The t2'23 Call For Papers has been announced. It will take place May 4th through the 5th, 2023 in Helsinki, Finland.

    Call For Papers 2023Tired of your bosses suspecting conference trips to exotic locations being just a ploy to partake in Security Vacation Club? Prove them wrong by coming to Helsinki, Finland on May 4-5 2023! Guaranteed lack of sunburn, good potential for rain or slush. In case of great spring weather, though, no money back.CFP and registration both open. Read further if still unsure.Maui, Miami, Las Vegas, Tel Aviv or Wellington feel so much sunnier once you’ve experienced the lack of infinity pools in Northern Europe. Instead of pools and palms trees, we can offer you actual saunas and a high tech environment, which is a weird combination of demoscene, widespread Linux adoption, mobile Internet with uncapped flat rate data and a long history of IRC and imageboards.What defines a conference? For t2 it has always been that intimate welcoming atmosphere of a small event, which makes both audience and speakers approachable. There are enough regulars to create the feeling of a community, but not too many that a first-comer would feel being left out. On the content side, we have always been and always will be a technical security conference, emphasizing the cutting edge, world class research. This is an event for the community. Our focus[1] is on technical excellence, not politics or player hating.t2’23 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in EDR simulation and healthcheck spoofing, hardware insecurity, inferring information from interference, cloud-scale forensics or persistance automation, new vulnerability classes, AI exploitation, virtual machines inside parsers, elegant exploitation of old vulnerability classes, modern defense, dropping zero days during presentations, state of the art memory corruption mitigation bypasses, evasions, safe cracking, satellite and space security, remote vehicle access, or whatever research lights up the eyes of seasoned conference visitors. For the hackers by the hackers.The advisory board will be reviewing submissions until 2023-03-17. Slide deck submission final deadline 2023-04-20 for accepted talks.First come, first served. Submissions will not be returned.Quick facts for speakers+ presentation length 60-120 minutes, in English+ complimentary travel and accommodation for one person[6]+ decent speaker hospitality benefits+ no marketing or product propagandaStill not sure if this is for you? Check out the blast from the past[2].The total amount of attendees, including speakers and organizers is limited to 99. Advisory Board recognize[3] the OG Finnish sauna culture is an acquired taste and can promise the lack of sweaty, partially or fully nude sauna-goers at all conference functions.[0] hunter2[1] https://t2.fi/about/eula/[2] https://t2.fi/schedules/[3] https://youtu.be/Oj8JBBAM5jY?t=40[6] except literally @nudehaberdasher and @0xcharlieHow to submitFill out the form at https://if.t2.fi/action/cfpHow to registerBuy your ticket at https://t2.fi/registration/

t2'23 Call For Papers

Ubuntu Security Notice 5822-1 - It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.

==========================================================================  
Ubuntu Security Notice USN-5822-1  
January 24, 2023

samba vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Samba.

Software Description:  
- samba: SMB/CIFS file, print, and login server for Unix

Details:

It was discovered that Samba incorrectly handled the bad password count  
logic. A remote attacker could possibly use this issue to bypass bad  
passwords lockouts. This issue was only addressed in Ubuntu 22.10.  
(CVE-2021-20251)

Evgeny Legerov discovered that Samba incorrectly handled buffers in  
certain GSSAPI routines of Heimdal. A remote attacker could possibly use  
this issue to cause Samba to crash, resulting in a denial of service.  
(CVE-2022-3437)

Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos  
keys. A remote attacker could possibly use this issue to elevate  
privileges. (CVE-2022-37966, CVE-2022-37967)

It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure  
Channel. A remote attacker could possibly use this issue to elevate  
privileges. (CVE-2022-38023)

Greg Hudson discovered that Samba incorrectly handled PAC parsing. On  
32-bit systems, a remote attacker could use this issue to escalate  
privileges, or possibly execute arbitrary code. (CVE-2022-42898)

Joseph Sutton discovered that Samba could be forced to issue rc4-hmac  
encrypted Kerberos tickets. A remote attacker could possibly use this issue  
to escalate privileges. This issue only affected Ubuntu 20.04 LTS and  
Ubuntu 22.04 LTS. (CVE-2022-45141)

