Red Hat Security Advisory 2023-0758-01 - This release of Red Hat build of Quarkus 2.13.7 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution, denial of service, deserialization, and information leakage vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat build of Quarkus 2.13.7 release and security update  
Advisory ID:       RHSA-2023:0758-01  
Product:           Red Hat build of Quarkus  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0758  
Issue date:        2023-02-14  
CVE Names:         CVE-2022-1471 CVE-2022-41881 CVE-2022-41946   
                   CVE-2022-45047 CVE-2023-0044   
=====================================================================

1. Summary:

An update is now available for Red Hat build of Quarkus.

Red Hat Product Security has rated this update as having a security impact  
of  
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a  
detailed severity rating, is available for each vulnerability. For more  
information, see the CVE links in the References section.

2. Description:

This release of Red Hat build of Quarkus 2.13.7 includes security updates,  
bug  
fixes, and enhancements. For more information, see the release notes page  
listed in the References section.

Security Fix(es):

* CVE-2022-1471 snakeyaml: Constructor Deserialization Remote Code  
Execution [quarkus-2.13]

* CVE-2022-41881 codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS  
[quarkus-2.13]

* CVE-2022-45047 sshd-common: mina-sshd: Java unsafe deserialization  
vulnerability [quarkus-2.13]

* CVE-2023-0044 quarkus-vertx-http: a cross-site attack may be initiated  
which might lead to the Information Disclosure [quarkus-2.13]

* CVE-2022-41946 jdbc-postgresql: postgresql-jdbc:  
PreparedStatement.setText(int, InputStream) will create a temporary file if  
the InputStream is larger than 2k [quarkus-2.13]

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2145194 - CVE-2022-45047 mina-sshd: Java unsafe deserialization vulnerability  
2150009 - CVE-2022-1471 SnakeYaml: Constructor Deserialization Remote Code Execution  
2153379 - CVE-2022-41881 codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS  
2153399 - CVE-2022-41946 postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k  
2158081 - CVE-2023-0044 quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure

5. References:

https://access.redhat.com/security/cve/CVE-2022-1471  
https://access.redhat.com/security/cve/CVE-2022-41881  
https://access.redhat.com/security/cve/CVE-2022-41946  
https://access.redhat.com/security/cve/CVE-2022-45047  
https://access.redhat.com/security/cve/CVE-2023-0044  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus&downloadType=distributions&version=2.13.7  
https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.13/  
https://access.redhat.com/articles/4966181

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY+vS5tzjgjWX9erEAQi0OQ/+Mgak6d18DR8wCQDeY7f0vj2o3dOhxsE0  
wgo5LZhoghb0R9pXnEKL5cYgJlXr0XiDDNxJPUzplK9+v3gLLdIr3TtNDge56/+p  
hdCjru2lHe5q8I2KBjVKZr2gNX+xIcavSNf9R2zD0LnG8CEslrSYS/6nBycWnp9A  
aWikyfve5zKCgoNrcBdaRM3LNnzCNAfEHe7pRuMjSjzY4E1FQUlO+FctDH0ICI/C  
0SGZdRos1gM1sPET7eZX9thButpUBSBBNLAgrtbtBHji4eiZtA5TPCDK+TP7SnVb  
QvKFXF10BZpG6f2rknahUcvnsqnFaQMj6a5wSYwoNqtbaJbnbW+FdM29OSjNYorN  
5wO2IUDiS3XfbuAeqCA1CF9G+XAmIBtest7ZDRRKqn4lZHz0+s0/qkbI+5tfQ9fm  
elYU8OBxDC2FCDjsjc3GbXm1skMHFXIZQIBXaN4E6FOjWJQXh++23yD0JoVMTB1h  
iPtPbWdlH5li99Myvkiz6V0u5ejbVCjNEQXNsl6Cf5b05h84qfxizfPqHS0Cyn6f  
idpzGqE7LxWBlSgbiImVLKHD1RnlAlrblspQizTZYK6z1BApExgzJX2d8fwbphTX  
/ZiPZqsVKyLobj8MRpFLpf0evRYhEcSdk0VbiLL+/yQ5oFfH2SYmy1N/kbGfTUcS  
OMvJd4+JZOY=  
=EubT  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0758-01

When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions.

