Red Hat Security Advisory 2023-3441-01 - An update for etcd is now available for Red Hat OpenStack Platform 17.0 (Wallaby).

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenStack Platform 17.0 (etcd) security update  
Advisory ID:       RHSA-2023:3441-01  
Product:           Red Hat OpenStack Platform  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3441  
Issue date:        2023-06-05  
CVE Names:         CVE-2021-28235 CVE-2023-32082   
=====================================================================

1. Summary:

An update for etcd is now available for Red Hat OpenStack Platform 17.0  
(Wallaby).

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 17.0 - x86_64

3. Description:

A highly-available key value store for shared configuration

Security Fix(es):

* Information discosure via debug function (CVE-2021-28235)

* Key name can be accessed via LeaseTimeToLive API (CVE-2023-32082)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2184441 - CVE-2021-28235 etcd: Information discosure via debug function  
2208131 - CVE-2023-32082 etcd: Key name can be accessed via LeaseTimeToLive API

6. Package List:

Red Hat OpenStack Platform 17.0:

Source:  
etcd-3.4.26-1.el9ost.src.rpm

x86_64:  
etcd-3.4.26-1.el9ost.x86_64.rpm  
etcd-debuginfo-3.4.26-1.el9ost.x86_64.rpm  
etcd-debugsource-3.4.26-1.el9ost.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-28235  
https://access.redhat.com/security/cve/CVE-2023-32082  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH54PNzjgjWX9erEAQgJOA/8CUtW9KAsZV6KHhG/WYlA41Dx0LyhV2Pd  
FFX9Ir0VxBrVQb+R8Vr/CE9RO/liCK4NHzy1qpUTEUkoqZOTE4I4ClfivE3CaTG/  
/f7EgJcm9fTiDTBqCpv6HUtSrFsmxJXehA7U9nIZ45NC0lCD8heZYjBwbmCxuqOQ  
oja8mdgz/ScdjCDXLaplUl3Xu7MUbQj371jxkZukuslyBHwam9wg9NfBbvYdspC0  
L3mO4u3KZ6YnvHfa31YGjmnEUIWPcimm4iVq7vwBF4o3gA331ezO2NhCHbUFWS97  
h7HxlefloGanlWko8JWZUN4NdSDHv5O4N9mLzZ1oqkNa6dFMQ7/cNFUoD6oLm7+8  
hYDguNtVV4l9od9B/nb5yeIXMPDk+bhWAQnam7WQ53vf+HWWgvwBjRPX4VB0jfTW  
9ja0TgiAsCU6SfPTmf2UHejG6NMst05z9qPKx64DMfNL+pt6h61VQo0X+/qfHQIq  
/l9nvz3BeVHZeze2uxvZN+xVnpwURpGBgm4JYB5DqEBBdWORjUqYudAPVnoUKf+K  
FcPwhsgy25kajF//iATNqnZcV6GjkbquMaZ9IEOdc4jAXXhl7mz+cSmSHsbzfm8w  
hhcx9QUtM/9/2uElky3K1A6y98xSVl2x6tmkE7Ig2DUVGy33HwwsrjWZifdARdED  
wrL3WFxoR58=  
=hzzC  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3441-01

Red Hat Security Advisory 2023-3447-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.1 (Train).

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenStack Platform 16.1 (etcd) security update  
Advisory ID:       RHSA-2023:3447-01  
Product:           Red Hat OpenStack Platform  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3447  
Issue date:        2023-06-05  
CVE Names:         CVE-2021-28235 CVE-2022-41723   
=====================================================================

1. Summary:

An update for etcd is now available for Red Hat OpenStack Platform 16.1  
(Train).

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 16.1 - ppc64le, x86_64

3. Description:

A highly-available key value store for shared configuration

Security Fix(es):

* Information discosure via debug function (CVE-2021-28235)

* golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding  
(CVE-2022-41723)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding  
2184441 - CVE-2021-28235 etcd: Information discosure via debug function

6. Package List:

Red Hat OpenStack Platform 16.1:

Source:  
etcd-3.3.23-14.el8ost.src.rpm

ppc64le:  
etcd-3.3.23-14.el8ost.ppc64le.rpm  
etcd-debuginfo-3.3.23-14.el8ost.ppc64le.rpm  
etcd-debugsource-3.3.23-14.el8ost.ppc64le.rpm

