Red Hat Security Advisory 2023-2234-01 - The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: sysstat security and bug fix update  
Advisory ID:       RHSA-2023:2234-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2234  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-39377  
====================================================================  
1. Summary:

An update for sysstat is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The sysstat packages provide the sar and iostat commands. These commands  
enable system monitoring of disk, network, and other I/O activity.

Security Fix(es):

* sysstat: arithmetic overflow in allocate_structures() on 32 bit systems  
(CVE-2022-39377)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2141207 - CVE-2022-39377 sysstat: arithmetic overflow in allocate_structures() on 32 bit systems

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
sysstat-12.5.4-5.el9.src.rpm

aarch64:  
sysstat-12.5.4-5.el9.aarch64.rpm  
sysstat-debuginfo-12.5.4-5.el9.aarch64.rpm  
sysstat-debugsource-12.5.4-5.el9.aarch64.rpm

ppc64le:  
sysstat-12.5.4-5.el9.ppc64le.rpm  
sysstat-debuginfo-12.5.4-5.el9.ppc64le.rpm  
sysstat-debugsource-12.5.4-5.el9.ppc64le.rpm

s390x:  
sysstat-12.5.4-5.el9.s390x.rpm  
sysstat-debuginfo-12.5.4-5.el9.s390x.rpm  
sysstat-debugsource-12.5.4-5.el9.s390x.rpm

x86_64:  
sysstat-12.5.4-5.el9.x86_64.rpm  
sysstat-debuginfo-12.5.4-5.el9.x86_64.rpm  
sysstat-debugsource-12.5.4-5.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-39377  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo1A9zjgjWX9erEAQir4g//XX4H0LjGGWdR0AAyuy9uG8FI0CLqk56O  
gOdGdJ8x0H0t3VASRC/ebotFIwx8LFi8hDVXQ9zPkn3CfnnfdWwD/Eyt34GIETDr  
YZa+8bClxZMQxgFFQRDJJ4FbpFRltbAfakXdWVACVgbMGs7vkbVIPPUSfcCXQfyv  
YItQew/n/wYn1Cr8uxJplx5GmQzhlEfsc1kqf7EcVftvh4UFrF7Z42nxtKirmdxK  
hqSfV9YMUvWsq2JdkDcFTiZVnK2jij4bKMwrpIvZrkZwJz3w5FcU+IwDj3B+J42p  
Z/avVq3T1qUGlBCRv0bNvL+onGqbrDmJRHbbi4Z78XIpRN3CDFlD+iMLBgpTAwSw  
Na0H1DO2ta1aUa/0ZOv6b0wcFuJEnIDLW5eOQgbL4VkYEQOGX3x2iRgpQiI++z0r  
vIn49E13rTuHcRV3RSAfFwGlO2ZZCHVAYwACadl8dTSdZiiEsHfwDbK2j7kmajQH  
+rRkb0naXa+BrVKFIfjua/y/FrUvgOnNkW2RjCFMvH4VVIFedx0OjFR11payT91S  
hwt9C2/xoDJRqPlCnbMzFVBg7yAW0foIHtb7WMQ6jJRecAKDoLhUDcNSeWUgQV/f  
bEQvB4Zlk2kqd7/dNChhxDfk5om13319h19NESJ+r/CoO/2ssRXQT9kHGbJKYudi  
vfbXV8qBX8o=K3qT  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2234-01

Red Hat Security Advisory 2023-2626-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: emacs security update  
Advisory ID:       RHSA-2023:2626-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2626  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-48337 CVE-2022-48338 CVE-2022-48339  
                   CVE-2023-2491  
====================================================================  
1. Summary:

An update for emacs is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

GNU Emacs is a powerful, customizable, self-documenting text editor. It  
provides special code editing features, a scripting language (elisp), and  
the capability to read e-mail and news.

Security Fix(es):

* emacs: Regression of CVE-2023-28617 fixes in the Red Hat Enterprise Linux  
(CVE-2023-2491)

* emacs: command execution via shell metacharacters (CVE-2022-48337)

* emacs: local command injection in ruby-mode.el (CVE-2022-48338)

* emacs: command injection vulnerability in htmlfontify.el (CVE-2022-48339)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2171987 - CVE-2022-48337 emacs: command execution via shell metacharacters  
2171988 - CVE-2022-48338 emacs: local command injection in ruby-mode.el  
2171989 - CVE-2022-48339 emacs: command injection vulnerability in htmlfontify.el  
2192873 - CVE-2023-2491 emacs: Regression of CVE-2023-28617 fixes in the Red Hat Enterprise Linux

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
emacs-27.2-8.el9_2.1.src.rpm

aarch64:  
emacs-27.2-8.el9_2.1.aarch64.rpm  
emacs-common-27.2-8.el9_2.1.aarch64.rpm  
emacs-common-debuginfo-27.2-8.el9_2.1.aarch64.rpm  
emacs-debuginfo-27.2-8.el9_2.1.aarch64.rpm  
emacs-debugsource-27.2-8.el9_2.1.aarch64.rpm  
emacs-lucid-27.2-8.el9_2.1.aarch64.rpm  
emacs-lucid-debuginfo-27.2-8.el9_2.1.aarch64.rpm  
emacs-nox-27.2-8.el9_2.1.aarch64.rpm  
emacs-nox-debuginfo-27.2-8.el9_2.1.aarch64.rpm

noarch:  
emacs-filesystem-27.2-8.el9_2.1.noarch.rpm

ppc64le:  
emacs-27.2-8.el9_2.1.ppc64le.rpm  
emacs-common-27.2-8.el9_2.1.ppc64le.rpm  
emacs-common-debuginfo-27.2-8.el9_2.1.ppc64le.rpm  
emacs-debuginfo-27.2-8.el9_2.1.ppc64le.rpm  
emacs-debugsource-27.2-8.el9_2.1.ppc64le.rpm  
emacs-lucid-27.2-8.el9_2.1.ppc64le.rpm  
emacs-lucid-debuginfo-27.2-8.el9_2.1.ppc64le.rpm  
emacs-nox-27.2-8.el9_2.1.ppc64le.rpm  
emacs-nox-debuginfo-27.2-8.el9_2.1.ppc64le.rpm

s390x:  
emacs-27.2-8.el9_2.1.s390x.rpm  
emacs-common-27.2-8.el9_2.1.s390x.rpm  
emacs-common-debuginfo-27.2-8.el9_2.1.s390x.rpm  
emacs-debuginfo-27.2-8.el9_2.1.s390x.rpm  
emacs-debugsource-27.2-8.el9_2.1.s390x.rpm  
emacs-lucid-27.2-8.el9_2.1.s390x.rpm  
emacs-lucid-debuginfo-27.2-8.el9_2.1.s390x.rpm  
emacs-nox-27.2-8.el9_2.1.s390x.rpm  
emacs-nox-debuginfo-27.2-8.el9_2.1.s390x.rpm

