Red Hat Security Advisory 2023-0445-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: go-toolset-1.18 security update  
Advisory ID:       RHSA-2023:0445-01  
Product:           Red Hat Developer Tools  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0445  
Issue date:        2023-01-25  
CVE Names:         CVE-2022-2879 CVE-2022-2880 CVE-2022-41715  
====================================================================  
1. Summary:

An update for go-toolset-1.18 and go-toolset-1.18-golang is now available  
for Red Hat Developer Tools.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64  
Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64

3. Description:

Go Toolset provides the Go programming language tools and libraries. Go is  
alternatively known as golang.

Security Fix(es):

* golang: archive/tar: unbounded memory consumption when reading headers  
(CVE-2022-2879)

* golang: net/http/httputil: ReverseProxy should not forward unparseable  
query parameters (CVE-2022-2880)

* golang: regexp/syntax: limit memory used by parsing regexps  
(CVE-2022-41715)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* crypto testcases fail on golang on s390x [devtools-2022.4] (BZ#2149315)

* Internal linking fails on ppc64le [devtools-2022.4] (BZ#2161298)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers  
2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters  
2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps  
2137549 - patch version mismatch between 'go version', go-toolset and golang packages [devtools-2022.4]  
2149315 - crypto testcases fail on golang on s390x [devtools-2022.4]

6. Package List:

Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7):

Source:  
go-toolset-1.18-1.18.9-1.el7_9.src.rpm  
go-toolset-1.18-golang-1.18.9-1.el7_9.src.rpm

noarch:  
go-toolset-1.18-golang-docs-1.18.9-1.el7_9.noarch.rpm

ppc64le:  
go-toolset-1.18-1.18.9-1.el7_9.ppc64le.rpm  
go-toolset-1.18-build-1.18.9-1.el7_9.ppc64le.rpm  
go-toolset-1.18-golang-1.18.9-1.el7_9.ppc64le.rpm  
go-toolset-1.18-golang-bin-1.18.9-1.el7_9.ppc64le.rpm  
go-toolset-1.18-golang-misc-1.18.9-1.el7_9.ppc64le.rpm  
go-toolset-1.18-golang-src-1.18.9-1.el7_9.ppc64le.rpm  
go-toolset-1.18-golang-tests-1.18.9-1.el7_9.ppc64le.rpm  
go-toolset-1.18-runtime-1.18.9-1.el7_9.ppc64le.rpm  
go-toolset-1.18-scldevel-1.18.9-1.el7_9.ppc64le.rpm

s390x:  
go-toolset-1.18-1.18.9-1.el7_9.s390x.rpm  
go-toolset-1.18-build-1.18.9-1.el7_9.s390x.rpm  
go-toolset-1.18-golang-1.18.9-1.el7_9.s390x.rpm  
go-toolset-1.18-golang-bin-1.18.9-1.el7_9.s390x.rpm  
go-toolset-1.18-golang-misc-1.18.9-1.el7_9.s390x.rpm  
go-toolset-1.18-golang-src-1.18.9-1.el7_9.s390x.rpm  
go-toolset-1.18-golang-tests-1.18.9-1.el7_9.s390x.rpm  
go-toolset-1.18-runtime-1.18.9-1.el7_9.s390x.rpm  
go-toolset-1.18-scldevel-1.18.9-1.el7_9.s390x.rpm

x86_64:  
go-toolset-1.18-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-build-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-bin-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-misc-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-race-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-src-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-tests-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-runtime-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-scldevel-1.18.9-1.el7_9.x86_64.rpm

Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7):

Source:  
go-toolset-1.18-1.18.9-1.el7_9.src.rpm  
go-toolset-1.18-golang-1.18.9-1.el7_9.src.rpm