WARNING: The fixes included in these updates introduce several important  
behavior changes which may cause compatibility problems interacting with  
systems still expecting the former behavior. Please see the following  
upstream advisories for more information:

https://www.samba.org/samba/security/CVE-2022-37966.html  
https://www.samba.org/samba/security/CVE-2022-37967.html  
https://www.samba.org/samba/security/CVE-2022-38023.html

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.10:  
   samba                           2:4.16.8+dfsg-0ubuntu1

Ubuntu 22.04 LTS:  
   samba                           2:4.15.13+dfsg-0ubuntu1

Ubuntu 20.04 LTS:  
   samba                           2:4.13.17~dfsg-0ubuntu1.20.04.4

This update uses a new upstream release, which includes additional bug  
fixes. In general, a standard system update will make all the necessary  
changes.

References:  
   https://ubuntu.com/security/notices/USN-5822-1  
   CVE-2021-20251, CVE-2022-3437, CVE-2022-37966, CVE-2022-37967,  
   CVE-2022-38023, CVE-2022-42898, CVE-2022-45141

Package Information:  
   https://launchpad.net/ubuntu/+source/samba/2:4.16.8+dfsg-0ubuntu1  
   https://launchpad.net/ubuntu/+source/samba/2:4.15.13+dfsg-0ubuntu1  
   https://launchpad.net/ubuntu/+source/samba/2:4.13.17~dfsg-0ubuntu1.20.04.4

Ubuntu Security Notice USN-5822-1

Ubuntu Security Notice 5821-1 - Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service.

==========================================================================  
Ubuntu Security Notice USN-5821-1  
January 24, 2023

wheel vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 14.04 ESM

Summary:

wheel could be made to crash if it received specially crafted  
input.

Software Description:  
- wheel: built-package format for Python

Details:

Sebastian Chnelik discovered that wheel incorrectly handled  
certain file names when validated against a regex expression.  
An attacker could possibly use this issue to cause a  
denial of service.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.10:  
   python3-wheel                   0.37.1-2ubuntu0.22.10.1

Ubuntu 22.04 LTS:  
   python3-wheel                   0.37.1-2ubuntu0.22.04.1

Ubuntu 20.04 LTS:  
   python3-wheel                   0.34.2-1ubuntu0.1

Ubuntu 18.04 LTS:  
   python-wheel                    0.30.0-0.2ubuntu0.1  
   python3-wheel                   0.30.0-0.2ubuntu0.1

Ubuntu 14.04 ESM:  
   python-wheel                    0.24.0-1~ubuntu1.1+esm1  
   python3-wheel                   0.24.0-1~ubuntu1.1+esm1

In general, a standard system update will make all the necessary changes.  
If installed, python-pip and python3-pip will also need to be updated.

References:  
   https://ubuntu.com/security/notices/USN-5821-1  
   CVE-2022-40898

Package Information:  
https://launchpad.net/ubuntu/+source/wheel/0.37.1-2ubuntu0.22.10.1  
https://launchpad.net/ubuntu/+source/wheel/0.37.1-2ubuntu0.22.04.1  
   https://launchpad.net/ubuntu/+source/wheel/0.34.2-1ubuntu0.1  
   https://launchpad.net/ubuntu/+source/wheel/0.30.0-0.2ubuntu0.1

Ubuntu Security Notice USN-5821-1

Red Hat Security Advisory 2023-0396-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:0396-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0396  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-2964  
====================================================================  
1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: memory corruption in AX88179_178A based USB ethernet device.  
(CVE-2022-2964)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.2):