x86_64:  
emacs-27.2-8.el9_2.1.x86_64.rpm  
emacs-common-27.2-8.el9_2.1.x86_64.rpm  
emacs-common-debuginfo-27.2-8.el9_2.1.x86_64.rpm  
emacs-debuginfo-27.2-8.el9_2.1.x86_64.rpm  
emacs-debugsource-27.2-8.el9_2.1.x86_64.rpm  
emacs-lucid-27.2-8.el9_2.1.x86_64.rpm  
emacs-lucid-debuginfo-27.2-8.el9_2.1.x86_64.rpm  
emacs-nox-27.2-8.el9_2.1.x86_64.rpm  
emacs-nox-debuginfo-27.2-8.el9_2.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-48337  
https://access.redhat.com/security/cve/CVE-2022-48338  
https://access.redhat.com/security/cve/CVE-2022-48339  
https://access.redhat.com/security/cve/CVE-2023-2491  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo1BtzjgjWX9erEAQhtpxAAoYp1zA1tl18b1JFFsuK7CcZQNgmeASuh  
GoEOuOn1fS0dq5J63UuUEcVg3x2oI5hsrgsQSpEbUt+Ehm/4S9gaIm0UZQmjraE+  
8UcshzgQAku2+XKpNw63HE7iKZF8M42C9AFDkUuOAYywwMmFBF+uJKG+Brc+Ah7e  
fOtQBVu5zsDiD0GRq4p+52MJ+MxRKlIernJXlPA7TX3UV3rWBApgnXpiDsnMbEsx  
D+N9sXVnks5Gxq9K1XMqEwKTUuGCdmTZroRqrwwlPs17nXfpxadXf/6v7vLbPICs  
7tEJFHB30/KgL/vUs8Tl5iLVlH96z1FNRU1yLYkETjGuamNJGX00iMlGxIJjPrlx  
YVvgJjk0KFeNFhliJtXWgwLElsdWszIafMuCPU7OTUzpowsak3+h7oErVtoSjJpb  
EP/SouzhBqbyMI1VllcM6bcmhvU4DM8NnIL/N3lJSZwXYnubI82zlj/m82c99210  
H+WJii45v6D+h904FmWaB6Q+GsaqRYvKbZ22eMTAbye5CzIM55LrV56TVx7Ahl1Z  
zs/5MmXcmod8TiKONQtlM9BVcVf3nb1NgxKTDeRzAkwBeCrH/zVh4z0+aNeQTVJO  
1xE1bhGSDO311P6dODjOEg7HyUbsMIP2vFU7ULSqLzXtXmaICltBGhDzEGr26dq5  
qM/56o0jSioÌtx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2626-01

Red Hat Security Advisory 2023-2204-01 - Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: Image Builder security, bug fix, and enhancement update  
Advisory ID:       RHSA-2023:2204-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2204  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-2879 CVE-2022-2880 CVE-2022-27664  
                   CVE-2022-41715 CVE-2022-41717  
====================================================================  
1. Summary:

An update for cockpit-composer, osbuild, osbuild-composer, and weldr-client  
is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Image Builder is a service for building customized OS artifacts, such as VM  
images and OSTree commits, that uses osbuild under the hood.

Security Fix(es):

* golang: archive/tar: unbounded memory consumption when reading headers  
(CVE-2022-2879)

* golang: net/http/httputil: ReverseProxy should not forward unparseable  
query parameters (CVE-2022-2880)

* golang: net/http: handle server errors after sending GOAWAY  
(CVE-2022-27664)

* golang: regexp/syntax: limit memory used by parsing regexps  
(CVE-2022-41715)

* golang: net/http: An attacker can cause excessive memory growth in a Go  
server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2119980 - edge-installer ISO install failed at dracut-initqueue timeout  
2122843 - coreos-installer-0.15.0-2.el9 does not work with osbuild-composer-62-1.el9  
2123373 - edge images default to LVM [rhel-9.2.0]  
2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY  
2125249 - podman network backend does not switch to netavark when embedding container in image [rhel-9.2.0]  
2132250 - Update Image Builder suite of projects to their latest upstream releases [RHEL-9.2]  
2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers  
2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters  
2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps  
2136504 - osbuild-composer can't access /var/cache/osbuild-composer/rpmmd on package upgrade from 9.0  
2137364 - composer-cli blueprints show command fails when firewall customization is included in a blueprint  
2139645 - [cockpit-composer] RHEL 9.2 Tier 0 Localization  
2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests  
2164560 - Rebase to weldr-client v35.9  
2174158 - systemd units aren't enabled/started using ignition  
2177699 - Composer is not setting the rpm stage options in the os pipeline correctly for payload repositories

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
cockpit-composer-45-1.el9_2.src.rpm  
osbuild-81-1.el9.src.rpm  
osbuild-composer-76-2.el9_2.src.rpm  
weldr-client-35.9-1.el9.src.rpm

aarch64:  
osbuild-composer-76-2.el9_2.aarch64.rpm  
osbuild-composer-core-76-2.el9_2.aarch64.rpm  
osbuild-composer-core-debuginfo-76-2.el9_2.aarch64.rpm  
osbuild-composer-debuginfo-76-2.el9_2.aarch64.rpm  
osbuild-composer-debugsource-76-2.el9_2.aarch64.rpm  
osbuild-composer-dnf-json-76-2.el9_2.aarch64.rpm  
osbuild-composer-tests-debuginfo-76-2.el9_2.aarch64.rpm  
osbuild-composer-worker-76-2.el9_2.aarch64.rpm  
osbuild-composer-worker-debuginfo-76-2.el9_2.aarch64.rpm  
weldr-client-35.9-1.el9.aarch64.rpm  
weldr-client-debuginfo-35.9-1.el9.aarch64.rpm  
weldr-client-debugsource-35.9-1.el9.aarch64.rpm  
weldr-client-tests-debuginfo-35.9-1.el9.aarch64.rpm

noarch:  
cockpit-composer-45-1.el9_2.noarch.rpm  
osbuild-81-1.el9.noarch.rpm  
osbuild-luks2-81-1.el9.noarch.rpm  
osbuild-lvm2-81-1.el9.noarch.rpm  
osbuild-ostree-81-1.el9.noarch.rpm  
osbuild-selinux-81-1.el9.noarch.rpm  
python3-osbuild-81-1.el9.noarch.rpm

ppc64le:  
osbuild-composer-76-2.el9_2.ppc64le.rpm  
osbuild-composer-core-76-2.el9_2.ppc64le.rpm  
osbuild-composer-core-debuginfo-76-2.el9_2.ppc64le.rpm  
osbuild-composer-debuginfo-76-2.el9_2.ppc64le.rpm  
osbuild-composer-debugsource-76-2.el9_2.ppc64le.rpm  
osbuild-composer-dnf-json-76-2.el9_2.ppc64le.rpm  
osbuild-composer-tests-debuginfo-76-2.el9_2.ppc64le.rpm  
osbuild-composer-worker-76-2.el9_2.ppc64le.rpm  
osbuild-composer-worker-debuginfo-76-2.el9_2.ppc64le.rpm  
weldr-client-35.9-1.el9.ppc64le.rpm  
weldr-client-debuginfo-35.9-1.el9.ppc64le.rpm  
weldr-client-debugsource-35.9-1.el9.ppc64le.rpm  
weldr-client-tests-debuginfo-35.9-1.el9.ppc64le.rpm