noarch:  
go-toolset-1.18-golang-docs-1.18.9-1.el7_9.noarch.rpm

x86_64:  
go-toolset-1.18-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-build-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-bin-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-misc-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-race-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-src-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-golang-tests-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-runtime-1.18.9-1.el7_9.x86_64.rpm  
go-toolset-1.18-scldevel-1.18.9-1.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2879  
https://access.redhat.com/security/cve/CVE-2022-2880  
https://access.redhat.com/security/cve/CVE-2022-41715  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9EFtdzjgjWX9erEAQj0Bg//areGiVKIe5eCAym/Tl0HO/De0u1erQIz  
Eucod6zAd1dhn4fqLJq7CphJQN92f5mKmky/MSC4tJ6gn8hU0iLlp5CX7WTR6DTG  
SGVf3KS+ziu8kU6iU9jRAa883j9djguV0b5NU2AZ5lvex0ydeGEyETwLDjSR2Oz9  
V1e1lFjgDULJBvvrQsNJ7Y7C95BoeI/vIHbMJEinsXfNN846MxA6Az3pNpQ1/Mcl  
xIdstLBEYNfRQi9W1BaD5UGvVyAvzM3VhotABtXH44d3YBAq4nYRW4soyNoztDbg  
PgNaupK2fMOP/Ocgqo4skXD3WHNkLKFnlWSeFbjaU7edvI0BwK1RPVR8a+bFMmB6  
mElaM6Bs8y66VZr1MdZbYhLyGrYVu37gFckhs40/bYBIDXQbm2UwnjkVItZ78msi  
BftKscRMkjgHtaZgS+i2VEo3MJWBy6rLD0C5tYlRJhVHeH0BGLGtVpY16iZdMeZN  
QxK4ThCmrKPFS22lsHyMwZsK1uj797f19OMKK8qqO0PTLDwJ6IpALxfub/M5poXt  
KNiDJyr+F2LtNGn83S50BraRSPKNEXxsI7p3HbMwR3Bd6SeiceEGJzlgVf8WypC6  
kIFDzNs+852R89EuoJWNCGrBwi221w4KwsmZ2ac7t6UWOCXddKuOsFXqph/NuXIz  
fvIGtXMY6s0=SsUy  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0445-01

Ubuntu Security Notice 5823-2 - USN-5823-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to MySQL 5.7.41.

=========================================================================  
Ubuntu Security Notice USN-5823-2  
January 24, 2023

mysql-5.7 vulnerability  
=========================================================================  
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

Several security issues were fixed in MySQL.

Software Description:  
- mysql-5.7: MySQL database

Details:

USN-5823-1 fixed a vulnerability in MySQL. This update provides  
the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

 Multiple security issues were discovered in MySQL and this update includes  
 new upstream MySQL versions to fix these issues.

 MySQL has been updated to MySQL 5.7.41.

 In addition to security fixes, the updated packages contain bug fixes, new  
 features, and possibly incompatible changes.

 Please see the following for more information:

 https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-41.html  
 https://www.oracle.com/security-alerts/cpujan2023.html

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 16.04 ESM:  
  mysql-server-5.7                5.7.41-0ubuntu0.16.04.1+esm1

This update uses a new upstream release, which includes additional bug  
fixes. In general, a standard system update will make all the necessary  
changes.

References:  
  https://ubuntu.com/security/notices/USN-5823-2  
  https://ubuntu.com/security/notices/USN-5823-1  
  CVE-2023-21840

Ubuntu Security Notice USN-5823-2

Ubuntu Security Notice 5823-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

    ==========================================================================Ubuntu Security Notice USN-5823-1January 24, 2023mysql-5.7, mysql-8.0 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.10- Ubuntu 22.04 LTS- Ubuntu 20.04 LTS- Ubuntu 18.04 LTSSummary:Several security issues were fixed in MySQL.Software Description:- mysql-8.0: MySQL database- mysql-5.7: MySQL databaseDetails:Multiple security issues were discovered in MySQL and this update includesnew upstream MySQL versions to fix these issues.MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, andUbuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41.In addition to security fixes, the updated packages contain bug fixes, newfeatures, and possibly incompatible changes.Please see the following for more information:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-41.htmlhttps://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.htmlhttps://www.oracle.com/security-alerts/cpujan2023.htmlUpdate instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.10:   mysql-server-8.0                8.0.32-0buntu0.22.10.1Ubuntu 22.04 LTS:   mysql-server-8.0                8.0.32-0buntu0.22.04.1Ubuntu 20.04 LTS:   mysql-server-8.0                8.0.32-0buntu0.20.04.1Ubuntu 18.04 LTS:   mysql-server-5.7                5.7.41-0ubuntu0.18.04.1This update uses a new upstream release, which includes additional bugfixes. In general, a standard system update will make all the necessarychanges.References:   https://ubuntu.com/security/notices/USN-5823-1   CVE-2022-32221, CVE-2023-21836, CVE-2023-21840, CVE-2023-21863,   CVE-2023-21867, CVE-2023-21868, CVE-2023-21869, CVE-2023-21870,   CVE-2023-21871, CVE-2023-21873, CVE-2023-21875, CVE-2023-21876,   CVE-2023-21877, CVE-2023-21878, CVE-2023-21879, CVE-2023-21880,   CVE-2023-21881, CVE-2023-21882, CVE-2023-21883, CVE-2023-21887Package Information:   https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.32-0buntu0.22.10.1   https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.32-0buntu0.22.04.1   https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.32-0buntu0.20.04.1   https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.41-0ubuntu0.18.04.1