Source:  
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.src.rpm  
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.src.rpm  
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.src.rpm  
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.src.rpm  
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.src.rpm

ppc64le:  
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_87_1-debuginfo-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_87_1-debugsource-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_90_1-debuginfo-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_90_1-debugsource-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_91_1-debuginfo-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_91_1-debugsource-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_93_1-debuginfo-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_93_1-debugsource-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_95_1-debuginfo-1-1.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_95_1-debugsource-1-1.el8_2.ppc64le.rpm

x86_64:  
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_87_1-debuginfo-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_87_1-debugsource-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_90_1-debuginfo-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_90_1-debugsource-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_91_1-debuginfo-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_91_1-debugsource-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_93_1-debuginfo-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_93_1-debugsource-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_95_1-debuginfo-1-1.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_95_1-debugsource-1-1.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2964  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0NNzjgjWX9erEAQggsRAAjDjX7SS69cm4vKXiyV+nbJ3vjugudA1Y  
ctegziR7p+XpI16UZTba1+zx+VqhTEtCC9gC2rrTziw0RRnN5DYRvd45A3UY9fwc  
ehCUJi5jq0e797yeFlMrbWQ+5OW6j78uhyWNvhbKO+R7Du++tNrHEjUAd9Gs6O7+  
LRTYOvZ7Q9QSWe1dGNir8ZS1G7Mm63jRHFXqlnF1NW34T+HpqpJ896Ej4oAMPzoA  
vOMjIuU46L7bOZ0uyJZfzCi1lLP2SaaCxADHeUprOriVwb8NanAaitxJpCmUstoQ  
nKhmUMH3M2SnspTJexOHkDDdIX56On1s2xpoHw9Niwc7fFpfilELRqqXIe5LxRrP  
vnVyBR1jlwrZaxdvdhVtSG7BgWVHlC+EIiJcrE9EBrO2Ed9n31JB4J7/BDHF0+Os  
dVhDEPhRqVH0Tk6dR6thTa5Y8K2WyPiByOkOZ2AZo8gsHVvsvnFUJzLd7gFil7vV  
Wg1HqMy6ly0iMzDjasv5jXDHo4Jg9RtAZCeZTvKXJ2feV0xzvUdUcDKoCB6EDENn  
7MtiNWoG9h0IQQjbkOgeXHk6dUdyzbzLElEp7cgUDAJIFwgL+E1XaS2XZNqneLzK  
V/OV6+bpDZ8Zu1oYsXxl2S+4qeyEUEKeezOf5EuzMkHg+H8iOu4Nvp9zpPEk5xdp  
Wf+TKT8ftdk=1GZm  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0396-01

Red Hat Security Advisory 2023-0397-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

Red Hat Security Advisory 2023-0397-01

Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: java-1.8.0-openjdk security and bug fix update  
Advisory ID:       RHSA-2023:0203-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0203  
Issue date:        2023-01-24  
CVE Names:         CVE-2023-21830 CVE-2023-21843  
====================================================================  
1. Summary:

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise  
Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64  
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64  
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64  
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64  
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Workstation (v. 7) - x86_64  
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime  
Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* OpenJDK: improper restrictions in CORBA deserialization (Serialization,  
8285021) (CVE-2023-21830)

* OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362)  
(BZ#2150191)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2150191 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-7.9.z]  
2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)  
2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

ppc64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.ppc64.rpm

ppc64le:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.ppc64le.rpm

s390x:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.s390x.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

ppc64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.ppc64.rpm

ppc64le:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.ppc64le.rpm

s390x:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.s390x.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-21830  
https://access.redhat.com/security/cve/CVE-2023-21843  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0P9zjgjWX9erEAQiO4A//QdKG0zEeh/mRYT/SKgMvYgoS9MPrG04/  
lcoDwPYqwPXXQNMM5sBlUUAAGc2vqWTy4zN7iOb7Kpsh6PwJZNV5vIYGTodiZ6CO  
SNYHrkohRJ02PFH8RVhMa07kzwOREesD7au0Aqr/IHjTRH2x0X1Twbmldbi16B+I  
iSMVI2mXVYYS8Ywf4ZZaTQ0gNIzk0kScitkQ05lhF0XBtnFyvcmYMgQe1AxzPotG  
sF/GgLLdqNXcxc/zGO/a1xut8/xXM5iNbHSK5LBT50P4LPNI4Me10wqEi7cy7a16  
vUvgvK9Ze57t0XdoP2qQ7+0nWsA/oKFsLd8yhesPc7ZfP+boEUpy6O7WV4ff7afj  
KJbD7K3Zcno/1O55S7VjGBytLwggBIFcBQimwGarxSroVsj0Qt0treQNGfNLctuh  
NgqrSGaxRKjSttG8vjghyJA4aPZEf1pZRkj0YZ7Tk88a74a0MrYZEF+eav17B+Of  
oFz6Qw6G/q6GpYusX04ti+YFf7EvFWuLqyA6DEJcOIoIsQQn+9esS002urBADj0v  
oIYM7juljFck+IwxshavxwF9saEECTYCJtdDRblfRmqe7cHEHBrzVGiMMXh35IGk  
pACfKV7IqS5rXBgeYL2x5VhhkEnHkY0F6dXytP5/hCqTkW4Lj+Y7cW9BjF+LuFll  
tEZVPSHt7AA=nr/N  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0203-01

