Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0594: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL’s signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
Red Hat Security Data
#vulnerability#linux#red_hat#ibm#sap#ssl

Synopsis

Important: libksba security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libksba is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.

Security Fix(es):

  • libksba: integer overflow to code executiona (CVE-2022-47629)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

Fixes

  • BZ - 2161571 - CVE-2022-47629 libksba: integer overflow to code execution

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

libksba-1.3.5-9.el8_6.src.rpm

SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f

x86_64

libksba-1.3.5-9.el8_6.i686.rpm

SHA-256: f3f4e6b9a8c2eed20db21e6070576b68cede1409f1d31c377d10e18dbf44577d

libksba-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 2ca2ebaba24ec75c3444596667a94b8d70dcfa5e4dc31b0f133bcef8c9168ced

libksba-debuginfo-1.3.5-9.el8_6.i686.rpm

SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998

libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4

libksba-debugsource-1.3.5-9.el8_6.i686.rpm

SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968

libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm

SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

libksba-1.3.5-9.el8_6.src.rpm

SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f

x86_64

libksba-1.3.5-9.el8_6.i686.rpm

SHA-256: f3f4e6b9a8c2eed20db21e6070576b68cede1409f1d31c377d10e18dbf44577d

libksba-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 2ca2ebaba24ec75c3444596667a94b8d70dcfa5e4dc31b0f133bcef8c9168ced

libksba-debuginfo-1.3.5-9.el8_6.i686.rpm

SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998

libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4

libksba-debugsource-1.3.5-9.el8_6.i686.rpm

SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968

libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm

SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM

libksba-1.3.5-9.el8_6.src.rpm

SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f

s390x

libksba-1.3.5-9.el8_6.s390x.rpm

SHA-256: 9db53fa5d1ba084669149a610e9d7bf07828b63af3f01c840b5bdf18d1ce5056

libksba-debuginfo-1.3.5-9.el8_6.s390x.rpm

SHA-256: 9b2708c2cc7ef897e7415a1fc2eddbe939f64862a2be318b3b3036b04fffad5f

libksba-debugsource-1.3.5-9.el8_6.s390x.rpm

SHA-256: 5a9888dc9c9f93e005e39fa83ce06192755ec81ce20e63a7848a3b8963e40bc3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

libksba-1.3.5-9.el8_6.src.rpm

SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f

ppc64le

libksba-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: da3fe320be7247eeb2e5ed5b3bcfda17f8cdb59ea0d4aaa622f61f902b63d404

libksba-debuginfo-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: 14d9adc2fb5d5529d3d66e42f9c43fa2d1bd11694e04a6029b5811bce9cb1924

libksba-debugsource-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: e9e103428fd450edfd818d8a3b25f75bb8dd56328e4608312af4be01acf99554

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

libksba-1.3.5-9.el8_6.src.rpm

SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f

x86_64

libksba-1.3.5-9.el8_6.i686.rpm

SHA-256: f3f4e6b9a8c2eed20db21e6070576b68cede1409f1d31c377d10e18dbf44577d

libksba-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 2ca2ebaba24ec75c3444596667a94b8d70dcfa5e4dc31b0f133bcef8c9168ced

libksba-debuginfo-1.3.5-9.el8_6.i686.rpm

SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998

libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4

libksba-debugsource-1.3.5-9.el8_6.i686.rpm

SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968

libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm

SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM

libksba-1.3.5-9.el8_6.src.rpm

SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f

aarch64

libksba-1.3.5-9.el8_6.aarch64.rpm

SHA-256: 14251b2f527a288b2e6dc53b5427237fa78606031f232ad5f4c7c65088366063

libksba-debuginfo-1.3.5-9.el8_6.aarch64.rpm

SHA-256: d00a3396cc7a19c518e6e1ab0acac61d2c3c3fc7cf423971e21beae1745f49e4

libksba-debugsource-1.3.5-9.el8_6.aarch64.rpm

SHA-256: 60813e4d50a19866b0b0396c44fb39ea3546caea4390ded3afce6c40f7e91c3c

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

libksba-1.3.5-9.el8_6.src.rpm

SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f

ppc64le

libksba-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: da3fe320be7247eeb2e5ed5b3bcfda17f8cdb59ea0d4aaa622f61f902b63d404

libksba-debuginfo-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: 14d9adc2fb5d5529d3d66e42f9c43fa2d1bd11694e04a6029b5811bce9cb1924

libksba-debugsource-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: e9e103428fd450edfd818d8a3b25f75bb8dd56328e4608312af4be01acf99554

