Headline
RHSA-2023:0594: Red Hat Security Advisory: libksba security update
An update for libksba is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL’s signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
Synopsis
Important: libksba security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for libksba is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.
Security Fix(es):
- libksba: integer overflow to code executiona (CVE-2022-47629)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64
Fixes
- BZ - 2161571 - CVE-2022-47629 libksba: integer overflow to code execution
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
libksba-1.3.5-9.el8_6.src.rpm
SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f
x86_64
libksba-1.3.5-9.el8_6.i686.rpm
SHA-256: f3f4e6b9a8c2eed20db21e6070576b68cede1409f1d31c377d10e18dbf44577d
libksba-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 2ca2ebaba24ec75c3444596667a94b8d70dcfa5e4dc31b0f133bcef8c9168ced
libksba-debuginfo-1.3.5-9.el8_6.i686.rpm
SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998
libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4
libksba-debugsource-1.3.5-9.el8_6.i686.rpm
SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968
libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm
SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746
Red Hat Enterprise Linux Server - AUS 8.6
SRPM
libksba-1.3.5-9.el8_6.src.rpm
SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f
x86_64
libksba-1.3.5-9.el8_6.i686.rpm
SHA-256: f3f4e6b9a8c2eed20db21e6070576b68cede1409f1d31c377d10e18dbf44577d
libksba-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 2ca2ebaba24ec75c3444596667a94b8d70dcfa5e4dc31b0f133bcef8c9168ced
libksba-debuginfo-1.3.5-9.el8_6.i686.rpm
SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998
libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4
libksba-debugsource-1.3.5-9.el8_6.i686.rpm
SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968
libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm
SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6
SRPM
libksba-1.3.5-9.el8_6.src.rpm
SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f
s390x
libksba-1.3.5-9.el8_6.s390x.rpm
SHA-256: 9db53fa5d1ba084669149a610e9d7bf07828b63af3f01c840b5bdf18d1ce5056
libksba-debuginfo-1.3.5-9.el8_6.s390x.rpm
SHA-256: 9b2708c2cc7ef897e7415a1fc2eddbe939f64862a2be318b3b3036b04fffad5f
libksba-debugsource-1.3.5-9.el8_6.s390x.rpm
SHA-256: 5a9888dc9c9f93e005e39fa83ce06192755ec81ce20e63a7848a3b8963e40bc3
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
SRPM
libksba-1.3.5-9.el8_6.src.rpm
SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f
ppc64le
libksba-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: da3fe320be7247eeb2e5ed5b3bcfda17f8cdb59ea0d4aaa622f61f902b63d404
libksba-debuginfo-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: 14d9adc2fb5d5529d3d66e42f9c43fa2d1bd11694e04a6029b5811bce9cb1924
libksba-debugsource-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: e9e103428fd450edfd818d8a3b25f75bb8dd56328e4608312af4be01acf99554
Red Hat Enterprise Linux Server - TUS 8.6
SRPM
libksba-1.3.5-9.el8_6.src.rpm
SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f
x86_64
libksba-1.3.5-9.el8_6.i686.rpm
SHA-256: f3f4e6b9a8c2eed20db21e6070576b68cede1409f1d31c377d10e18dbf44577d
libksba-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 2ca2ebaba24ec75c3444596667a94b8d70dcfa5e4dc31b0f133bcef8c9168ced
libksba-debuginfo-1.3.5-9.el8_6.i686.rpm
SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998
libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4
libksba-debugsource-1.3.5-9.el8_6.i686.rpm
SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968
libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm
SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6
SRPM
libksba-1.3.5-9.el8_6.src.rpm
SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f
aarch64
libksba-1.3.5-9.el8_6.aarch64.rpm
SHA-256: 14251b2f527a288b2e6dc53b5427237fa78606031f232ad5f4c7c65088366063
libksba-debuginfo-1.3.5-9.el8_6.aarch64.rpm
SHA-256: d00a3396cc7a19c518e6e1ab0acac61d2c3c3fc7cf423971e21beae1745f49e4
libksba-debugsource-1.3.5-9.el8_6.aarch64.rpm
SHA-256: 60813e4d50a19866b0b0396c44fb39ea3546caea4390ded3afce6c40f7e91c3c
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
SRPM
libksba-1.3.5-9.el8_6.src.rpm
SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f
ppc64le
libksba-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: da3fe320be7247eeb2e5ed5b3bcfda17f8cdb59ea0d4aaa622f61f902b63d404
libksba-debuginfo-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: 14d9adc2fb5d5529d3d66e42f9c43fa2d1bd11694e04a6029b5811bce9cb1924
libksba-debugsource-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: e9e103428fd450edfd818d8a3b25f75bb8dd56328e4608312af4be01acf99554
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
SRPM
libksba-1.3.5-9.el8_6.src.rpm
SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f
x86_64
libksba-1.3.5-9.el8_6.i686.rpm
SHA-256: f3f4e6b9a8c2eed20db21e6070576b68cede1409f1d31c377d10e18dbf44577d
libksba-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 2ca2ebaba24ec75c3444596667a94b8d70dcfa5e4dc31b0f133bcef8c9168ced
libksba-debuginfo-1.3.5-9.el8_6.i686.rpm
SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998
libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4
libksba-debugsource-1.3.5-9.el8_6.i686.rpm
SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968
libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm
SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6
SRPM
x86_64
libksba-debuginfo-1.3.5-9.el8_6.i686.rpm
SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998
libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm
SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4
libksba-debugsource-1.3.5-9.el8_6.i686.rpm
SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968
libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm
SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746