Ubuntu Security Notice USN-5823-1

Debian Linux Security Advisory 5327-1 - Sebastien Meriot discovered that the S3 API of Swift, a distributed virtual object store, was susceptible to information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5327-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJanuary 24, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : swiftCVE ID         : CVE-2022-47950Debian Bug     : 1029200Sebastien Meriot discovered that the S3 API of Swift, a distributedvirtual object store, was susceptible to information disclosure.For the stable distribution (bullseye), this problem has been fixed inversion 2.26.0-10+deb11u1.We recommend that you upgrade your swift packages.For the detailed security status of swift please refer toits security tracker page at:https://security-tracker.debian.org/tracker/swiftFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPQNhQACgkQEMKTtsN8TjY5qw//YHxQJWvmsTZRDzYbyllUh4hfXkfNDKDbMOYv53ebgTSci77Q3di54rXok6OLR02mJaFsiccYVH8O9oWoEZveVkGhgB3fO5QcGhmHP218nXXknHtBWpfMrjzWIWQJLhU6lczlZtCuDxp4FGs1L/dw3HWDjRDC4/O6X4LDV11GGmM8v4OSEFicM5KMih/kNYt/DLHl2J3vb1cOLxNZCPAQoHhknpoE4NXdWnBZju8ufT1E0+OqhAnOTS3SXTZ7LuBmtArY0XwK+rKLeXg65RiJchpNIS7uOi0x+ZgvMbmaad5gKm5hA6ZRDdvsGrw0hUu9Atj40QShghCWhjKVRxXu+jMgFZhew/3drqYERv1sdQr94frmagjLdTlId6QYZCznfGEJTCL2cH+tlW4jBolL5cvS3UcrWHeFh6WNEb3fayeLr3811dJ0D+/bNXoiUTVPIBp37ycVg26Xehz4axrLPyHTDqXTqy5aEn1jee1810F1OeNfZODju8BxXgRxLCQaR7VoWtux+0ZQBhBziii2D2BPSZBzIP14llkqyYdxgMVBI67zDOu1VUXMy2gqJRvlzclimpmWbXXVV16gB3I6Kxt8MQKdMZpinUIYUjdp4Dm7p5pgTU8Jk8qJmdOu43mRnAgMOavLO7/1GeyOvDFnnW0gDsBbGLWRM7VbHGmB+7M=QW6t-----END PGP SIGNATURE-----

Debian Security Advisory 5327-1

Debian Linux Security Advisory 5326-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5326-1                   security@debian.orghttps://www.debian.org/security/                                  Aron XuJanuary 24, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : nodejsCVE ID         : CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215                 CVE-2022-35255 CVE-2022-35256 CVE-2022-43548Multiple vulnerabilities were discovered in Node.js, which could resultin HTTP request smuggling, bypass of host IP address validation and weakrandomness setup.For the stable distribution (bullseye), these problems have been fixed inversion 12.22.12~dfsg-1~deb11u3.We recommend that you upgrade your nodejs packages.For the detailed security status of nodejs please refer toits security tracker page at:https://security-tracker.debian.org/tracker/nodejsFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPQNhIACgkQEMKTtsN8TjaRmA/+KDFkQcd2sE/eAAx9cVikICNkfu7uIVKHpeDH9o5oq5M2nj4zHJCeAArpWblguyZwEtqzAOO2WesbrmwfXLmglhrNZwRMOrsbu63JxSnecp7qcMwR8A4JWdmdTxb4aZr6Prmwq6fT0G3K6oV8Hw+OeqYA/RZKenxtkBf/jdzVahGJHJ/NrFKKWVQWxbqHwCkP7uUlm+5UR5XzNrodTRCQYHJvUmDUrjEOjM6x+sqYirKWiERN0A14kVn90Ufrw6+Z2tKhdKFZfU1BtDthhlH/nybz0h3aHsk+E5/vx20WAURiCEDVi7nf8+RfEtbCxaqV+/xVoPmXStHY/ogCo8CgRVsyYUIemgi4q5LwVx/Oqjm2CJ/xCwOKh0E2idXLJfLSpxxBe598MUn9iKbnFFCN9DQZXf7BYs3djtn8ALFVBSHZSF1QXFoFQ86wY9xGhBQzfEgCoEW7H4S30ZQ+Gz+ZnOMCSH+MKIMtSpqbc7wLtrKf839DO6Uux7B7u0WR3lZlsihi92QKq9X/VRkyy8ZiA2TYy3IE+KDKlXDHKls9FR9BUClYe9L8RiRuboP8KPFUHUsSVaTzkufMStdKkcXCqgj/6KhJL6E9ZunTBpTmqx1Ty7/N2qktLFnHujrffzV3rCE6eIg7ps8OdZbjCfqUqmQk9/pV6ZDjymqjZ1LKZDsþRn-----END PGP SIGNATURE-----