Hi @ll,

almost 4 years ago, with Windows 10 1903, after more than a year  
beta-testing in insider previews, Microsoft finally released UTF-8  
support for the -A interfaces of the Windows API.

0) <https://docs.microsoft.com/en-us/windows/uwp/design/globalizing/use-utf8-code-page#activeCodePage>

   | If the ANSI code page is configured for UTF-8, -A APIs typically  
   | operate in UTF-8. This model has the benefit of supporting  
   | existing code built with -A APIs without any code changes.

   The last claim is but a bloody DANGEROUS lie!  
   As shown hereafter, it must read instead:  
   "This model has the malefit of causing buffer overruns in existing  
    code!"

1) For 30 years, the documentation of the -A interfaces for file and  
   directory management of the Win32 API states:  
   "The maximum path name length is 260 characters."

   See <https://msdn.microsoft.com/en-us/library/aa363855.aspx>  
   "CreateDirectoryA function" for example:

   | For the ANSI version of this function, there is a default string  
   | size limit for paths of 248 characters (MAX_PATH - enough room  
   | for a 8.3 filename). ...  
   ...  
   | The 255 character limit per path segment still applies.

   This constitutes a contractual GUARANTEE for the product behaviour!

2) The documentation for the file systems supported by Windows says  
   too "The maximum length of a file name segment is 255 characters."  
   See <https://msdn.microsoft.com/en-us/library/ee681827.aspx>  
   "File System Functionality Comparison"

3) With these 2 contractually GUARANTEED preconditions, the following  
   code is safe, i.e. not susceptible to a buffer overrun:  
   CreateDirectoryA() fails as soon as szPath exceeds the documented  
   limit which is less than the buffer size of 260 characters.

   CHAR szANSI[] = "€"; // or one of the following other 122 characters  
                        // from ANSI code page 1252:  
                        // ‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂ  
                        // ÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ  
   CHAR szPath[MAX_PATH] = "";  
   do  
      strcat(szPath, szANSI);  
   while (CreateDirectoryA(szPath));

4) With UTF-8 support enabled, the same code now suffers from a  
   buffer overrun:

   CHAR szUTF8[] = u"€"; // or "\xE2\x82\xAC"  
   CHAR szPath[MAX_PATH] = "";  
   do  
      strcat(szPath, szUTF8);  
   while (CreateDirectoryA(szPath), NULL);

   STRIKE 1!

5) Given the 2 guarantees from 1) and 2), the following code is  
   also safe and not susceptible to a buffer overrun: see  
   <https://msdn.microsoft.com/en-us/library/aa365740.aspx>  
   "WIN32_FIND_DATAA structure" and "FindFirstFile function"  
   <https://msdn.microsoft.com/en-us/library/aa364418.aspx>

   wfd.cFileName can NEVER receive a file/directory name longer  
   than 255 characters, so the concatenation of C: or .\ (as  
   well as C:\ and ..\ too) and wfd.cFileName NEVER overruns a  
   buffer of MAX_PATH!

   #define PATTERN "C:*" // or "C:\\*" or ".\\*" or "..\\*"

   WIN32_FIND_DATAA wfd;  
   CHAR szPath[MAX_PATH] = PATTERN;  
   HANDLE hFind = FindFirstFileA(szPath, &wfd);  
   if (hFind != INVALID_HANDLE_VALUE) {  
      do {  
         strcat(szPath + strlen(PATTERN) - 1, wfd.cFileName);  
         GetFileAttributesA(szPath); // do something with the  
         ...                         // found file system objects  
      } while (FindNextFile(hFind, &wfd));  
      FindClose(hFind);  
   }

6) With UTF-8 support enabled and a file or directory named  
   €€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€  
   (or other 86 characters from the above 123) present in the  
   CWD of drive C:, FindFirstFileA() (and FindNextFileA() too)  
   return a string of 86 * 3 = 258 characters in wfd.cFileName  
   which causes a buffer overrun in previously safe code!