s390x:  
osbuild-composer-76-2.el9_2.s390x.rpm  
osbuild-composer-core-76-2.el9_2.s390x.rpm  
osbuild-composer-core-debuginfo-76-2.el9_2.s390x.rpm  
osbuild-composer-debuginfo-76-2.el9_2.s390x.rpm  
osbuild-composer-debugsource-76-2.el9_2.s390x.rpm  
osbuild-composer-dnf-json-76-2.el9_2.s390x.rpm  
osbuild-composer-tests-debuginfo-76-2.el9_2.s390x.rpm  
osbuild-composer-worker-76-2.el9_2.s390x.rpm  
osbuild-composer-worker-debuginfo-76-2.el9_2.s390x.rpm  
weldr-client-35.9-1.el9.s390x.rpm  
weldr-client-debuginfo-35.9-1.el9.s390x.rpm  
weldr-client-debugsource-35.9-1.el9.s390x.rpm  
weldr-client-tests-debuginfo-35.9-1.el9.s390x.rpm

x86_64:  
osbuild-composer-76-2.el9_2.x86_64.rpm  
osbuild-composer-core-76-2.el9_2.x86_64.rpm  
osbuild-composer-core-debuginfo-76-2.el9_2.x86_64.rpm  
osbuild-composer-debuginfo-76-2.el9_2.x86_64.rpm  
osbuild-composer-debugsource-76-2.el9_2.x86_64.rpm  
osbuild-composer-dnf-json-76-2.el9_2.x86_64.rpm  
osbuild-composer-tests-debuginfo-76-2.el9_2.x86_64.rpm  
osbuild-composer-worker-76-2.el9_2.x86_64.rpm  
osbuild-composer-worker-debuginfo-76-2.el9_2.x86_64.rpm  
weldr-client-35.9-1.el9.x86_64.rpm  
weldr-client-debuginfo-35.9-1.el9.x86_64.rpm  
weldr-client-debugsource-35.9-1.el9.x86_64.rpm  
weldr-client-tests-debuginfo-35.9-1.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2879  
https://access.redhat.com/security/cve/CVE-2022-2880  
https://access.redhat.com/security/cve/CVE-2022-27664  
https://access.redhat.com/security/cve/CVE-2022-41715  
https://access.redhat.com/security/cve/CVE-2022-41717  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo0YNzjgjWX9erEAQifuA/+PkemZDLvpIEurj3RfuiqWEHWVfNeZykF  
IaduyRNaNZA5nkErwV6D5X+bm0YUdgMB6H7Rn5HhxdckGlE6k3Oq2mZillW2wKDe  
gZ3kwRmyIlkQLnuOZgVkTUInYUzhvBdPhlVXD/kNnYACMSX9jbx1xNE0zvxN92LR  
t2APv2qGfvZNkpckaqJInWo7TAitoihRJUozy1KsCohE1NAGbS9qMlWFaH89f9rO  
3etteClVQ/z2KQXqXgqkuykxuhJut75Uvvicw+sP4YM5bn4D/S+dxTrIzlg2QO7/  
amdkYRuL6GFa0mWIm83rbBcQELdMxHDjyLLU55nq+1P6SzxdON9PZD9uMjkRIpqK  
EptDRmAjCRsejolK1Lo+vjxLZ3ZpSOznUh5LBVDkFvDoJfFmokqMEneIt1U6wB+q  
Me5IffE+bpQrdyg0IWYnoefDrgQXaiM27q5MJeUsHiOI8OGoJFFfrnUmHtCJNrzq  
XF7X3rt4sAiqR764uJoiiPEDadc4Vaor8hH9h1yQbmIe2Sk4g/56yREBk8Ozvif4  
lm/W7b7njMfUk+mmPAxKI7Ycl+nriqJ+PHIHJ8DFzRIC/H8g1hK2i2EZL8SZQxma  
r+7FeuGuayfYh42tFryan43AcwqPNs4UZen7YKTiQY6nQ3WOcR+h5bjnKtHWPc/3  
dTmHXPE5js0=kIXE  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2204-01

Red Hat Security Advisory 2023-2148-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, out of bounds read, privilege escalation, traversal, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update  
Advisory ID:       RHSA-2023:2148-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2148  
Issue date:        2023-05-09  
CVE Names:         CVE-2021-26341 CVE-2021-33655 CVE-2022-1462  
                   CVE-2022-1789 CVE-2022-1882 CVE-2022-2196  
                   CVE-2022-2663 CVE-2022-3028 CVE-2022-3435  
                   CVE-2022-3522 CVE-2022-3524 CVE-2022-3566  
                   CVE-2022-3567 CVE-2022-3619 CVE-2022-3623  
                   CVE-2022-3625 CVE-2022-3628 CVE-2022-3640  
                   CVE-2022-3707 CVE-2022-4128 CVE-2022-4129  
                   CVE-2022-20141 CVE-2022-21505 CVE-2022-28388  
                   CVE-2022-33743 CVE-2022-39188 CVE-2022-39189  
                   CVE-2022-41674 CVE-2022-42703 CVE-2022-42720  
                   CVE-2022-42721 CVE-2022-42722 CVE-2022-42896  
                   CVE-2022-43750 CVE-2022-47929 CVE-2023-0394  
                   CVE-2023-0461 CVE-2023-0590 CVE-2023-1195  
                   CVE-2023-1382  
====================================================================  
1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux NFV (v. 9) - x86_64  
Red Hat Enterprise Linux RT (v. 9) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables  
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* use-after-free in l2cap_connect and l2cap_le_connect_req in  
net/bluetooth/l2cap_core.c (CVE-2022-42896)

* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)

* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct  
branch (CVE-2021-26341)

* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory  
(CVE-2021-33655)

* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)

* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)

* use-after-free in free_pipe_info() could lead to privilege escalation  
(CVE-2022-1882)

* KVM: nVMX: missing IBPB when exiting from nested guest can lead to  
Spectre v2 attacks (CVE-2022-2196)

* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)

* race condition in xfrm_probe_algs can lead to OOB read/write  
(CVE-2022-3028)

* out-of-bounds read in fib_nh_match of the file net/ipv4/fib_semantics.c  
(CVE-2022-3435)

* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)

* memory leak in ipv6_renew_options() (CVE-2022-3524)

* data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)

* data races around sk->sk_prot (CVE-2022-3567)

* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c  
(CVE-2022-3619)

* denial of service in follow_page_pte in mm/gup.c due to poisoned pte  
entry (CVE-2022-3623)

* use-after-free after failed devlink reload in devlink_param_get  
(CVE-2022-3625)

* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)

* use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c  
(CVE-2022-3640)

* Double-free in split_2MB_gtt_entry when function  
intel_gvt_dma_map_guest_page failed (CVE-2022-3707)

* mptcp: NULL pointer dereference in subflow traversal at disconnect time  
(CVE-2022-4128)

* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer  
dereference (CVE-2022-4129)

* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet  
sockets (CVE-2022-20141)

* lockdown bypass using IMA (CVE-2022-21505)

* double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c  
(CVE-2022-28388)

* network backend may cause Linux netfront to use freed SKBs (XSA-405)  
(CVE-2022-33743)

* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to  
stale TLB entry (CVE-2022-39188)

* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading  
to guest malfunctioning (CVE-2022-39189)

* u8 overflow problem in cfg80211_update_notlisted_nontrans()  
(CVE-2022-41674)

* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)

* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)

* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c  
(CVE-2022-42721)

* Denial of service in beacon protection for P2P-device (CVE-2022-42722)