Debian Security Advisory 5326-1

Red Hat Security Advisory 2023-0403-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

Red Hat Security Advisory 2023-0403-01

Red Hat Security Advisory 2023-0442-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: sssd security update  
Advisory ID:       RHSA-2023:0442-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0442  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-4254  
====================================================================  
1. Summary:

An update for sssd is now available for Red Hat Enterprise Linux 8.1 Update  
Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The System Security Services Daemon (SSSD) service provides a set of  
daemons to manage access to remote directories and authentication  
mechanisms. It also provides the Name Service Switch (NSS) and the  
Pluggable Authentication Modules (PAM) interfaces toward the system, and a  
pluggable back-end system to connect to multiple different account sources.

Security Fix(es):

* sssd: libsss_certmap fails to sanitise certificate data used in LDAP  
filters (CVE-2022-4254)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2149894 - CVE-2022-4254 sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1):

Source:  
sssd-2.2.0-19.el8_1.3.src.rpm

aarch64:  
libipa_hbac-2.2.0-19.el8_1.3.aarch64.rpm  
libipa_hbac-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_autofs-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_autofs-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_certmap-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_certmap-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_idmap-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_idmap-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_nss_idmap-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_simpleifp-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_simpleifp-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_sudo-2.2.0-19.el8_1.3.aarch64.rpm  
libsss_sudo-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
python3-libipa_hbac-2.2.0-19.el8_1.3.aarch64.rpm  
python3-libipa_hbac-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
python3-libsss_nss_idmap-2.2.0-19.el8_1.3.aarch64.rpm  
python3-libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
python3-sss-2.2.0-19.el8_1.3.aarch64.rpm  
python3-sss-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
python3-sss-murmur-2.2.0-19.el8_1.3.aarch64.rpm  
python3-sss-murmur-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-ad-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-ad-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-client-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-client-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-common-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-common-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-common-pac-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-common-pac-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-dbus-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-dbus-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-debugsource-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-ipa-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-ipa-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-kcm-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-kcm-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-krb5-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-krb5-common-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-krb5-common-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-krb5-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-ldap-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-ldap-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-libwbclient-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-libwbclient-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-nfs-idmap-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-nfs-idmap-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-polkit-rules-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-proxy-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-proxy-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-tools-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-tools-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-winbind-idmap-2.2.0-19.el8_1.3.aarch64.rpm  
sssd-winbind-idmap-debuginfo-2.2.0-19.el8_1.3.aarch64.rpm

noarch:  
python3-sssdconfig-2.2.0-19.el8_1.3.noarch.rpm

ppc64le:  
libipa_hbac-2.2.0-19.el8_1.3.ppc64le.rpm  
libipa_hbac-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_autofs-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_autofs-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_certmap-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_certmap-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_idmap-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_idmap-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_nss_idmap-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_simpleifp-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_simpleifp-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_sudo-2.2.0-19.el8_1.3.ppc64le.rpm  
libsss_sudo-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
python3-libipa_hbac-2.2.0-19.el8_1.3.ppc64le.rpm  
python3-libipa_hbac-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
python3-libsss_nss_idmap-2.2.0-19.el8_1.3.ppc64le.rpm  
python3-libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
python3-sss-2.2.0-19.el8_1.3.ppc64le.rpm  
python3-sss-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
python3-sss-murmur-2.2.0-19.el8_1.3.ppc64le.rpm  
python3-sss-murmur-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-ad-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-ad-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-client-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-client-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-common-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-common-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-common-pac-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-common-pac-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-dbus-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-dbus-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-debugsource-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-ipa-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-ipa-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-kcm-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-kcm-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-krb5-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-krb5-common-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-krb5-common-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-krb5-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-ldap-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-ldap-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-libwbclient-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-libwbclient-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-nfs-idmap-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-nfs-idmap-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-polkit-rules-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-proxy-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-proxy-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-tools-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-tools-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-winbind-idmap-2.2.0-19.el8_1.3.ppc64le.rpm  
sssd-winbind-idmap-debuginfo-2.2.0-19.el8_1.3.ppc64le.rpm