   STRIKE 2!

7) The following code enumerates ALL file system objects in a  
   (root) directory or network share:

   WIN32_FIND_DATAA wfd;  
   HANDLE hFind = FindFirstFileA("\\\\host\\share\\*", &wfd);  
   if (hFind != INVALID_HANDLE_VALUE) {  
      do { // code to process wfd.cFileName omitted  
      } while (FindNextFile(hFind, &wfd));  
      FindClose(hFind);  
   }

8) With UTF-8 support enabled and a directory or file named  
   €€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€  
   (i.e. 87 or more of the 123 characters from above) present,  
   both FindFirstFile() and FindNextFile() FAIL with the  
   previously impossible, NEVER encountered Win32 error code  
   234 alias ERROR_MORE_DATA: wfd.cFileName is to short for  
   UTF-8 encoded file/directory segment names!

   STRIKE 3!

stay tuned, and far away from UTF-8 in Windows  
Stefan Kanthak

PS: for the full story of Microsoft's EPIC failures with UTF-8  
    in Windows, see  
    <https://skanthak.homepage.t-online.de/quirks.html#quirk33>  
    <https://skanthak.homepage.t-online.de/quirks.html#quirk32>  
    <https://skanthak.homepage.t-online.de/quirks.html#quirk31>

Microsoft Windows UTF-8 Buffer Overruns

Debian Linux Security Advisory 5348-1 - Two vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which may result in denial of service, or bypass of access controls and routing rules via specially crafted requests.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5348-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoFebruary 14, 2023                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : haproxyCVE ID         : CVE-2023-0056 CVE-2023-25725Two vulnerabilities were discovered in HAProxy, a fast and reliable loadbalancing reverse proxy, which may result in denial of service, orbypass of access controls and routing rules via specially craftedrequests.For the stable distribution (bullseye), these problems have been fixed inversion 2.2.9-2+deb11u4.We recommend that you upgrade your haproxy packages.For the detailed security status of haproxy please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/haproxyFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmPrtJZfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0Q24xAAnKFvQYL58hgy9JNQnXtxpkvpOtZZgD5glaISrRSVlBBGN1vi4H9Ll40RhqLcU08YGb8UpWFFgdWyffD6JdKeT3K9lIkznvrO6a9gGrh69zZdWXhvTu7ziT4pmN70TbwMy1KbXPgrXPmErfzj3FdZT+CWrY4zfeLYROzOmBdl2cg7ZpUhP5iK5+gbPO4RDqFvRsgnC2l/shb2LUbHMw1UoK1YgZXNpjUTK2uyoZykCuLSyQhGwWVQj1mUSBuEfDZHGSfaYRwhGNpfSObMA5Wa9v7KgJE/ps8Xd+R6qhiqZho6+PDB7fPPNdelS2DEkXq42Eg6JeRKdTZ+o/aI/yK2fWnvCjyX9UJkeiEdmHIGL578iVvAYfwZ26i5r9LeLaFWxP5Pdzh8v6uINna47z/C4SrtyfBk+dZDc6PbuPgGK8ws8GzyngvFBvwYnkCCdj748Bp1/xSOyMIUHW8/TP5JoUO8sJa9NVSkLzv1x8PvZCkjWp3Oc7nxtwqhd5Q2hyIgwA9HXe0jjaCQ9DIWlQbB+TLRRR7YyxoJP5/DOBnJZxShyXGSpI0ggmgmvNJ8K+eV1qj37c/byadMP6xshqeBBRLD7Xqkuu9oE6svgGuaoY81Pfh8uxv5tUn/YDotJkpzkZH7P8dYAWmbBvEXzhItYy3pOs5TTNDwLQ+XUMTPe4E==2CxI-----END PGP SIGNATURE-----

Debian Security Advisory 5348-1

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.