Red Hat Security Advisory 2023-0395-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Security Advisory 2023-0395-01

Red Hat Security Advisory 2023-0241-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.50.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Low: OpenShift Container Platform 4.10.50 bug and security update  
Advisory ID:       RHSA-2023:0241-01  
Product:           Red Hat OpenShift Enterprise  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0241  
Issue date:        2023-01-24  
CVE Names:         CVE-2023-0296  
====================================================================  
1. Summary:

Red Hat OpenShift Container Platform release 4.10.50 is now available with  
updates to packages and images that fix several bugs.

Red Hat Product Security has rated this update as having a security impact  
of Low. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing  
Kubernetes application platform solution designed for on-premise or private  
cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container  
Platform 4.10.50. See the following advisory for the RPM packages for this  
release:

https://access.redhat.com/errata/RHBA-2023:0240

Security Fix(es):

* openshift: etcd grpc-proxy vulnerable to The Birthday attack against  
64-bit block cipher (CVE-2023-0296)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Space precludes documenting all of the container images in this advisory.  
See the following Release Notes documentation, which will be updated  
shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html

3. Solution:

For OpenShift Container Platform 4.10 see the following documentation,  
which will be updated shortly for this release, for important instructions  
on how to upgrade your cluster and fully apply this asynchronous errata  
update:

https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html

You may download the oc tool and use it to inspect release image metadata  
for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests  
may be found at  
https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags

The sha values for the release are:

(For x86_64 architecture)  
The image digest is  
sha256:9301ca818d705bda5981db961904f2b6e3f9adcc51e3c8e258c05950236dfc3d

(For s390x architecture)  
The image digest is  
sha256:88dd6c214ba12eb626301d40fadbf5d6d95eeaebae11f0c0fedfbfcecd1df739

(For ppc64le architecture)  
The image digest is  
sha256:baa7fe33ac04eca046892820342c19b6df02f6998f3f5e4f9471c737f6eeb301

(For aarch64 architecture)  
The image digest is  
sha256:7ac01bfe3554059f81fb573fa04cf41ca8a150b93b54d4209f4c987687e40d81

All OpenShift Container Platform 4.10 users are advised to upgrade to these  
updated packages and images when they are available in the appropriate  
release channel. To check for available updates, use the OpenShift Console  
or the CLI oc command. Instructions for upgrading a cluster are available  
at  
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html

4. Bugs fixed (https://bugzilla.redhat.com/):

2161287 - CVE-2023-0296 openshift: etcd grpc-proxy vulnerable to The Birthday attack against 64-bit block cipher

5. JIRA issues fixed (https://issues.jboss.org/):

OCPBUGS-4467 - [4.10] Improve ironic logging configuration in metal3  
OCPBUGS-4717 - Unable to use application credentials for Cinder CSI after OpenStack credentials update  
OCPBUGS-4810 - MCO does not sync kubeAPIServerServingCAData to controllerconfig if there are not ready nodes  
OCPBUGS-5294 - Backport fix for OCPBUGSM-36848 to 4.10  
OCPBUGS-5299 - [4.10] [OVN]Sometimes after reboot egress node, egress IP cannot be applied anymore.  
OCPBUGS-5415 - [OCP 4.10] ironic container images have old packages  
OCPBUGS-5419 - [release-4.10] Azure: unable to configure EgressIP if an ASG is set  
OCPBUGS-5507 - [vsphere-CSI-Driver-Operator] The storageclass "thin-csi" could not be re-created after deleting  
OCPBUGS-5788 - ClusterResourceQuota values are not reflecting.