* memory corruption in usbmon driver (CVE-2022-43750)

* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)

* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)

* use-after-free due to race condition in qdisc_graft() (CVE-2023-0590)

* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c  
(CVE-2023-1195)

* denial of service in tipc_conn_close (CVE-2023-1382)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2061703 - CVE-2021-26341 hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch  
2073091 - CVE-2022-28388 kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c  
2078466 - CVE-2022-1462 kernel: possible race condition in drivers/tty/tty_buffers.c  
2089701 - CVE-2022-1882 kernel: use-after-free in free_pipe_info() could lead to privilege escalation  
2090723 - CVE-2022-1789 kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva  
2106830 - CVE-2022-21505 kernel: lockdown bypass using IMA  
2107924 - CVE-2022-33743 kernel: network backend may cause Linux netfront to use freed SKBs (XSA-405)  
2108691 - CVE-2021-33655 kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory  
2114937 - CVE-2022-20141 kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets  
2122228 - CVE-2022-3028 kernel: race condition in xfrm_probe_algs can lead to OOB read/write  
2123056 - CVE-2022-2663 kernel: netfilter: nf_conntrack_irc message handling issue  
2124788 - CVE-2022-39189 kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning  
2130141 - CVE-2022-39188 kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry  
2133483 - CVE-2022-42703 kernel: use-after-free related to leaf anon_vma double reuse  
2133490 - CVE-2022-3435 kernel: out-of-bounds read in fib_nh_match of the file net/ipv4/fib_semantics.c  
2134377 - CVE-2022-41674 kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans()  
2134380 - CVE-2022-4128 kernel: mptcp: NULL pointer dereference in subflow traversal at disconnect time  
2134451 - CVE-2022-42720 kernel: use-after-free in bss_ref_get in net/wireless/scan.c  
2134506 - CVE-2022-42721 kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c  
2134517 - CVE-2022-42722 kernel: Denial of service in beacon protection for P2P-device  
2134528 - CVE-2022-4129 kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference  
2137979 - CVE-2022-3707 kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed  
2139610 - CVE-2022-3640 kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c  
2143893 - CVE-2022-3566 kernel: data races around icsk->icsk_af_ops in do_ipv6_setsockopt  
2143943 - CVE-2022-3567 kernel: data races around sk->sk_prot  
2144720 - CVE-2022-3625 kernel: use-after-free after failed devlink reload in devlink_param_get  
2147364 - CVE-2022-42896 kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c  
2150947 - CVE-2022-3524 kernel: memory leak in ipv6_renew_options()  
2150960 - CVE-2022-3628 kernel: USB-accessible buffer overflow in brcmfmac  
2150979 - CVE-2022-3522 kernel: race condition in hugetlb_no_page() in mm/hugetlb.c  
2151270 - CVE-2022-43750 kernel: memory corruption in usbmon driver  
2154171 - CVE-2023-1195 kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c  
2154235 - CVE-2022-3619 kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c  
2160023 - CVE-2022-2196 kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks  
2162120 - CVE-2023-0394 kernel: NULL pointer dereference in rawv6_push_pending_frames  
2165721 - CVE-2022-3623 kernel: denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry  
2165741 - CVE-2023-0590 kernel: use-after-free due to race condition in qdisc_graft()  
2168246 - CVE-2022-47929 kernel: NULL pointer dereference in traffic control subsystem  
2176192 - CVE-2023-0461 kernel: net/ulp: use-after-free in listening ULP sockets  
2177371 - CVE-2023-1382 kernel: denial of service in tipc_conn_close

6. Package List:

Red Hat Enterprise Linux NFV (v. 9):

Source:  
kernel-rt-5.14.0-284.11.1.rt14.296.el9_2.src.rpm

x86_64:  
kernel-rt-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-core-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-core-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-debuginfo-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-devel-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-kvm-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-modules-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-modules-core-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-modules-extra-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debuginfo-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-devel-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-kvm-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-modules-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-modules-core-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-modules-extra-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm

Red Hat Enterprise Linux RT (v. 9):

Source:  
kernel-rt-5.14.0-284.11.1.rt14.296.el9_2.src.rpm

x86_64:  
kernel-rt-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-core-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-core-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-debuginfo-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-devel-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-modules-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-modules-core-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debug-modules-extra-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debuginfo-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-devel-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-modules-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-modules-core-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm  
kernel-rt-modules-extra-5.14.0-284.11.1.rt14.296.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-26341  
https://access.redhat.com/security/cve/CVE-2021-33655  
https://access.redhat.com/security/cve/CVE-2022-1462  
https://access.redhat.com/security/cve/CVE-2022-1789  
https://access.redhat.com/security/cve/CVE-2022-1882  
https://access.redhat.com/security/cve/CVE-2022-2196  
https://access.redhat.com/security/cve/CVE-2022-2663  
https://access.redhat.com/security/cve/CVE-2022-3028  
https://access.redhat.com/security/cve/CVE-2022-3435  
https://access.redhat.com/security/cve/CVE-2022-3522  
https://access.redhat.com/security/cve/CVE-2022-3524  
https://access.redhat.com/security/cve/CVE-2022-3566  
https://access.redhat.com/security/cve/CVE-2022-3567  
https://access.redhat.com/security/cve/CVE-2022-3619  
https://access.redhat.com/security/cve/CVE-2022-3623  
https://access.redhat.com/security/cve/CVE-2022-3625  
https://access.redhat.com/security/cve/CVE-2022-3628  
https://access.redhat.com/security/cve/CVE-2022-3640  
https://access.redhat.com/security/cve/CVE-2022-3707  
https://access.redhat.com/security/cve/CVE-2022-4128  
https://access.redhat.com/security/cve/CVE-2022-4129  
https://access.redhat.com/security/cve/CVE-2022-20141  
https://access.redhat.com/security/cve/CVE-2022-21505  
https://access.redhat.com/security/cve/CVE-2022-28388  
https://access.redhat.com/security/cve/CVE-2022-33743  
https://access.redhat.com/security/cve/CVE-2022-39188  
https://access.redhat.com/security/cve/CVE-2022-39189  
https://access.redhat.com/security/cve/CVE-2022-41674  
https://access.redhat.com/security/cve/CVE-2022-42703  
https://access.redhat.com/security/cve/CVE-2022-42720  
https://access.redhat.com/security/cve/CVE-2022-42721  
https://access.redhat.com/security/cve/CVE-2022-42722  
https://access.redhat.com/security/cve/CVE-2022-42896  
https://access.redhat.com/security/cve/CVE-2022-43750  
https://access.redhat.com/security/cve/CVE-2022-47929  
https://access.redhat.com/security/cve/CVE-2023-0394  
https://access.redhat.com/security/cve/CVE-2023-0461  
https://access.redhat.com/security/cve/CVE-2023-0590  
https://access.redhat.com/security/cve/CVE-2023-1195  
https://access.redhat.com/security/cve/CVE-2023-1382  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo0NtzjgjWX9erEAQhskQ//eAqMI93djEsADoo5zb3EO3xEGrb//Im2  
ptPycHLLL6ZG+t/+1PiMk/e8LwhV2hrxz7nzc4xh8tNO4TRuF0WK/sR8Iv4y6/Fs  
95X25NgEndOlHk7uUVgEdTYvZnpNh27XJwyEHDu6HV8suxY6gfbYHqV7zlkGBi43  
zQA+sfEDXFVfvLug/RpaD0J7wXc0JyUoG4OratWV1E37zw9mNPSX1P0bFy4QoKXL  
rhG1Xc+qSWK3kjnJjpeU8nIJGhL2oJDFVuICkiC+aEp7C//DE1TA7L7u3Z+7Tou/  
BpPmjMyfXF/UQYZtJCrCRiTj/RsRIqaUSoy3/3MO8jxVMR6FIm/QTjY63JCGfj6A  
OahLv77oKDJXuHQQ7JkHycKMOc+JfX/ZNtxtgn2gYFfpjPTY/klTJP8iM9KhnTuQ  
2lF5jvYJihYhGio+cyl5Ad/XmzsHh7cTQR3XKtNa7p9/+QkAKt10LhbzxvebThFd  
cZtLUsdph4wO6T+RrZ5XdwvOSox1C40mfOnwJO41M/9GXPHoxhmwrZYBWKE1PY0J  
Jq9m+pYgKv+ioTW1FWloM22mu0PW/L5F3djzAVujShX0iRgfW2Aao3n+L8A22bYD  
Q+5LbFsWZwpeK7zXgXocJlY7j667sT9UGqBwk4xMfAiS5A0p2Zo1rkIre2lvmF2D  
JJU7NBGa9VU=YrUX  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2148-01

