303853bf3d007ce822cdd854104d7ecbda

xz-devel-5.2.4-4.el8_6.aarch64.rpm

SHA-256: ca1c0e8bb3d71ff6eb802f17d8e294ea87d80fb1ac42a4be99fb47af3def8b38

xz-libs-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 68aca19285724ade9cd611fb230bab9ae0660dbd651424c0c9d039cf7178dfc8

xz-libs-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: d489cda2686b6ad743b75c1c8e75abbed446d9ef16a2c296298a493c2203b519

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 08c601129d4efe9fd0254fb6195e550e6f9086a1561f3a6295fbbb33f0c84689

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM

x86_64

xz-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 30bd690001b050cabfa4f0b7010cdc1026f23b04bf75f17049313240d97e6b4a

xz-debugsource-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 4fe77cdb6e33cdd77cf35452aa5671a43769fc69ae7fe5027dad62bc4fafd32c

xz-libs-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6de04c5f080385596aa56409840e9ca1e0c81d8b4e969d16cd5995d4802d76ac

xz-lzma-compat-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 6fd17b04f3c4039beca39d31b3a93b50d09190e3bb75fa9a022074735ae55edb

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.x86_64.rpm

SHA-256: 27896791994136b61a0e0c080938d1238c1f6bb6b61a7018d7b1eee3fb468b4f

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM

ppc64le

xz-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 0b657dfc98f5f4bfb5de3e3916bbe3613e440233bf5d3d030b2510de634b3ff6

xz-debugsource-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: cb4892a6ec49495c5cfbf3d49c438b8ced11d28ec1821c832f5f9a1b284e4f2b

xz-libs-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 30ba77ce0a67f87f2b0a41b05465ebdf45c63720c0aa3e562bb58aec7897df4f

xz-lzma-compat-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: 8a05711cb23a6d6af9db14cb834a2844f010d767c6134151e9e01ab6f2efc2ea

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.ppc64le.rpm

SHA-256: ef1d9ebba5dd9298c063331567adf29f91a90b7ff2dc7a2eec756df67f703562

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM

s390x

xz-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: c9d7ae21642c69635ca5060df409e181a9f8b7e4bbd74ec89de6f95930681fe4

xz-debugsource-5.2.4-4.el8_6.s390x.rpm

SHA-256: 450e8a14bcb62eaf5875a12f39d1b18c3f2b54b42fae70928721dbfad4d54251

xz-libs-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: b0083867ff7f026e71718caa6cba544b6f9866c0b0ff84866af1e071f008a7ab

xz-lzma-compat-5.2.4-4.el8_6.s390x.rpm

SHA-256: 86ee739faea668c34a182dd5897d58bd423bcf05e8b42720866a8e67b35fd97a

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.s390x.rpm

SHA-256: de51abcc03deeac6d78f7d1f5bab202a8f92439c368977c13eca0c1d475f81ba

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM

aarch64

xz-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 699f6e5a0ffc02144c185c558b97a1db5821c416e5e18f0b117d55b5bed57d77

xz-debugsource-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 537c8aaa07ece58b5bdacacc714707303853bf3d007ce822cdd854104d7ecbda

xz-libs-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: d489cda2686b6ad743b75c1c8e75abbed446d9ef16a2c296298a493c2203b519

xz-lzma-compat-5.2.4-4.el8_6.aarch64.rpm

SHA-256: d8fe6304c10145a276d7f6b7006147a090bc09dbe79bf972708971b604dd7938

xz-lzma-compat-debuginfo-5.2.4-4.el8_6.aarch64.rpm

SHA-256: 08c601129d4efe9fd0254fb6195e550e6f9086a1561f3a6295fbbb33f0c84689

IBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.

1 year ago

CVE

Open in Source

#vulnerability #linux #dos #intel #buffer_overflow #auth #ibm #ssl

RHSA-2023:1326: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

1 year ago

CVE

Open in Source

#vulnerability #ios #intel #vmware #bios #dell #ssl

CVE-2022-38108: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

RHSA-2022:6526: Red Hat Security Advisory: OpenShift Virtualization 4.11.0 Images security and bug fix update

Red Hat OpenShift Virtualization release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1798: kubeVirt: Arbitrary file read on t...

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #mac #windows #linux #red_hat #dos #nodejs #js #java #kubernetes #intel #perl #vmware #aws #auth #ssh #rpm #ssl

Gentoo Linux Security Advisory 202209-01

Gentoo Linux Security Advisory 202209-1 - A vulnerability has been discovered in GNU Gzip and XZ Utils' grep helpers which could result in writes to arbitrary files. Versions less than 1.12 are affected.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #mac #linux #rce

RHSA-2022:6290: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-28327: golang: crypto/elliptic: panic caused by oversized scalar * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30631: golang: compress/gzip: stack exhaus...