s390x:  
libipa_hbac-2.2.0-19.el8_1.3.s390x.rpm  
libipa_hbac-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
libsss_autofs-2.2.0-19.el8_1.3.s390x.rpm  
libsss_autofs-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
libsss_certmap-2.2.0-19.el8_1.3.s390x.rpm  
libsss_certmap-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
libsss_idmap-2.2.0-19.el8_1.3.s390x.rpm  
libsss_idmap-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
libsss_nss_idmap-2.2.0-19.el8_1.3.s390x.rpm  
libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
libsss_simpleifp-2.2.0-19.el8_1.3.s390x.rpm  
libsss_simpleifp-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
libsss_sudo-2.2.0-19.el8_1.3.s390x.rpm  
libsss_sudo-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
python3-libipa_hbac-2.2.0-19.el8_1.3.s390x.rpm  
python3-libipa_hbac-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
python3-libsss_nss_idmap-2.2.0-19.el8_1.3.s390x.rpm  
python3-libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
python3-sss-2.2.0-19.el8_1.3.s390x.rpm  
python3-sss-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
python3-sss-murmur-2.2.0-19.el8_1.3.s390x.rpm  
python3-sss-murmur-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-2.2.0-19.el8_1.3.s390x.rpm  
sssd-ad-2.2.0-19.el8_1.3.s390x.rpm  
sssd-ad-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-client-2.2.0-19.el8_1.3.s390x.rpm  
sssd-client-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-common-2.2.0-19.el8_1.3.s390x.rpm  
sssd-common-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-common-pac-2.2.0-19.el8_1.3.s390x.rpm  
sssd-common-pac-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-dbus-2.2.0-19.el8_1.3.s390x.rpm  
sssd-dbus-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-debugsource-2.2.0-19.el8_1.3.s390x.rpm  
sssd-ipa-2.2.0-19.el8_1.3.s390x.rpm  
sssd-ipa-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-kcm-2.2.0-19.el8_1.3.s390x.rpm  
sssd-kcm-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-krb5-2.2.0-19.el8_1.3.s390x.rpm  
sssd-krb5-common-2.2.0-19.el8_1.3.s390x.rpm  
sssd-krb5-common-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-krb5-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-ldap-2.2.0-19.el8_1.3.s390x.rpm  
sssd-ldap-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-libwbclient-2.2.0-19.el8_1.3.s390x.rpm  
sssd-libwbclient-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-nfs-idmap-2.2.0-19.el8_1.3.s390x.rpm  
sssd-nfs-idmap-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-proxy-2.2.0-19.el8_1.3.s390x.rpm  
sssd-proxy-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-tools-2.2.0-19.el8_1.3.s390x.rpm  
sssd-tools-debuginfo-2.2.0-19.el8_1.3.s390x.rpm  
sssd-winbind-idmap-2.2.0-19.el8_1.3.s390x.rpm  
sssd-winbind-idmap-debuginfo-2.2.0-19.el8_1.3.s390x.rpm