Red Hat Security Advisory 2023-2458-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, out of bounds read, privilege escalation, traversal, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-2458-01

Red Hat Security Advisory 2023-2256-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, information leakage, out of bounds write, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: webkit2gtk3 security and bug fix update  
Advisory ID:       RHSA-2023:2256-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2256  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-32886 CVE-2022-32888 CVE-2022-32923  
                   CVE-2022-42799 CVE-2022-42823 CVE-2022-42824  
                   CVE-2022-42826 CVE-2022-42852 CVE-2022-42863  
                   CVE-2022-42867 CVE-2022-46691 CVE-2022-46692  
                   CVE-2022-46698 CVE-2022-46699 CVE-2022-46700  
                   CVE-2023-23517 CVE-2023-23518 CVE-2023-25358  
                   CVE-2023-25360 CVE-2023-25361 CVE-2023-25362  
                   CVE-2023-25363  
====================================================================  
1. Summary:

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the  
GTK platform.

Security Fix(es):

* webkitgtk: use-after-free issue leading to arbitrary code execution  
(CVE-2022-42826)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2023-23517)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2023-23518)

* webkitgtk: buffer overflow issue was addressed with improved memory  
handling (CVE-2022-32886)

* webkitgtk: out-of-bounds write issue was addressed with improved bounds  
checking (CVE-2022-32888)

* webkitgtk: correctness issue in the JIT was addressed with improved  
checks (CVE-2022-32923)

* webkitgtk: issue was addressed with improved UI handling (CVE-2022-42799)

* webkitgtk: type confusion issue leading to arbitrary code execution  
(CVE-2022-42823)

* webkitgtk: sensitive information disclosure issue (CVE-2022-42824)

* webkitgtk: memory disclosure issue was addressed with improved memory  
handling (CVE-2022-42852)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-42863)

* webkitgtk: use-after-free issue leading to arbitrary code execution  
(CVE-2022-42867)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46691)

* webkitgtk: Same Origin Policy bypass issue (CVE-2022-46692)

* webkitgtk: logic issue leading to user information disclosure  
(CVE-2022-46698)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46699)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46700)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()  
(CVE-2023-25358)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer()  
(CVE-2023-25360)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()  
(CVE-2023-25361)

* webkitgtk: heap-use-after-free in  
WebCore::RenderLayer::repaintBlockSelectionGaps() (CVE-2023-25362)

* webkitgtk: heap-use-after-free in  
WebCore::RenderLayer::updateDescendantDependentFlags() (CVE-2023-25363)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2127467 - Upgrade WebKitGTK for RHEL 9.2  
2128643 - CVE-2022-32886 webkitgtk: buffer overflow issue was addressed with improved memory handling  
2140501 - CVE-2022-32888 webkitgtk: out-of-bounds write issue was addressed with improved bounds checking  
2140502 - CVE-2022-32923 webkitgtk: correctness issue in the JIT was addressed with improved checks  
2140503 - CVE-2022-42799 webkitgtk: issue was addressed with improved UI handling  
2140504 - CVE-2022-42824 webkitgtk: sensitive information disclosure issue  
2140505 - CVE-2022-42823 webkitgtk: type confusion issue leading to arbitrary code execution  
2156986 - CVE-2022-42852 webkitgtk: memory disclosure issue was addressed with improved memory handling  
2156987 - CVE-2022-42863 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156989 - CVE-2022-42867 webkitgtk: use-after-free issue leading to arbitrary code execution  
2156990 - CVE-2022-46691 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156991 - CVE-2022-46692 webkitgtk: Same Origin Policy bypass issue  
2156992 - CVE-2022-46698 webkitgtk: logic issue leading to user information disclosure  
2156993 - CVE-2022-46699 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156994 - CVE-2022-46700 webkitgtk: memory corruption issue leading to arbitrary code execution  
2167715 - CVE-2023-23518 webkitgtk: memory corruption issue leading to arbitrary code execution  
2167716 - CVE-2022-42826 webkitgtk: use-after-free issue leading to arbitrary code execution  
2167717 - CVE-2023-23517 webkitgtk: memory corruption issue leading to arbitrary code execution  
2175099 - CVE-2023-25358 webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()  
2175101 - CVE-2023-25360 webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer()  
2175103 - CVE-2023-25361 webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()  
2175105 - CVE-2023-25362 webkitgtk: heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps()  
2175107 - CVE-2023-25363 webkitgtk: heap-use-after-free in WebCore::RenderLayer::updateDescendantDependentFlags()

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
webkit2gtk3-2.38.5-1.el9.src.rpm

aarch64:  
webkit2gtk3-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-devel-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.aarch64.rpm

ppc64le:  
webkit2gtk3-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-devel-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm

s390x:  
webkit2gtk3-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-devel-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.s390x.rpm