Clam AntiVirus Toolkit 1.0.1

Apple Security Advisory 2023-02-13-2 - macOS Ventura 13.2.1 addresses code execution and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-2023-02-13-2 macOS Ventura 13.2.1

macOS Ventura 13.2.1 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/HT213633.

Kernel  
Available for: macOS Ventura  
Impact: An app may be able to execute arbitrary code with kernel  
privileges  
Description: A use after free issue was addressed with improved  
memory management.  
CVE-2023-23514: Xinru Chi of Pangu Lab, Ned Williamson of Google  
Project Zero

Shortcuts  
Available for: macOS Ventura  
Impact: An app may be able to observe unprotected user data  
Description: A privacy issue was addressed with improved handling of  
temporary files.  
CVE-2023-23522: Wenchao Li and Xiaolong Bai of Alibaba Group

WebKit  
Available for: macOS Ventura  
Impact: Processing maliciously crafted web content may lead to  
arbitrary code execution. Apple is aware of a report that this issue  
may have been actively exploited.  
Description: A type confusion issue was addressed with improved  
checks.  
WebKit Bugzilla: 251944  
CVE-2023-23529: an anonymous researcher

macOS Ventura 13.2.1 may be obtained from the Mac App Store or  
Apple's Software Downloads web site:  
https://support.apple.com/downloads/  
All information is also posted on the Apple Security Updates  
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPq5PIACgkQ4RjMIDke  
NxkM2hAApRo7JQlaNxVVpw1y96PG2oAVygFVw+N1cpEO72L4gDjvAb7+tOBqUTkz  
Az+IizQfC2gapw9g/csghk+s+/gt16Q0iX4jDDEDypZ5So/LoaucFVTbGCy9Hns0  
T0PTS4a0KIFBHbRQ3ktrhkUp49ykqDWwWdnvM1QgtUe3HfAZQWHVnYpdsj26CTaz  
5ihA0chuzAGnx2lUZbyz8nl6f9kdqx1x8uSF0P7AkIp6L7IcZOLLO8tXnKApeC7S  
HSbafe7JKxVNPtzaI/ZuxQe9/9Kr8VUiezVCK+WvJ9akRsy4CQ022yirIOlFIEhF  
32mFq+BaQ77YTULP2us7BG8oMJ3tPxfmlykhqD4P0p4JRW6ZFoQmVKyUEPdsaALG  
NYilSR3CRSpaCbh+dunGMJshNSHRJO6NluLq1mPVB7xFSiypgJADjS95zBSINtC9  
JrKusbpICiAm8VqVC4GNltG+djft0NjbSiJXPo409X7j01Bt1ZJpk2UWTUfZbHMU  
hW90JFySoHLRcVt3Af1mbBkyaHv0GSKG+Fjul/XyBlG3U8eJVXJhWCrhMjm17GK0  
6j4HEUsAYzAg0j+Ss7QQKhwxlW3BPd+3D2kGwbPzBx/rcyVjbc456fyCLSYP58cf  
EIYmmOwF9QcH939TCxoIglHOsdAuuIilGApd2on9QWOj8QSaUFw=  
=2kFu  
-----END PGP SIGNATURE-----

Apple Security Advisory 2023-02-13-2

Ubuntu Security Notice 5871-1 - It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make Git uses its local clone optimization even when using a non-local transport. Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwrite a patch outside the working tree.

==========================================================================  
Ubuntu Security Notice USN-5871-1  
February 14, 2023

git vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 ESM

Summary:

Several security issues were fixed in Git.