6. References:

https://access.redhat.com/security/cve/CVE-2023-0296  
https://access.redhat.com/security/updates/classification/#low

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0QtzjgjWX9erEAQjtJw//Ts6EzkhU5+hsaIaT0j7Yq18Dai3sC7p6  
jCiHlRWPuoAcyzrvZbVv+62G9WaXWhQ9HuXOYjx/cPTCZe92ixeSrE8FQGDh9bgw  
fLVMtqH7F8zOQHRVspIgH8SzooS5A/ZGSCBG5wVSvVbJUCQViXmoz2xOH4DXjOmd  
RT42+aBT0KeTG6Dbj21g3VB/5faLxxrC8u55lVAlBGNyroVmLqKzPKKnlvpibjFV  
WJATXcV0885PXR8FVmF0CSZbkX+u1++7XVHhoqgQ/D8STZCvmIw/W21pcW8owYEc  
u0kBO8eTH8LKqiSbze88ENVogOaX+0HIgKmJ/3aMjyejSVPpIlmz3RA/gOG2Eguc  
vdrRJXwjFCY2kkFgcw0SqeZM/SGHj1VlWNHTjxG9Sj7XnVw6QHpT9cVFByCvFp72  
eL96I3Qb3qnhCBrLdtsIUoA3B/uDkjGFwMysRdNBUFl76HvTEQUQhxWbLAy6q/XC  
VlOnE+e2Kj9pfyWHbSbHHdeD/qXFoUenHWBL+Xow5Hvf8L5oGYo3tFahDrlip+6R  
btZwOF56IEXH5Q4Cy9UaAONPb+6TntvOLsjaTpYqeTToIsHRAOE4NbghIeJBUHM3  
P6i4Iy9vR0DyJRFvpCVRXqw1h1Wlo0Ru4Xo9rQpKyX0TVDHppKrpa1HD+GZgEETk  
aT/bFo7O4rg=aJSj  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0241-01

Red Hat Security Advisory 2023-0393-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a file download vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: pcs security update  
Advisory ID:       RHSA-2023:0393-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0393  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-45442  
====================================================================  
1. Summary:

An update for pcs is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux High Availability E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux High Availability TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

The pcs packages provide a command-line configuration system for the  
Pacemaker and Corosync utilities.

Security Fix(es):

* sinatra: Reflected File Download attack (CVE-2022-45442)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2153363 - CVE-2022-45442 sinatra: Reflected File Download attack

6. Package List:

Red Hat Enterprise Linux High Availability E4S (v. 8.2):

Source:  
pcs-0.10.4-6.el8_2.4.src.rpm

aarch64:  
pcs-0.10.4-6.el8_2.4.aarch64.rpm  
pcs-snmp-0.10.4-6.el8_2.4.aarch64.rpm

ppc64le:  
pcs-0.10.4-6.el8_2.4.ppc64le.rpm  
pcs-snmp-0.10.4-6.el8_2.4.ppc64le.rpm

s390x:  
pcs-0.10.4-6.el8_2.4.s390x.rpm  
pcs-snmp-0.10.4-6.el8_2.4.s390x.rpm

x86_64:  
pcs-0.10.4-6.el8_2.4.x86_64.rpm  
pcs-snmp-0.10.4-6.el8_2.4.x86_64.rpm

Red Hat Enterprise Linux High Availability TUS (v. 8.2):

Source:  
pcs-0.10.4-6.el8_2.4.src.rpm

aarch64:  
pcs-0.10.4-6.el8_2.4.aarch64.rpm  
pcs-snmp-0.10.4-6.el8_2.4.aarch64.rpm

ppc64le:  
pcs-0.10.4-6.el8_2.4.ppc64le.rpm  
pcs-snmp-0.10.4-6.el8_2.4.ppc64le.rpm