x86_64:  
libipa_hbac-2.2.0-19.el8_1.3.i686.rpm  
libipa_hbac-2.2.0-19.el8_1.3.x86_64.rpm  
libipa_hbac-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
libipa_hbac-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_autofs-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_autofs-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
libsss_autofs-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_certmap-2.2.0-19.el8_1.3.i686.rpm  
libsss_certmap-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_certmap-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
libsss_certmap-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_idmap-2.2.0-19.el8_1.3.i686.rpm  
libsss_idmap-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_idmap-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
libsss_idmap-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_nss_idmap-2.2.0-19.el8_1.3.i686.rpm  
libsss_nss_idmap-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_simpleifp-2.2.0-19.el8_1.3.i686.rpm  
libsss_simpleifp-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_simpleifp-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
libsss_simpleifp-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_sudo-2.2.0-19.el8_1.3.x86_64.rpm  
libsss_sudo-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
libsss_sudo-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
python3-libipa_hbac-2.2.0-19.el8_1.3.x86_64.rpm  
python3-libipa_hbac-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
python3-libipa_hbac-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
python3-libsss_nss_idmap-2.2.0-19.el8_1.3.x86_64.rpm  
python3-libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
python3-libsss_nss_idmap-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
python3-sss-2.2.0-19.el8_1.3.x86_64.rpm  
python3-sss-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
python3-sss-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
python3-sss-murmur-2.2.0-19.el8_1.3.x86_64.rpm  
python3-sss-murmur-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
python3-sss-murmur-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-ad-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-ad-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-ad-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-client-2.2.0-19.el8_1.3.i686.rpm  
sssd-client-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-client-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-client-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-common-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-common-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-common-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-common-pac-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-common-pac-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-common-pac-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-dbus-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-dbus-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-dbus-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-debugsource-2.2.0-19.el8_1.3.i686.rpm  
sssd-debugsource-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-ipa-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-ipa-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-ipa-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-kcm-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-kcm-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-kcm-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-krb5-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-krb5-common-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-krb5-common-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-krb5-common-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-krb5-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-krb5-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-ldap-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-ldap-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-ldap-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-libwbclient-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-libwbclient-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-libwbclient-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-nfs-idmap-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-nfs-idmap-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-nfs-idmap-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-polkit-rules-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-proxy-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-proxy-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-proxy-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-tools-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-tools-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-tools-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-winbind-idmap-2.2.0-19.el8_1.3.x86_64.rpm  
sssd-winbind-idmap-debuginfo-2.2.0-19.el8_1.3.i686.rpm  
sssd-winbind-idmap-debuginfo-2.2.0-19.el8_1.3.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-4254  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9AIqtzjgjWX9erEAQjmug//dlh5NbhkMD0MWffQd8uIjl1306NsDnRl  
oYrhGn5qsa//kqJOBTJ6utY57Q90YJeDOq18pK++1A4tkhWHC+hAPSJLXsytlKhT  
W2kqGshFQF7LgY+LPMYrGa9NmtDLWRpilnhHM9PkGgKbb6jjuQ846qa7gUp/+MWp  
RVQKapEO5Fcu3TuPZ/wxt3kvofeDOmYyrcUt8ODhlSpvRKlhWnoi+8xAXC0Hlo7V  
wlbJ6PTNWpdAC+Xd0Dj7KGdRLEJXf0NlQyuih9XF3v9ETKBpIQB/oq0pWlJCn2Xg  
xw0hkAnz8T9oR+QCT7sXxub7WVnGVXmiYaZ4o6aaAnpXfu9AmO7sCnh1Gw8gV7l8  
4VyYigyWPia3MNhVwl/e22WBpkQ4VGnxQ/CAU0exi2hKbQF0jikNmXM8LVHQDXBl  
aUSv8FQGG+ON1+JsD3bxFt/r2O9IsZeQoz3HWpVLYyWg7tmNNQS8V3SOLX2K0Tcl  
KxDOiHcSYEnhDTUS7KwULIIubPs/i+5tvfEDKDJEI9N4GAS+Z6zMtrIA82f5Hs/o  
zTU8q42RuMqZEX4DNU6dO3qVGTIeSKqPzZP+bm3Zvgu9OC5iNKeZU+mwnKoFVl2s  
D+DP6Hk3H1ErAbj2MjuDtBpZZvcOHtXjgx93CCjcsbNQupLlivFII3sfYdY0rlAb  
a8X85V7CUxM=xeDA  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0442-01

Red Hat Security Advisory 2023-0402-01 - An update for bind is now available for Red Hat Enterprise Linux 7.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: bind security update  
Advisory ID:       RHSA-2023:0402-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0402  
Issue date:        2023-01-24  
CVE Names:         CVE-2021-25220 CVE-2022-2795  
====================================================================  
1. Summary:

An update for bind is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64  
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64  
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64  
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64  
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64  
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain  
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver  
library (routines for applications to use when interfacing with DNS); and  
tools for verifying that the DNS server is operating correctly.

Security Fix(es):

* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)

* bind: processing large delegations may severely degrade resolver  
performance (CVE-2022-2795)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted  
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability  
2128584 - CVE-2022-2795 bind: processing large delegations may severely degrade resolver performance

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:  
bind-9.11.4-26.P2.el7_9.13.src.rpm

noarch:  
bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm

x86_64:  
bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:  
bind-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:  
bind-9.11.4-26.P2.el7_9.13.src.rpm

noarch:  
bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm

x86_64:  
bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:  
bind-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:  
bind-9.11.4-26.P2.el7_9.13.src.rpm

noarch:  
bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm

ppc64:  
bind-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-chroot-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-pkcs11-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-utils-9.11.4-26.P2.el7_9.13.ppc64.rpm

ppc64le:  
bind-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-chroot-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-pkcs11-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-utils-9.11.4-26.P2.el7_9.13.ppc64le.rpm

s390x:  
bind-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-chroot-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-pkcs11-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-utils-9.11.4-26.P2.el7_9.13.s390x.rpm

x86_64:  
bind-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:  
bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-sdb-9.11.4-26.P2.el7_9.13.ppc64.rpm  
bind-sdb-chroot-9.11.4-26.P2.el7_9.13.ppc64.rpm

ppc64le:  
bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-sdb-9.11.4-26.P2.el7_9.13.ppc64le.rpm  
bind-sdb-chroot-9.11.4-26.P2.el7_9.13.ppc64le.rpm