x86_64:  
webkit2gtk3-2.38.5-1.el9.i686.rpm  
webkit2gtk3-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.i686.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.i686.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-devel-2.38.5-1.el9.i686.rpm  
webkit2gtk3-devel-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.i686.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.i686.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.i686.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.i686.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.i686.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-32886  
https://access.redhat.com/security/cve/CVE-2022-32888  
https://access.redhat.com/security/cve/CVE-2022-32923  
https://access.redhat.com/security/cve/CVE-2022-42799  
https://access.redhat.com/security/cve/CVE-2022-42823  
https://access.redhat.com/security/cve/CVE-2022-42824  
https://access.redhat.com/security/cve/CVE-2022-42826  
https://access.redhat.com/security/cve/CVE-2022-42852  
https://access.redhat.com/security/cve/CVE-2022-42863  
https://access.redhat.com/security/cve/CVE-2022-42867  
https://access.redhat.com/security/cve/CVE-2022-46691  
https://access.redhat.com/security/cve/CVE-2022-46692  
https://access.redhat.com/security/cve/CVE-2022-46698  
https://access.redhat.com/security/cve/CVE-2022-46699  
https://access.redhat.com/security/cve/CVE-2022-46700  
https://access.redhat.com/security/cve/CVE-2023-23517  
https://access.redhat.com/security/cve/CVE-2023-23518  
https://access.redhat.com/security/cve/CVE-2023-25358  
https://access.redhat.com/security/cve/CVE-2023-25360  
https://access.redhat.com/security/cve/CVE-2023-25361  
https://access.redhat.com/security/cve/CVE-2023-25362  
https://access.redhat.com/security/cve/CVE-2023-25363  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo08tzjgjWX9erEAQizzA//ZfzdltwdtCXIOyqB+fCYF071RAjvFVho  
gGI/whuz9NHfhE1rFBw/C4pwVbauyRLEb8woNd6YM1fjr8itYOcvO1oFp8VU5sVr  
pC87bfUitNVO2nuZ/tbcM8HAz30HqjEV63o8PEJlRVz44+kY5RVlRIO+1dqWImYc  
Tv39Cd3NYB1BVNKQXB+sHZa11aSdFoJsPmMDyP2CRR+/hc5rwfPtqMYf5Nuwkf5+  
M25FubVdNJKJOvaxrqvqmJ52kA6bzazo9mX1fYUahPUtiiQlp6O1x5WgP/AqsoO/  
ZXy2dWFu7kUlq9ATL0YbhDmNUZVbYVBajobmvFXXpLklvI0iothfcX8mQXsSvy1Y  
ZBYShGu88cpS+qrn7jOTmkjNIWHFNHlhJs1JUdZ6zkN1IkXTyI7jaOmxCC5/elac  
SrNTweI/G3zA2QosLwdJMpsSPi2EHU10S/SiSx8VZaehLgkkY0NRW77c4CdlPs5z  
5/JldynPytqNqSxxT/4kYprTyrR7JnL/6BL0oqOGK2+aAiJdWx9bwjm9SD4lOwOe  
QPZUtkL7GWRccAjagX8YFccoJu9nOdNSAObJyDYXVRS1rftqOdYn6RYU8FHHCCOv  
g0cWjH87k4AWBvavbA9DhpftLvEz1oDGnUfZks4/tJeWKAWI/wQDWK3xTjAx4qYD  
6EzZBUU3xAw=k7TK  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2256-01

Red Hat Security Advisory 2023-2367-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: containernetworking-plugins security and bug fix update  
Advisory ID:       RHSA-2023:2367-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2367  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-30629 CVE-2022-41717  
====================================================================  
1. Summary:

An update for containernetworking-plugins is now available for Red Hat  
Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The Container Network Interface (CNI) project consists of a specification  
and libraries for writing plug-ins for configuring network interfaces in  
Linux containers, along with a number of supported plug-ins. CNI concerns  
itself only with network connectivity of containers and removing allocated  
resources when the container is deleted.

Security Fix(es):

* golang: net/http: An attacker can cause excessive memory growth in a Go  
server accepting HTTP/2 requests (CVE-2022-41717)

* golang: crypto/tls: session tickets lack random ticket_age_add  
(CVE-2022-30629)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add  
2129076 - containernetworking-plugins bug fix and enhancement update [rhel-9.2.0]  
2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
containernetworking-plugins-1.2.0-1.el9.src.rpm

aarch64:  
containernetworking-plugins-1.2.0-1.el9.aarch64.rpm  
containernetworking-plugins-debuginfo-1.2.0-1.el9.aarch64.rpm  
containernetworking-plugins-debugsource-1.2.0-1.el9.aarch64.rpm

ppc64le:  
containernetworking-plugins-1.2.0-1.el9.ppc64le.rpm  
containernetworking-plugins-debuginfo-1.2.0-1.el9.ppc64le.rpm  
containernetworking-plugins-debugsource-1.2.0-1.el9.ppc64le.rpm

s390x:  
containernetworking-plugins-1.2.0-1.el9.s390x.rpm  
containernetworking-plugins-debuginfo-1.2.0-1.el9.s390x.rpm  
containernetworking-plugins-debugsource-1.2.0-1.el9.s390x.rpm

x86_64:  
containernetworking-plugins-1.2.0-1.el9.x86_64.rpm  
containernetworking-plugins-debuginfo-1.2.0-1.el9.x86_64.rpm  
containernetworking-plugins-debugsource-1.2.0-1.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-30629  
https://access.redhat.com/security/cve/CVE-2022-41717  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo1ntzjgjWX9erEAQii8w//RBP5bit9OiF3n2tn1Euwuz6ENQFoANTZ  
JONxDv2sS28yHyikWOs335v0FTNyqHKw7txTRflWHBzb+/chgeAjbBGWNXBUUsJU  
I9xf6iYgMa8Uu9+3NCZaDZvFjiXkeCy2/yPVnjkTpA1XKcMpbu+NP9AnzgLSOw0n  
+CQl1xt+jp6IY0uemlC+utIe9TW6iNafnvWcJ20/agHXhHVniwwb6ia3zY49CO1/  
ZWFLlvz63AKgGqsq2tuneuF8ZEzoxn4nQhqeYGoTLmeJ6OYuZ+zitghh/vGEinUa  
HcnmFDRiENUngXYFz5mSkC6e/si6/iUg3ZhRYQCQ0yJkdzub/Lp5aTXqwXcOmR5o  
6MyF51sxIIIdngoTWpLrZUqSOlUJFHlONwzAuzkNoRUhInunDnD2DYUN8YyHmpP8  
r0YTncPAUxwu0w/eHM5JNaN6owSCdBHffIK5pphpaUzwcyhpeeIgtFl+gSNPCrNw  
RHAgx2rzH6HjNd20PFBceRdFXLe1yM074cHPmnXXhrsV0KHzNiOsRrYR+G/7rsDu  
1rewsne4p8NDSLuMN6dLeaPO7uEwiDTttEgB+LbPLVMsp7sbLE+DNt8S9bVfpthk  
ywwtZ2yH5o4jq+maQHY07yAlAauvdYZvFFcRJMr3YaZh8XTmXBYEsJsSVnxGygeS  
G10VGQBbBlM=lDuv  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2367-01

Red Hat Security Advisory 2023-2370-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: unbound security update  
Advisory ID:       RHSA-2023:2370-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2370  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-3204  
====================================================================  
1. Summary:

An update for unbound is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux CRB (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The unbound packages provide a validating, recursive, and caching DNS or  
DNSSEC resolver.