s390x:  
pcs-0.10.4-6.el8_2.4.s390x.rpm  
pcs-snmp-0.10.4-6.el8_2.4.s390x.rpm

x86_64:  
pcs-0.10.4-6.el8_2.4.x86_64.rpm  
pcs-snmp-0.10.4-6.el8_2.4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-45442  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0PNzjgjWX9erEAQgNkA//edHjahjCaKOYb3cR/ahSnNXjhhl/x4nM  
lX18WSd2PpJ1KvUbVBXo2BL0jlfDBwTpFvdJmzTcxjrEM10i0B84c4DJDJfmcdI0  
CWnh85UpwUpTGvqhxUpf8EWDNh6yrLrdDh1RjBc765/Ldy4ai67cqoCv2FzkCBRo  
sPtPQBLt6eVME/39tarbX3mwN6JUGPEiXmSkKv2KqN+Jf4kLzLjrs4Cj0/V0WXrW  
MZwMnVnfKqL+XerOCincbCvwfNByfN0seVj9wIkOaAu+Zz4YASXzZl8wtbkN3Gr5  
UV0vZ68MegZPTLsvre+inn2DIQfBOH1xxN352Vz1q3lBu2TnyC/mC0Leun2lK7bY  
rbG7pz3piN4xOZNvOcPl0id0d6DMauDdZnNv9kF/A7K9EbqooMaR/H1I3CgsqIuo  
p3Mvrfx7GuLFUyGNkUMV5Gkm9Gdc64JLXFVA3kqTitp36dr2APx//D5KDbAZfWG3  
fnTJgIRovcE0+/dt6RfFkFDufBh7vKYJLIf/2+GBKnDjTEXzjus627VSBXx3Z2wM  
4fWCZe7YfYvQY0lxQMOKIXC1l5T+9LFgOnl7FcsgU/krR17pwU0zRBKOdKC8SsPa  
R1Lz0b/NKPh6ABykjKyoI/irdnp8Xy8M++98UsQHkI4oMvebl/nsx5BAjlzanBSZ  
FhiArI4ug2Y=YPWO  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0393-01

Red Hat Security Advisory 2023-0392-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update  
Advisory ID:       RHSA-2023:0392-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0392  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-2964  
====================================================================  
1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2  
Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time TUS (v. 8.2) - x86_64  
Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables  
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: memory corruption in AX88179_178A based USB ethernet device.  
(CVE-2022-2964)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update RT source tree to the latest RHEL-8.2.z23 Batch  
(BZ#2150054)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.

6. Package List:

Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-kvm-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-kvm-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm

Red Hat Enterprise Linux Real Time TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2964  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0MdzjgjWX9erEAQgYNg/+Ipq5YS9wIOgpCHH0axNZfwlj0alPuDJ0  
pVF0ybrNBP8cZmMSY5b/Duh6YCVI2bK0rk6JpHgIYZR9PfidY3jfoU4g57fSylD9  
rHCcvn6siPf/kUuMKrLQsck+AHZiN89+6kMQ1KEaswCAglvzSlY3ezTPiT6sVRO9  
6rcbDALmqVP8VI4L/5KkmarEBBtXVZDr33kynclP4Urlo1PlYsdj84WtFlJ+NZ7A  
zUxr9SQ3f55nWzM4SbJ6i1W+Or3G8W1Yw198TzldWF3hhvDQ2nVtRLJKKtS5idse  
r8Jk+NFYAMHPRM3HhVZrSaJAhw7KvrxswEhuH+up9j8ev55vBPEnWSCBZ0Jckwkl  
uopPd6yodQN+zzOOFCHsJZrGWyk93tVLRqvv6cx/qucI27EE80sIAqydXZP1AeXs  
aBRRL+AuVmud1R9iBZ17aKgklxLbIUmLEHfWgFktyy+Rb19qUUn1jyiUond8tHUT  
Sb4u1sB21UrOE/N8M6dd+xcZ8d2qnnJbb0I0XoK7uVNb/afCSzvAzCMJJRbbqSn7  
orKkqvJdY/5TSWO0PefN1+XP9IwXsT5UIolALzN8ct5vEhLvOfQUa9ULQroFSJyC  
F4IPeOu/c/mR1wOqRUcK2p9bVGQpZB5doVBhPpBr5LL9WjYV0GhnkLuhkYQ5+0OR  
OU0B0JMMVHc=Idrx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Source

Packet Storm