s390x:  
bind-debuginfo-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.s390.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-sdb-9.11.4-26.P2.el7_9.13.s390x.rpm  
bind-sdb-chroot-9.11.4-26.P2.el7_9.13.s390x.rpm

x86_64:  
bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:  
bind-9.11.4-26.P2.el7_9.13.src.rpm

noarch:  
bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm

x86_64:  
bind-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:  
bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm  
bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm  
bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-25220  
https://access.redhat.com/security/cve/CVE-2022-2795  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9AIs9zjgjWX9erEAQiz9BAAiQvmAQ5DWdOQbHHizPAHBnKnBtNBfCT3  
iaAzKQ0Yrpk26N9cdrvcBJwdrHpI28VJ3eemFUxQFseUqtAErsgfL4QqnjPjQgsp  
U2qLPjqbzfOrbi1CuruMMIIbtxfwvsdic8OB9Zi7XzfZjWm2X4c6Ima+QXol6x9a  
8J2qdzCqhoYUXJgdpVK9nAAGsPtidcnqLYYIcTclJArp6uRSlEEk7EbNJvs2SAbj  
MUo5aq5BoVy2TkiMyqhT5voy6K8f4c7WbQYerNieps18541ZSr29fAzWBznr3Yns  
gE10Aaoa8uCxlaexFR8EahPVYe6wJAm6R62LBabEWChbzW0oxr7X2DdzX9eiOwl0  
wJT0n4GHoFsCGMa+v1yybkjHIUfiW25WC7bC4QDj4fjTpbicVlnttXhQJwCJK5bb  
PC27GE6qi7EqwHYJa/jPenbIG38mXj/r2bwIr1qYQMLjQ8BQIneShky3ZWE4l/jd  
zTMwGVal8ACBYdCALx/O9QNyzaO92xHLnKl3DIoqaQdjasIfGp/G6Xc1YggKyZAP  
VVtXPiOIbReBVNWiBXMH1ZEQeNon4su0/MbMWrmJpwvEzYeXkuWO98LZ4dlLVuim  
NG/dJ6RqzT6/aqRNVyOt5s4SLIQ5DrPXoPnZRUBsbpWhP6lxPhESKA0TUg5FYz33  
eDGIrZR4jEY=azJw  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0402-01

Red Hat Security Advisory 2023-0441-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:0441-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0441  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-4139  
====================================================================  
1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v.8.6) - x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: i915: Incorrect GPU TLB flush can lead to random memory access  
(CVE-2022-4139)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.6):

Source:  
kpatch-patch-4_18_0-372_13_1-1-4.el8_6.src.rpm  
kpatch-patch-4_18_0-372_16_1-1-4.el8_6.src.rpm  
kpatch-patch-4_18_0-372_19_1-1-3.el8_6.src.rpm  
kpatch-patch-4_18_0-372_26_1-1-3.el8_6.src.rpm  
kpatch-patch-4_18_0-372_32_1-1-2.el8_6.src.rpm  
kpatch-patch-4_18_0-372_36_1-1-1.el8_6.src.rpm  
kpatch-patch-4_18_0-372_40_1-1-1.el8_6.src.rpm

x86_64:  
kpatch-patch-4_18_0-372_13_1-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_13_1-debuginfo-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_13_1-debugsource-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_16_1-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_16_1-debuginfo-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_16_1-debugsource-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_19_1-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_19_1-debuginfo-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_19_1-debugsource-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_26_1-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_26_1-debuginfo-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_26_1-debugsource-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_32_1-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_32_1-debuginfo-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_32_1-debugsource-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_36_1-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_36_1-debuginfo-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_36_1-debugsource-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_40_1-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_40_1-debuginfo-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_40_1-debugsource-1-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-4139  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9AIsNzjgjWX9erEAQgckQ//bYZVnOvKNaVx+5irtuwJVimKLsH+cB2A  
0gF/GzJD9nzqh90VI75o3BWTf9HLOoxsjI8iSL4GBJ5o7KC5gvAXlpVQMcLSPcXb  
D090UchsQtUTcS7y45VrrW7nevenjhWuyIq3KctdT/YJoZcHRGnv0VGSYmeoIxuQ  
2CUf72euPxTUDuRzLs8StcAHYpqtLg3WXjSn1BzrHSOf+xDSd4UPAa1k977zmYp9  
JGtrErJBhzWk5eQV8lyB4LIzvWUBPqkwtGMqrurj3LY/2hoQCsZfconUC0PeXoyN  
gU7I5/V27uvNjP5sn57sYYjqWWEm7029lWXinsejbK0KQlk8iHnxc72kprucgBo3  
YVomz5FIC6cBVvQ/Gu8W0INrAQfyUdupG6cN8Cj3eGcp90r025/nk3rQ9hpO/Uf2  
jH3UU45FNk+Q02LqWfL4tHV4MO/EUq7X4xf5GozVQ7JvEQVpcwyEvsYuWNt9YG4N  
+RX+Nzc7LwcrHI0IoL6EUKLygFjJBsNDneyWHykepCdXQwaVbRgpXGNA/2T6ua7q  
a46USY3VSm2Flz+79hUQcKDIj7heWjbNIzDNvJ+qrT5Q+EHNVkeqQx/g2/94HZPb  
0oj7ynKLba8oM0ILIc+VQZtAixuC+0R99reIgNfFbgWBYgI1JObAFguR15lMiXHI  
b8LAVKdsjO8=j/8X  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0441-01