Security Fix(es):

* unbound: NRDelegation attack leads to uncontrolled resource consumption  
(Non-Responsive Delegation Attack) (CVE-2022-3204)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2128947 - CVE-2022-3204 unbound: NRDelegation attack leads to uncontrolled resource consumption (Non-Responsive Delegation Attack)

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
unbound-1.16.2-3.el9.src.rpm

aarch64:  
python3-unbound-1.16.2-3.el9.aarch64.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.aarch64.rpm  
unbound-1.16.2-3.el9.aarch64.rpm  
unbound-debuginfo-1.16.2-3.el9.aarch64.rpm  
unbound-debugsource-1.16.2-3.el9.aarch64.rpm  
unbound-libs-1.16.2-3.el9.aarch64.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.aarch64.rpm

ppc64le:  
python3-unbound-1.16.2-3.el9.ppc64le.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.ppc64le.rpm  
unbound-1.16.2-3.el9.ppc64le.rpm  
unbound-debuginfo-1.16.2-3.el9.ppc64le.rpm  
unbound-debugsource-1.16.2-3.el9.ppc64le.rpm  
unbound-libs-1.16.2-3.el9.ppc64le.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.ppc64le.rpm

s390x:  
python3-unbound-1.16.2-3.el9.s390x.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.s390x.rpm  
unbound-1.16.2-3.el9.s390x.rpm  
unbound-debuginfo-1.16.2-3.el9.s390x.rpm  
unbound-debugsource-1.16.2-3.el9.s390x.rpm  
unbound-libs-1.16.2-3.el9.s390x.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.s390x.rpm

x86_64:  
python3-unbound-1.16.2-3.el9.x86_64.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.i686.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.x86_64.rpm  
unbound-1.16.2-3.el9.x86_64.rpm  
unbound-debuginfo-1.16.2-3.el9.i686.rpm  
unbound-debuginfo-1.16.2-3.el9.x86_64.rpm  
unbound-debugsource-1.16.2-3.el9.i686.rpm  
unbound-debugsource-1.16.2-3.el9.x86_64.rpm  
unbound-libs-1.16.2-3.el9.i686.rpm  
unbound-libs-1.16.2-3.el9.x86_64.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.i686.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 9):

aarch64:  
python3-unbound-debuginfo-1.16.2-3.el9.aarch64.rpm  
unbound-debuginfo-1.16.2-3.el9.aarch64.rpm  
unbound-debugsource-1.16.2-3.el9.aarch64.rpm  
unbound-devel-1.16.2-3.el9.aarch64.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.aarch64.rpm

ppc64le:  
python3-unbound-debuginfo-1.16.2-3.el9.ppc64le.rpm  
unbound-debuginfo-1.16.2-3.el9.ppc64le.rpm  
unbound-debugsource-1.16.2-3.el9.ppc64le.rpm  
unbound-devel-1.16.2-3.el9.ppc64le.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.ppc64le.rpm

s390x:  
python3-unbound-debuginfo-1.16.2-3.el9.s390x.rpm  
unbound-debuginfo-1.16.2-3.el9.s390x.rpm  
unbound-debugsource-1.16.2-3.el9.s390x.rpm  
unbound-devel-1.16.2-3.el9.s390x.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.s390x.rpm

x86_64:  
python3-unbound-debuginfo-1.16.2-3.el9.i686.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.x86_64.rpm  
unbound-debuginfo-1.16.2-3.el9.i686.rpm  
unbound-debuginfo-1.16.2-3.el9.x86_64.rpm  
unbound-debugsource-1.16.2-3.el9.i686.rpm  
unbound-debugsource-1.16.2-3.el9.x86_64.rpm  
unbound-devel-1.16.2-3.el9.i686.rpm  
unbound-devel-1.16.2-3.el9.x86_64.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.i686.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-3204  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo1jdzjgjWX9erEAQiRrw/8Cvrk4GYwrrN9CtNDFUsmLEYxql+rGQ3k  
JxA6mx5iR4HKQKh/K3y0KPdgYA1STfiklbrCHdCZ3KXESR20fpWom9c57PpBC7dy  
JISRsi9AvvuRhhnKwQJj98ISfH6wewiANVUQJ7xr+mDCFUs3v/g+dgHGk9bcv80H  
ZdubIu6THogHlRX9sytcOKldXPMkTc6NVFhQG16TE4sJF//RHZaNbiRlJE0CKuwQ  
MZeFyHe2+Yh/s2mmv7qrcKRrWC1996quG/HjDv4qntLurllvKliB9UWIzPk7TBxk  
z+QyqMO6QV/A8hHjxDgjJ8nHanHAf0btXj6xzdDaM0TcaCIiYq0ExpLDAZot0+l+  
F37zkGlwlpMTwAdUXhAnikfP+kCty7/DHeHQ0HEsD3q9cmiNuiyMYtnppZ86ph3q  
hn2I60s269i3ZaY0ng4ijk46Je4Utvc3E2iQKXZIhNxaIYC6a4ZUqS7756ajTGt/  
90i0bHu0Ad9bEyrjkVJqZr/RXpoIXxIHMZdpt3K20Sf9s520c4zkZKaIN0iajlgX  
RfYBaMDVuo5aC5uLvSSqywIwGmu7wL6QTfDOIAQ6w6rVe0PRPPOrhfMUx9G2d5bO  
Ix8vmtXxvXoL5OIP/Vr02EeOsTSznlNmjJuKKpG9CieZ9j0nQ8/LvtsOlve+u+2b  
Olhp7onn0c0=boRT  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2370-01

Red Hat Security Advisory 2023-2165-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include double free, privilege escalation, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: edk2 security, bug fix, and enhancement update  
Advisory ID:       RHSA-2023:2165-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2165  
Issue date:        2023-05-09  
CVE Names:         CVE-2021-38578 CVE-2022-4304 CVE-2022-4450  
                   CVE-2023-0215 CVE-2023-0286  
====================================================================  
1. Summary:

An update for edk2 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - noarch  
Red Hat Enterprise Linux CRB (v. 9) - aarch64, noarch, x86_64

3. Description:

EDK (Embedded Development Kit) is a project to enable UEFI support for  
Virtual Machines. This package contains a sample 64-bit UEFI firmware for  
QEMU and KVM.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

* edk2: integer underflow in SmmEntryPoint function leads to potential SMM  
privilege escalation (CVE-2021-38578)

* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)

* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)

* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1960321 - CVE-2021-38578 edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation  
1983086 - Assertion failure when creating 1024 VCPU VM: [...]UefiCpuPkg/CpuMpPei/CpuBist.c(186): !EFI_ERROR (Status)  
2125336 - Please add edk2-aarch64 and edk2-tools to CRB in RHEL 9  
2132951 - edk2: Sort traditional virtualization builds before Confidential Computing builds  
2157656 - [edk2] [aarch64] Unable to initialize EFI firmware when using edk2-aarch64-20221207gitfff6d81270b5-1.el9 in some hardwares  
2162307 - Broken GRUB output on a serial console  
2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName  
2164487 - CVE-2022-4304 openssl: timing attack in RSA Decryption implementation  
2164492 - CVE-2023-0215 openssl: use-after-free following BIO_new_NDEF  
2164494 - CVE-2022-4450 openssl: double free after calling PEM_read_bio_ex  
2168046 - [edk2] BIOS Release Date string is unexpected length  
2174605 - [EDK2] disable dynamic mmio window

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm

noarch:  
edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm  
edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.noarch.rpm