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #red_hat #dos #kubernetes #ssl

Red Hat Security Advisory 2022-5070-01

Red Hat Security Advisory 2022-5070-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include denial of service, out of bounds read, and traversal vulnerabilities.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #dos #js #git #kubernetes #rpm

RHSA-2022:5069: Red Hat Security Advisory: OpenShift Container Platform 4.11.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2021-23648: sanitize-url: XSS * CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion * CVE-2021-44906:...

Red Hat Security Advisory 2022-5909-01

Red Hat Security Advisory 2022-5909-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #dos #git

Red Hat Security Advisory 2022-5908-01

Red Hat Security Advisory 2022-5908-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #dos #js #pdf

Red Hat Security Advisory 2022-5531-01

Red Hat Security Advisory 2022-5531-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #kubernetes #auth

RHSA-2022:5556: Red Hat Security Advisory: Logging Subsystem 5.4.3 - Red Hat OpenShift security update

Logging Subsystem 5.4.3 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #aws #oauth #auth #ibm

RHSA-2022:5439: Red Hat Security Advisory: RHV-H security update (redhat-virtualization-host) 4.3.23

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs * CVE-2022-1271: gzip: arbitrary-file-write vulnerability * CVE-2022-1966: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root * CVE-2...

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #mac #linux #red_hat #nodejs #js #java #kubernetes #aws

Red Hat Security Advisory 2022-5153-01

Red Hat Security Advisory 2022-5153-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a cross site scripting vulnerability.

2 years ago

Packet Storm

Open in Source

#xss #vulnerability #red_hat #js #git #java

Red Hat Security Advisory 2022-5188-01

Red Hat Security Advisory 2022-5188-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #kubernetes #jira

RHSA-2022:5187: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.3 on OpenShift 4.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31016: argocd: vulnerable to an uncontrolled memory consumption bug * CVE-2022-31034: argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI. * CVE-2022-31035: argocd: cross-site scripting (XSS) allow a malicious user to inject a javascript link in the UI * CVE-2022-31036: argocd: vulnerable to a...

2 years ago

Red Hat Security Data

Open in Source

#xss #vulnerability #web #linux #red_hat #nodejs #js #git #java #kubernetes #aws

Red Hat Security Advisory 2022-5132-01

Red Hat Security Advisory 2022-5132-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #kubernetes #jira

Red Hat Security Advisory 2022-4991-01

Red Hat Security Advisory 2022-4991-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #linux #red_hat #nodejs #ssl

RHSA-2022:5006: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.3 Containers security update

Red Hat OpenShift Service Mesh 2.1.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1650: eventsource: Exposure of Sensitive Information * CVE-2022-23806: golang: crypto/elliptic IsOnCurve returns true for invalid field elements * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24785: Moment.js: Path traversal in moment.locale * CVE-2022-28327: golang: crypto/elliptic: panic caused by oversized scalar

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #aws #ibm #rpm

Red Hat Security Advisory 2022-4940-01

Red Hat Security Advisory 2022-4940-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.

2 years ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #js #ssl

Red Hat Security Advisory 2022-4896-01

Red Hat Security Advisory 2022-4896-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow, out of bounds write, and use-after-free vulnerabilities.

2 years ago

Packet Storm

Open in Source

#vulnerability #mac #linux #red_hat #js #auth #ssl

Red Hat Security Advisory 2022-4880-01

Red Hat Security Advisory 2022-4880-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug fixes and feature improvements. Issues addressed include a bypass vulnerability.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #amazon #linux #red_hat #js #kubernetes #rce #aws #auth #docker #jira

Red Hat Security Advisory 2022-2281-01

Red Hat Security Advisory 2022-2281-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.705.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #kubernetes #rpm

RHSA-2022:2281: Red Hat Security Advisory: OpenShift Container Platform 3.11.705 security update

Red Hat OpenShift Container Platform release 3.11.705 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1677: openshift/router: route hijacking attack via crafted HAProxy configuration file

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #aws #rpm

Red Hat Security Advisory 2022-4690-01

Red Hat Security Advisory 2022-4690-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #js #git

RHSA-2022:4690: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.5 in openshift-gitops-argocd container. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24904: argocd: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server * CVE-2022-24905: argocd: Login screen allows message spoofing if SSO is enabled * CVE-2022-29165: argocd: ArgoCD will blindly trust JWT claims if anonymous access is enabled

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #git #java #kubernetes #aws

Red Hat Security Advisory 2022-2218-01

Red Hat Security Advisory 2022-2218-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #dos #js #kubernetes #jira #ssl

Red Hat Security Advisory 2022-1679-01

Red Hat Security Advisory 2022-1679-01 - New Cryostat 2.1.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes as well as security issues being addressed.

2 years ago

Packet Storm

Open in Source

#vulnerability #red_hat #js #docker

RHSA-2022:1679: Red Hat Security Advisory: Cryostat 2.1.0: new Cryostat on RHEL 8 container images

New Cryostat 2.1.0 on RHEL 8 container images are now availableThis content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3121: gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation

2 years ago

Red Hat Security Data

Open in Source