Red Hat Security Advisory 2023-0427-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a file download vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: pcs security update  
Advisory ID:       RHSA-2023:0427-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0427  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-45442  
====================================================================  
1. Summary:

An update for pcs is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux High Availability EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Resilient Storage EUS (v.8.6) - ppc64le, s390x, x86_64

3. Description:

The pcs packages provide a command-line configuration system for the  
Pacemaker and Corosync utilities.

Security Fix(es):

* sinatra: Reflected File Download attack (CVE-2022-45442)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2153363 - CVE-2022-45442 sinatra: Reflected File Download attack

6. Package List:

Red Hat Enterprise Linux High Availability EUS (v.8.6):

Source:  
pcs-0.10.12-6.el8_6.3.src.rpm

aarch64:  
pcs-0.10.12-6.el8_6.3.aarch64.rpm  
pcs-snmp-0.10.12-6.el8_6.3.aarch64.rpm

ppc64le:  
pcs-0.10.12-6.el8_6.3.ppc64le.rpm  
pcs-snmp-0.10.12-6.el8_6.3.ppc64le.rpm

s390x:  
pcs-0.10.12-6.el8_6.3.s390x.rpm  
pcs-snmp-0.10.12-6.el8_6.3.s390x.rpm

x86_64:  
pcs-0.10.12-6.el8_6.3.x86_64.rpm  
pcs-snmp-0.10.12-6.el8_6.3.x86_64.rpm

Red Hat Enterprise Linux Resilient Storage EUS (v.8.6):

Source:  
pcs-0.10.12-6.el8_6.3.src.rpm

ppc64le:  
pcs-0.10.12-6.el8_6.3.ppc64le.rpm  
pcs-snmp-0.10.12-6.el8_6.3.ppc64le.rpm

s390x:  
pcs-0.10.12-6.el8_6.3.s390x.rpm  
pcs-snmp-0.10.12-6.el8_6.3.s390x.rpm

x86_64:  
pcs-0.10.12-6.el8_6.3.x86_64.rpm  
pcs-snmp-0.10.12-6.el8_6.3.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-45442  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9AIttzjgjWX9erEAQjq+w/+LNniFi1wUtJTA7XK9hsOBaFOyGn29dF8  
hxHIx8SvIamC5nfE7iO+Ova8ldoj5VGugSVeLgGDsSxjKBnvebFagPXnYos8z0/x  
Pe7R8LihnSCfxEOv7ZfdpRGNQZpJls4PWFna9csf6weV1bfGwm4zlyNxBAucrnv2  
cUco99IrbTfmomuc5OKyzv/NCU2x90yuMnvNlMCkv0Jca38+yUHXUcWc+upTmisp  
rw3G0woudN/pHEPjX3cEEYwOZtaCABdKwcaKcVdVIYieUkoVfE4i3x7iq8zIjSkP  
2YgTcLYri8C4wHKbT5+IXjbnAPoQzDSOXNYg0CmW6uZKjvYn9gsbGHR0WHSh6Ot3  
qpH4Uvw//dL1QBs9ln+1Fq+BblEWQHuje42xfYJIQlnf3YtB2J5cUefyltn5qN3q  
KKNPpHCvLsyLMSGPPFzKpIuPPKJWtqd13yrD1Nlo4T5ELmKag+r0o25wY0WRi3u7  
G3ngvw4aGo1dOTIlvuJlRyf60giB3FJ9qDR3oU3DGdV33LjxjCyL3W1u2YigbAwE  
+/ULj4VIswv/5G8Zab2gAk5iwobNT+qn9fr2AI7/UGSLWdIeupj7r7DwLVA/2jWx  
TTyYONEYXccL0dVYkAQmu8MspbCRuSYRca1Qn1fFR0wuZXtkxZxl9mKtuGvxk569  
3dlPwzLDq+o1u  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Source

Packet Storm