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

libksba-1.3.5-9.el8_6.src.rpm

SHA-256: a7cf2ee6d013f158693bc047371d18095fa83ad31b97eefa5dd7e98a610b426f

x86_64

libksba-1.3.5-9.el8_6.i686.rpm

SHA-256: f3f4e6b9a8c2eed20db21e6070576b68cede1409f1d31c377d10e18dbf44577d

libksba-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 2ca2ebaba24ec75c3444596667a94b8d70dcfa5e4dc31b0f133bcef8c9168ced

libksba-debuginfo-1.3.5-9.el8_6.i686.rpm

SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998

libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4

libksba-debugsource-1.3.5-9.el8_6.i686.rpm

SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968

libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm

SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM

x86_64

libksba-debuginfo-1.3.5-9.el8_6.i686.rpm

SHA-256: e349b2edbd085d27203b608068388febc34cb6dbcfc9a60a88baf0da66fc2998

libksba-debuginfo-1.3.5-9.el8_6.x86_64.rpm

SHA-256: 38f801b743bcf50389009027ff59212e3dcb081ef4fa67384225a3483ac627b4

libksba-debugsource-1.3.5-9.el8_6.i686.rpm

SHA-256: ac1b6d4f80dd51df8c2c363924e19ad82e663682cf591cdcee79aa775c20b968

libksba-debugsource-1.3.5-9.el8_6.x86_64.rpm

SHA-256: b9153ce174c3fd22b5dfe5d6968300d8790110420bc114d5f1b86ea506efa746

libksba-devel-1.3.5-9.el8_6.i686.rpm

SHA-256: 8da3da447b12117b06778223d26292c83b340edd47436ba2c58c75787071b895

libksba-devel-1.3.5-9.el8_6.x86_64.rpm

SHA-256: f81489235de06ee90cd3a9bf1f5fd66ff91168dea80c188db4b12037694e3e14

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM

ppc64le

libksba-debuginfo-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: 14d9adc2fb5d5529d3d66e42f9c43fa2d1bd11694e04a6029b5811bce9cb1924

libksba-debugsource-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: e9e103428fd450edfd818d8a3b25f75bb8dd56328e4608312af4be01acf99554

libksba-devel-1.3.5-9.el8_6.ppc64le.rpm

SHA-256: e378de0816d2dfe36f9024eeaf2459ecc5b4059df370d4c9958f7bb652fae98e

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM

s390x

libksba-debuginfo-1.3.5-9.el8_6.s390x.rpm

SHA-256: 9b2708c2cc7ef897e7415a1fc2eddbe939f64862a2be318b3b3036b04fffad5f

libksba-debugsource-1.3.5-9.el8_6.s390x.rpm

SHA-256: 5a9888dc9c9f93e005e39fa83ce06192755ec81ce20e63a7848a3b8963e40bc3

libksba-devel-1.3.5-9.el8_6.s390x.rpm

SHA-256: 59700bab15abcf55031603caa4a8f672ddead70435f44855447cfd640fa25f4b

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM

aarch64

libksba-debuginfo-1.3.5-9.el8_6.aarch64.rpm

SHA-256: d00a3396cc7a19c518e6e1ab0acac61d2c3c3fc7cf423971e21beae1745f49e4

libksba-debugsource-1.3.5-9.el8_6.aarch64.rpm

SHA-256: 60813e4d50a19866b0b0396c44fb39ea3546caea4390ded3afce6c40f7e91c3c

libksba-devel-1.3.5-9.el8_6.aarch64.rpm

SHA-256: d925053c6b36bbc75a05f4f9c828dd6a7b10b523cd0ec2715dc366386e6446c8

Related news

CVE-2022-4039

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

Red Hat Security Advisory 2023-4053-01

Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

Red Hat Security Advisory 2023-0584-01

Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.