Software Description:  
- git: fast, scalable, distributed revision control system

Details:

It was discovered that Git incorrectly handled certain repositories.  
An attacker could use this issue to make Git uses its local  
clone optimization even when using a non-local transport.  
(CVE-2023-22490)

Joern Schneeweisz discovered that Git incorrectly handled certain commands.  
An attacker could possibly use this issue to overwrite a patch outside  
the working tree. (CVE-2023-23946)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.10:  
  git                             1:2.37.2-1ubuntu1.4

Ubuntu 22.04 LTS:  
  git                             1:2.34.1-1ubuntu1.8

Ubuntu 20.04 LTS:  
  git                             1:2.25.1-1ubuntu3.10

Ubuntu 18.04 LTS:  
  git                             1:2.17.1-1ubuntu0.16

Ubuntu 16.04 ESM:  
  git                             1:2.7.4-0ubuntu1.10+esm5

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-5871-1  
  CVE-2023-22490, CVE-2023-23946

Package Information:  
  https://launchpad.net/ubuntu/+source/git/1:2.37.2-1ubuntu1.4  
  https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.8  
  https://launchpad.net/ubuntu/+source/git/1:2.25.1-1ubuntu3.10  
  https://launchpad.net/ubuntu/+source/git/1:2.17.1-1ubuntu0.16

Ubuntu Security Notice USN-5871-1

Red Hat Security Advisory 2023-0759-01 - PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat Virtualization security and bug fix update  
Advisory ID:       RHSA-2023:0759-01  
Product:           Red Hat Virtualization  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0759  
Issue date:        2023-02-14  
CVE Names:         CVE-2022-41946   
=====================================================================

1. Summary:

An update for ovirt-ansible-collection, ovirt-engine, and postgresql-jdbc  
is now available for Red Hat Virtualization 4 Tools for Red Hat Enterprise  
Linux 8, Red Hat Virtualization 4 for Red Hat Enterprise Linux 8, and Red  
Hat Virtualization Engine 4.4.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch  
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch  
Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8 - noarch

3. Description:

PostgreSQL is an advanced object-relational database management system. The  
postgresql-jdbc package includes the .jar files needed for Java programs to  
access a PostgreSQL database.

Security Fix(es):

* postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create  
a temporary file if the InputStream is larger than 2k (CVE-2022-41946)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* With this release, the upgrade function of the ovirt_host module waits  
long enough for the upgraded host to reach the desired state after upgrade.  
(BZ#2161703)

* Previously,the ovirt-enghine ansible-runner artifacts were only cleaned  
once, and the machine could run out of free disk space on the /var  
partition. In this release, the artifacts are cleaned periodically  
according to values defined in the  
AnsibleRunnerArtifactsCleanupCheckTimeInHours and  
AnsibleRunnerArtifactsLifetimeInDays engine-config options. (BZ#2151549)

* Code change for BZ2089299 introduced a regression, which didn't allow to  
set options in the engine-config which restricted the allowable values  
using the validValues field (for example ClientModeVncDefault or  
UserSessionTimeOutInterval).  
In this release, setting values for those fields works the same way as in  
RHV versions earlier than RHV 4.4 SP1 batch 3 (ovirt-engine-4.5.3).  
(BZ#2159768)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/2974891

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2151549 - Artifacts of ansible-runner (executed from ovirt-engine) did not clean up as expected  
2153399 - CVE-2022-41946 postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k  
2159768 - Regression in ClientModeVncDefault  
2161703 - [RHEVM] Two nodes cluster upgrade failed, tries to put a node into maintenance while the updated is rebooting

6. Package List:

Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8:

Source:  
ovirt-ansible-collection-2.4.2-1.el8ev.src.rpm

noarch:  
ovirt-ansible-collection-2.4.2-1.el8ev.noarch.rpm

Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts:

Source:  
ovirt-ansible-collection-2.4.2-1.el8ev.src.rpm

noarch:  
ovirt-ansible-collection-2.4.2-1.el8ev.noarch.rpm

RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4:

Source:  
ovirt-ansible-collection-2.4.2-1.el8ev.src.rpm  
ovirt-engine-4.5.3.7-1.el8ev.src.rpm  
postgresql-jdbc-42.2.14-2.el8ev.src.rpm

noarch:  
ovirt-ansible-collection-2.4.2-1.el8ev.noarch.rpm  
ovirt-engine-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-backend-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-dbscripts-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-health-check-bundler-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-restapi-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-setup-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-setup-base-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-setup-plugin-cinderlib-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-setup-plugin-imageio-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-setup-plugin-ovirt-engine-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-setup-plugin-ovirt-engine-common-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-setup-plugin-websocket-proxy-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-tools-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-tools-backup-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-vmconsole-proxy-helper-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-webadmin-portal-4.5.3.7-1.el8ev.noarch.rpm  
ovirt-engine-websocket-proxy-4.5.3.7-1.el8ev.noarch.rpm  
postgresql-jdbc-42.2.14-2.el8ev.noarch.rpm  
postgresql-jdbc-javadoc-42.2.14-2.el8ev.noarch.rpm  
python3-ovirt-engine-lib-4.5.3.7-1.el8ev.noarch.rpm  
rhvm-4.5.3.7-1.el8ev.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-41946  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY+vS49zjgjWX9erEAQhjjhAApzZIpZYF+1xWecL2Ui75tOcKQIzGw6ld  
F3izXJ3z275BSIxG4/cVHurn41iRBv8HtdEUsOJUop3mBCGudAKBWHK+fiL18RDK  
kPR+rpzMLuoh+qrEbDj0tY9BT7kHroPxLffZHwTBtjPUw0gxvkQ95kEOcA04KFbT  
xFNZ2JcvTmGS+sKx++ca1+ZmjcWBvpNGYum+KbaU8OnbOMy/tOArJa+yf43nZeCP  
SSqIpDOD8ssPUBrqt1i3CjHL/uG8PVTyzP3q7NgXpK3GLnBQSR2OPoi0X2yum3Cj  
reyQSyvjqTg7Cz5B84GUCyyIsxrMp3CxnNXR2sKKvtDFFYNyJhOeDe+BkynSiIw7  
JQtPlO6wIl6rkTo5Q7OSA+bBtBkCkGq/8N/CiaDRb23b+02kerbQ/oiMB0CcyNPw  
RFWLgD6BBEjCGXAY4Rb42S+Jnmz6WYiux4DHChIaqxfCOlYNL5pCjIXxI7xyMB6m  
I7e2i5JUdJRobByvcEZ7piWFvqhx4FV17zFRfE8CEg0+HrXO32xg3hyh1kyRxarv  
7s8Ll3eMpb/IxwVaSyA0CrA3f6Us4C5zdRYAFfUDGqgW8fXKtXR5iu/W4MYzvADm  
XiHW0rOsBj3RQuit4bYrF4k3rQjQlD4MT5cKP4CmZ2wB04j5hVdmQVsqbb9Ayr87  
2D/UH7xkQuw=  
=BAYA  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0759-01

BMC Control M versions prior to 9.0.20.214 suffer from SQL injection, denial of service, and information leaks.

BMC Control M SQL Injection / Denial Of Service

Red Hat Security Advisory 2023-0632-01 - Logging Subsystem 5.4.11 - Red Hat OpenShift.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenShift (Logging Subsystem) security update  
Advisory ID:       RHSA-2023:0632-01  
Product:           Logging Subsystem for Red Hat OpenShift  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0632  
Issue date:        2023-02-15  
CVE Names:         CVE-2022-4883 CVE-2022-23521 CVE-2022-30123   
                   CVE-2022-40303 CVE-2022-40304 CVE-2022-41717   
                   CVE-2022-41903 CVE-2022-44617 CVE-2022-46285   
                   CVE-2022-47629 CVE-2023-21835 CVE-2023-21843   
=====================================================================

1. Summary:

An update is now available for the Logging subsystem for Red Hat OpenShift  
5.4.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Logging Subsystem 5.4.11 - Red Hat OpenShift

Security Fix(es):

* rubygem-rack: crafted requests can cause shell escape sequences  
(CVE-2022-30123)

* golang: net/http: An attacker can cause excessive memory growth in a Go  
server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2099524 - CVE-2022-30123 rubygem-rack: crafted requests can cause shell escape sequences  
2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests

5. References:

https://access.redhat.com/security/cve/CVE-2022-4883  
https://access.redhat.com/security/cve/CVE-2022-23521  
https://access.redhat.com/security/cve/CVE-2022-30123  
https://access.redhat.com/security/cve/CVE-2022-40303  
https://access.redhat.com/security/cve/CVE-2022-40304  
https://access.redhat.com/security/cve/CVE-2022-41717  
https://access.redhat.com/security/cve/CVE-2022-41903  
https://access.redhat.com/security/cve/CVE-2022-44617  
https://access.redhat.com/security/cve/CVE-2022-46285  
https://access.redhat.com/security/cve/CVE-2022-47629  
https://access.redhat.com/security/cve/CVE-2023-21835  
https://access.redhat.com/security/cve/CVE-2023-21843  
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY+zQANzjgjWX9erEAQiH1g//X870GJDPdbNfdY26uTCuTK2PebCDghmn  
aHyyZUj1dt0EGxtNsjqcG3ivrgbaSEhEOnQaE3IkRQoEK8XWVFtodr8fw6VnFHSG  
rrgKn/Kl4zHaDpIRRFPpImHBEUYJiXYh2AX9+IASkvi8/J90enitS8S1cCYRQmTO  
DS3CHnpKa1EmlVZaD5DqZacoQl7n8rHZRXtMQ9oel2FuymSXEUHkBQSYfPLLLjuP  
yOTeYi5jn3JWH3xSzCzi65jm0P3n6IzQqKU45Hn8fMbNbcoTrl+Q1QMuCwxQLjQr  
mfHO+U8nmGbqoLcvazMcOQ5UFyX/R4WJkef19BxUiCiH2xCsl1k2bmFn7Ofu5Q5E  
0s6+DNx2s6BMP2DBTvFggYNoEaz6uP0yPnYuCKX0PPp+lgydMcE4FPO2hLjhOTr/  
5nFaQW8tHMJ1zFUmrux8xnPBf5W6ivaa5tKJV1u6BCJSi7PcGcd1a+cq3HaUOpqr  
CFZtKsLr+/yQBSZlRDpurbpwK+499/fU/R5M3ya3Rswa7XuA7uEzsYceZ8rsXk34  
n94845yMc9OL57rw0Ld5shgH8G8IFULrorcS+Yj0LL6yZa4zKpGdqawsiG2X7E+j  
BD9y5xpmQ3tqwcjP7LcIKFq/9Xcc9g4F99bu4BNGV7+DzdMFFIgCGpdkO8JrjNVW  
EgMXmUtLcsI=  
=cn0O  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0632-01

Ubuntu Security Notice 5869-1 - Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions.

    ==========================================================================Ubuntu Security Notice USN-5869-1February 14, 2023haproxy vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.10- Ubuntu 22.04 LTS- Ubuntu 20.04 LTS- Ubuntu 18.04 LTSSummary:HAProxy could allow unintended access to network services.Software Description:- haproxy: fast and reliable load balancing reverse proxyDetails:Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg,and Harvey Tuch discovered that HAProxy incorrectly handled empty headernames. A remote attacker could possibly use this issue to manipulateheaders and bypass certain authentication checks and restrictions.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.10:   haproxy                         2.4.18-1ubuntu1.2Ubuntu 22.04 LTS:   haproxy                         2.4.18-0ubuntu1.2Ubuntu 20.04 LTS:   haproxy                         2.0.29-0ubuntu1.3Ubuntu 18.04 LTS:   haproxy                         1.8.8-1ubuntu0.13In general, a standard system update will make all the necessary changes.References:   https://ubuntu.com/security/notices/USN-5869-1   CVE-2023-25725Package Information:   https://launchpad.net/ubuntu/+source/haproxy/2.4.18-1ubuntu1.2   https://launchpad.net/ubuntu/+source/haproxy/2.4.18-0ubuntu1.2   https://launchpad.net/ubuntu/+source/haproxy/2.0.29-0ubuntu1.3   https://launchpad.net/ubuntu/+source/haproxy/1.8.8-1ubuntu0.13

Source

Packet Storm