libksba-devel-1.3.5-9.el8_6.i686.rpm
SHA-256: 8da3da447b12117b06778223d26292c83b340edd47436ba2c58c75787071b895
libksba-devel-1.3.5-9.el8_6.x86_64.rpm
SHA-256: f81489235de06ee90cd3a9bf1f5fd66ff91168dea80c188db4b12037694e3e14
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6
SRPM
ppc64le
libksba-debuginfo-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: 14d9adc2fb5d5529d3d66e42f9c43fa2d1bd11694e04a6029b5811bce9cb1924
libksba-debugsource-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: e9e103428fd450edfd818d8a3b25f75bb8dd56328e4608312af4be01acf99554
libksba-devel-1.3.5-9.el8_6.ppc64le.rpm
SHA-256: e378de0816d2dfe36f9024eeaf2459ecc5b4059df370d4c9958f7bb652fae98e
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6
SRPM
s390x
libksba-debuginfo-1.3.5-9.el8_6.s390x.rpm
SHA-256: 9b2708c2cc7ef897e7415a1fc2eddbe939f64862a2be318b3b3036b04fffad5f
libksba-debugsource-1.3.5-9.el8_6.s390x.rpm
SHA-256: 5a9888dc9c9f93e005e39fa83ce06192755ec81ce20e63a7848a3b8963e40bc3
libksba-devel-1.3.5-9.el8_6.s390x.rpm
SHA-256: 59700bab15abcf55031603caa4a8f672ddead70435f44855447cfd640fa25f4b
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6
SRPM
aarch64
libksba-debuginfo-1.3.5-9.el8_6.aarch64.rpm
SHA-256: d00a3396cc7a19c518e6e1ab0acac61d2c3c3fc7cf423971e21beae1745f49e4
libksba-debugsource-1.3.5-9.el8_6.aarch64.rpm
SHA-256: 60813e4d50a19866b0b0396c44fb39ea3546caea4390ded3afce6c40f7e91c3c
libksba-devel-1.3.5-9.el8_6.aarch64.rpm
SHA-256: d925053c6b36bbc75a05f4f9c828dd6a7b10b523cd0ec2715dc366386e6446c8
Related news
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.
Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...
The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...
Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.
Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...
The Migration Toolkit for Containers (MTC) 1.7.8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2022-24999: A flaw was found in the express.js npm package. Express.js Express is vulnerable to a d...
Red Hat Security Advisory 2023-1181-01 - OpenShift Serverless version 1.27.1 contains a moderate security impact. This release includes security and bug fixes, and enhancements.
Red Hat OpenShift Data Foundation 4.12.1 Bug Fix Update Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functions.
Red Hat Security Advisory 2023-1047-01 - A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, server-side request forgery, and traversal vulnerabilities.
Red Hat Security Advisory 2023-0977-01 - Red Hat OpenShift Data Science 1.22.1 security update. Issues addressed include an improper authorization vulnerability.
Red Hat Security Advisory 2023-0918-01 - Service Binding manages the data plane for applications and backing services.
Red Hat Security Advisory 2023-0769-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Updated Cryostat 2 on RHEL 8 container images are now availableThis content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1996: A flaw was found in CORS Filter feature from the go-restful package. When a user inputs a domain which is in AllowedDomains, all domains starting with the same pattern are accepted. This issue could allow an attacker to break the CORS policy by allowing any page to make requests and retrieve data on behalf of users.
An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...
An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...
Red Hat Security Advisory 2023-0794-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
Red Hat Security Advisory 2023-0633-01 - Logging Subsystem 5.5.7 - Red Hat OpenShift.
Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload i...
Red Hat Security Advisory 2023-0652-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.27. Issues addressed include denial of service and out of bounds read vulnerabilities.
Network observability 1.1.0 release for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0813: A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows without authentication.
An update is now available for the Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30123: A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal. * CVE-2022-41717: A flaw was f...
JBoss EAP XP 4.0.0.GA Security release on the EAP 7.4.9 base. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-0341: In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...
Red Hat Security Advisory 2023-0625-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
Red Hat Security Advisory 2023-0624-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
Red Hat Security Advisory 2023-0626-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
Red Hat Security Advisory 2023-0594-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
An update for libksba is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
An update for libksba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
An update for libksba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
An update for libksba is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system ...
An update for libksba is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
Red Hat Security Advisory 2023-0530-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
An update for libksba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: libksba: integer overflow to code execution
Ubuntu Security Notice 5787-2 - USN-5787-1 fixed vulnerabilities in Libksba. This update provides the corresponding updates for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5787-1 - It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.
Gentoo Linux Security Advisory 202212-7 - An integer overflow vulnerability has been found in libksba which could result in remote code execution. Versions less than 1.6.3 are affected.
Debian Linux Security Advisory 5305-1 - An integer overflow flaw was discovered in the CRL signature parser in libksba, an X.509 and CMS support library, which could result in denial of service or the execution of arbitrary code.
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.