RHSA-2023:1326: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...

RHSA-2023:1428: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.8 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2022-24999: A flaw was found in the express.js npm package. Express.js Express is vulnerable to a d...

Red Hat Security Advisory 2023-1181-01

Red Hat Security Advisory 2023-1181-01 - OpenShift Serverless version 1.27.1 contains a moderate security impact. This release includes security and bug fixes, and enhancements.

RHSA-2023:1170: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.1 security bug fix update

Red Hat OpenShift Data Foundation 4.12.1 Bug Fix Update Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functions.

Red Hat Security Advisory 2023-1047-01

Red Hat Security Advisory 2023-1047-01 - A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, server-side request forgery, and traversal vulnerabilities.

Red Hat Security Advisory 2023-0977-01

Red Hat Security Advisory 2023-0977-01 - Red Hat OpenShift Data Science 1.22.1 security update. Issues addressed include an improper authorization vulnerability.

Red Hat Security Advisory 2023-0918-01

Red Hat Security Advisory 2023-0918-01 - Service Binding manages the data plane for applications and backing services.

Red Hat Security Advisory 2023-0769-01

Red Hat Security Advisory 2023-0769-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

RHSA-2023:0814: Red Hat Security Advisory: Red Hat build of Cryostat security update

Updated Cryostat 2 on RHEL 8 container images are now availableThis content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1996: A flaw was found in CORS Filter feature from the go-restful package. When a user inputs a domain which is in AllowedDomains, all domains starting with the same pattern are accepted. This issue could allow an attacker to break the CORS policy by allowing any page to make requests and retrieve data on behalf of users.

RHSA-2023:0804: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...

RHSA-2023:0803: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...

Red Hat Security Advisory 2023-0794-01

Red Hat Security Advisory 2023-0794-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

Red Hat Security Advisory 2023-0633-01

Red Hat Security Advisory 2023-0633-01 - Logging Subsystem 5.5.7 - Red Hat OpenShift.

RHSA-2023:0794: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.4 bug fixes and security updates

Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload i...

Red Hat Security Advisory 2023-0652-01

Red Hat Security Advisory 2023-0652-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.27. Issues addressed include denial of service and out of bounds read vulnerabilities.

RHSA-2023:0786: Red Hat Security Advisory: Network observability 1.1.0 security update

Network observability 1.1.0 release for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0813: A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows without authentication.

RHSA-2023:0632: Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update

An update is now available for the Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30123: A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal. * CVE-2022-41717: A flaw was f...

RHSA-2023:0756: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 XP 4.0.0.GA Security release

JBoss EAP XP 4.0.0.GA Security release on the EAP 7.4.9 base. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-0341: In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...

Red Hat Security Advisory 2023-0625-01

Red Hat Security Advisory 2023-0625-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0624-01

Red Hat Security Advisory 2023-0624-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0626-01

Red Hat Security Advisory 2023-0626-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0594-01

Red Hat Security Advisory 2023-0594-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2023:0629: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0626: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0625: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

RHSA-2023:0592: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system ...

RHSA-2023:0593: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

Red Hat Security Advisory 2023-0530-01

Red Hat Security Advisory 2023-0530-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2023:0530: Red Hat Security Advisory: libksba security update

An update for libksba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-47629: libksba: integer overflow to code execution

Ubuntu Security Notice USN-5787-2

Ubuntu Security Notice 5787-2 - USN-5787-1 fixed vulnerabilities in Libksba. This update provides the corresponding updates for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5787-1

Ubuntu Security Notice 5787-1 - It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.

Gentoo Linux Security Advisory 202212-07

Gentoo Linux Security Advisory 202212-7 - An integer overflow vulnerability has been found in libksba which could result in remote code execution. Versions less than 1.6.3 are affected.

Debian Security Advisory 5305-1

Debian Linux Security Advisory 5305-1 - An integer overflow flaw was discovered in the CRL signature parser in libksba, an X.509 and CMS support library, which could result in denial of service or the execution of arbitrary code.

CVE-2022-47629: ⚓ T6284 Another integer overflow in Libksba

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.