Red Hat Enterprise Linux CRB (v. 9):

aarch64:  
edk2-debugsource-20221207gitfff6d81270b5-9.el9_2.aarch64.rpm  
edk2-tools-20221207gitfff6d81270b5-9.el9_2.aarch64.rpm  
edk2-tools-debuginfo-20221207gitfff6d81270b5-9.el9_2.aarch64.rpm

noarch:  
edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm  
edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.noarch.rpm  
edk2-tools-doc-20221207gitfff6d81270b5-9.el9_2.noarch.rpm

x86_64:  
edk2-debugsource-20221207gitfff6d81270b5-9.el9_2.x86_64.rpm  
edk2-tools-20221207gitfff6d81270b5-9.el9_2.x86_64.rpm  
edk2-tools-debuginfo-20221207gitfff6d81270b5-9.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-38578  
https://access.redhat.com/security/cve/CVE-2022-4304  
https://access.redhat.com/security/cve/CVE-2022-4450  
https://access.redhat.com/security/cve/CVE-2023-0215  
https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo0RNzjgjWX9erEAQg9NA/8DpTlXLXGvC02Zy7lUzgIfqQ3jT1yOsyS  
o8gP4PqZ2o2MthNJRM3WUq/oxobk4TMvDBTYaOTMF0N5gE7sFAM1gr8Jys4DknWn  
8NrruJ0ZvOF/5tzUC5KUqzu322o1oMGW/W4gmH8/DcPZLwrQjdWpuSVvIKaadnzw  
Ot9T6MHdalN0PaBnxVpu53G9gRLfQwRbXLu8FHBSlYxmiMjfPi2ki4Rg4FqKQrZ0  
BkfbZK17JmWxsYsI33e9d6DcRpPN8AxQrBN+rXv0WtzJClbQHi7qR9r5HAiTUIW6  
kChuaJXE79uglhAxtZllRWvPV2SfA5LDq75TUiHAC5rUoWBUqMi+hzpPhjNsGDz/  
QP7cTjpcs16cJlC7BGnN0NUEQr5fdYVOetJjJBv5wgCJGClmiDucrK9F/gNJIF+6  
SIiNQd+dje1dbbD//GxAot/WEiCrsxn2A5sGaWEyapeB8QJ6Js3is6EmpNc10LOt  
uSoko0yLttx7UJVzjkUTcH7PxpxaplBStcIAJi8Wj77nsAnrpiQORtNAGB0J+4rU  
pCb1XQlVSlgMlVfU+9jELIpvI8u7kkO1ss3sOaIvxTRycdXGgDXpX+IWQgNO732A  
4/R1FmdQNCKLm3XR03ukaYCFHMKLn3s2OqgZiAxWlO1+4VuGxyFd9bvwXCXoKuoa  
ZqW1JXNcdH8=Ml6L  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2165-01

Red Hat Security Advisory 2023-2366-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: emacs security and bug fix update  
Advisory ID:       RHSA-2023:2366-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2366  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-45939  
====================================================================  
1. Summary:

An update for emacs is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

GNU Emacs is a powerful, customizable, self-documenting text editor. It  
provides special code editing features, a scripting language (elisp), and  
the capability to read e-mail and news.

Security Fix(es):

* emacs: ctags local command execution vulnerability (CVE-2022-45939)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1979804 - emacs: portable dumper incompatible with 64K pages on aarch64  
2006856 - RPM inspection failure about hardening binaries  
2149380 - CVE-2022-45939 emacs: ctags local command execution vulnerability

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
emacs-27.2-8.el9.src.rpm

aarch64:  
emacs-27.2-8.el9.aarch64.rpm  
emacs-common-27.2-8.el9.aarch64.rpm  
emacs-common-debuginfo-27.2-8.el9.aarch64.rpm  
emacs-debuginfo-27.2-8.el9.aarch64.rpm  
emacs-debugsource-27.2-8.el9.aarch64.rpm  
emacs-lucid-27.2-8.el9.aarch64.rpm  
emacs-lucid-debuginfo-27.2-8.el9.aarch64.rpm  
emacs-nox-27.2-8.el9.aarch64.rpm  
emacs-nox-debuginfo-27.2-8.el9.aarch64.rpm

noarch:  
emacs-filesystem-27.2-8.el9.noarch.rpm

ppc64le:  
emacs-27.2-8.el9.ppc64le.rpm  
emacs-common-27.2-8.el9.ppc64le.rpm  
emacs-common-debuginfo-27.2-8.el9.ppc64le.rpm  
emacs-debuginfo-27.2-8.el9.ppc64le.rpm  
emacs-debugsource-27.2-8.el9.ppc64le.rpm  
emacs-lucid-27.2-8.el9.ppc64le.rpm  
emacs-lucid-debuginfo-27.2-8.el9.ppc64le.rpm  
emacs-nox-27.2-8.el9.ppc64le.rpm  
emacs-nox-debuginfo-27.2-8.el9.ppc64le.rpm

s390x:  
emacs-27.2-8.el9.s390x.rpm  
emacs-common-27.2-8.el9.s390x.rpm  
emacs-common-debuginfo-27.2-8.el9.s390x.rpm  
emacs-debuginfo-27.2-8.el9.s390x.rpm  
emacs-debugsource-27.2-8.el9.s390x.rpm  
emacs-lucid-27.2-8.el9.s390x.rpm  
emacs-lucid-debuginfo-27.2-8.el9.s390x.rpm  
emacs-nox-27.2-8.el9.s390x.rpm  
emacs-nox-debuginfo-27.2-8.el9.s390x.rpm

x86_64:  
emacs-27.2-8.el9.x86_64.rpm  
emacs-common-27.2-8.el9.x86_64.rpm  
emacs-common-debuginfo-27.2-8.el9.x86_64.rpm  
emacs-debuginfo-27.2-8.el9.x86_64.rpm  
emacs-debugsource-27.2-8.el9.x86_64.rpm  
emacs-lucid-27.2-8.el9.x86_64.rpm  
emacs-lucid-debuginfo-27.2-8.el9.x86_64.rpm  
emacs-nox-27.2-8.el9.x86_64.rpm  
emacs-nox-debuginfo-27.2-8.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-45939  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo05dzjgjWX9erEAQhkGRAAgZmPnfUrJiQ4GzGO6S4lCkXW3GzoKkjK  
y9oCf/p4x7myiOVCU/rbdTLZlfObBqxqRSbh3tMmucG3vUVf5aymNyqlIki8fgWb  
BXqaaM9K0jbtHOBwLpIWXi89Yaw2AfkxMiM9ZrdffCcOf3kdTDOwI46R3oYgbqf4  
yMZe5N9CSM7ZlhZkrzdfjL/9m1wGdHOl9ZNJp4ji0K+Zeb/hlUeHqKLbnX+Ag0mu  
QCnDDy7qm+ysNUYUjdFFs9SY43Ekaw1kayya6eQE0lUbUr32P6mmvw11so4QFV+g  
6iNtK85sQtI6z5czUYMNYZDBHvkKSR7NYlQZa4GCMr5KLcmXIAyNWw8dQLhOmnkO  
zZGoE+SkL0bkU4lqNNUso4AXaGUkVFASEuL+BlJd9dT/ouQoF2lXu11mpoyvkENT  
yVUXAIZbB8/Z5IymIWiyNrJ2iQjlxPtAFO08bFM2CIBkGH0g1IlTPQMhHezLKuzA  
WHWjKUo5bSowP5DMPtsrddSEob6oyVZ4hvofaMtKQQFxMMvIUoW4Coi/AzarUBJj  
fkzb7uMGfH67rm3zinxjqxnWJjk882ALxG1Zu5sFxvOTywRMGEcaVMXFbYjY0w/F  
JctAn7NovBq7ksK3XBnlOd8ydebuFwgkZ7YLTMBhwLZ26E7ziV5CHnJ2laRVOkVd  
7aMOi3Tm0Ts=+PB4  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#linux