x86_64:  
etcd-3.3.23-14.el8ost.x86_64.rpm  
etcd-debuginfo-3.3.23-14.el8ost.x86_64.rpm  
etcd-debugsource-3.3.23-14.el8ost.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-28235  
https://access.redhat.com/security/cve/CVE-2022-41723  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH5399zjgjWX9erEAQi3tA/5AYgM3ZWooHZM/rl3ZqV3HyWNwz62DIOe  
r8eZFBTgND3rCgjXR63zC/e7g409rAmWYvjc02F/MJxEsGu1fXrLa9rfXfD9o5y3  
X2qBMobtX+VsvR2jnh+EYCpz597LXmvjxGiZQfrP71zjrLX+GyRHISPGT/qgrTuH  
JaWTLfAZy95HAU6Rof0sLhsHWt+9knUt5bgyT5mdgiTo+fx7DtOCBt15PBcmaC07  
wc8NOPmgVu5Y6EPLBfYAdb368WWfwOWElbaK80SuVmgRpzXu3S83EBbaklO++pAD  
RfROf/94qy+lEXp5CfK+r8CgVRfflILsC2FJ9+SJajr/BjRm3AE0ABOpFhu0g+IU  
ORB33zhnDt3+imubHtCJaJdDomftzIjpHW6FQxeZ2aBANoZnR0/sQZaHHgjxF5Bi  
VZxb6LyJeSQcN9lDIMxUaV6HHwu4k2TT00drvVM3stUfH97piGAk4uwVLOiSYITZ  
r96n+YFhBxngKM+xjhcDERRIX7kWnTZOfUu0d6xknkdLxNGptnwIE0uX2lRo4Te1  
UAV3OhB4gHH7RmPF8jfvuW/MWgc8Z/Ux23TQj3S67TWZCMndGJLRrfmM9hkI1W4o  
VOAKy4MB47PPNmhs+8/KuEjA3SOt66omJlUrhCYqXu0nFXk2llr7iCg7RSbWV77P  
YyfgVWZYfMY=  
=nW9a  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3447-01

Red Hat Security Advisory 2023-3440-01 - An update for python-flask is now available for Red Hat OpenStack Platform 17.0 (Wallaby).

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenStack Platform 17.0 (python-flask) security update  
Advisory ID:       RHSA-2023:3440-01  
Product:           Red Hat OpenStack Platform  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3440  
Issue date:        2023-06-05  
CVE Names:         CVE-2023-30861   
=====================================================================

1. Summary:

An update for python-flask is now available for Red Hat OpenStack Platform  
17.0 (Wallaby).

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 17.0 - noarch

3. Description:

Flask is called a “micro-framework” because the idea to keep the core  
simple but extensible. There is no database abstraction layer, no form  
validation or anything else where different libraries already exist that  
can handle that. However Flask knows the concept of extensions that can add  
this functionality into your application as if it was implemented in Flask  
itself. There are currently extensions for object relational mappers, form  
validation, upload handling, various open authentication technologies and  
more.

Security Fix(es):

* Possible disclosure of permanent session cookie due to missing Vary:  
Cookie header (CVE-2023-30861)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2196643 - CVE-2023-30861 flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header

6. Package List:

Red Hat OpenStack Platform 17.0:

Source:  
python-flask-1.1.2-6.el9ost.src.rpm

noarch:  
python3-flask-1.1.2-6.el9ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-30861  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH538dzjgjWX9erEAQhxqg/8DysCxcTh0YuNH19oiiaAi/7+77JHXXou  
FPeUpkKfeif2eWiAm4wJHKMLEOSQnFsgfEJcAk0bopl8OiANMV6d7e7/IH3mV5Eo  
ENEpzSa73CcB0ZGhk7DWa7mFh22nevh4a5a8wKU+PPEF4eHnIJzzl9K2hBvAwpZ/  
D2oM3Z0UrtGJPw+2xbqSgJfaIubKhm4PZSgLnL92k6XmuPrVxTyDPrvrtfXjXgaU  
e9fjoMTO/Z0lotdFSZUyBJSNOKwoI3CTo/XZAfzv9FRyLVtiyP1CpUnvuHZqQKzs  
dqRjDBNtt0YU8d6koT/WhXHePf4HUndpScoypjoBFtTr0VAZIN3meGjjsv7f0x3b  
bc8Li7ARUmGS91canC0q+AX1POyJUnLj4clv3gDPFk/qlY9xg6kgt8r4Yl9hSI7O  
fDVS/f/L+4fZ+0QK+V4lDxzf7b9pFLbofTIDm3SvuNvIYjgb2I49CVCkpJqCNdzL  
HPywLWSsBRGcFeklDPlgOmTJ9y/U9y+e9/4GgZr42Y8MG+bUhq/eOoXa4zmmSh0N  
t9Kuy4bNMFcqHJvyGWTNS87uXE+jRhsg6W3iFwwrEQrc2IrQ10+/PKewWkqZgCTd  
ZtYgaIBaqlLVfrJEjkjKsIUhQGCAOEmqUnMsz5eY3Dja6NoPQziekHmwcJDZIDTi  
o0D9zApP3T8=  
=OFiY  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3440-01

Red Hat Security Advisory 2023-3444-01 - An update for python-flask is now available for Red Hat OpenStack Platform 16.2 (Train).

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenStack Platform 16.2 (python-flask) security update  
Advisory ID:       RHSA-2023:3444-01  
Product:           Red Hat OpenStack Platform  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3444  
Issue date:        2023-06-05  
CVE Names:         CVE-2023-30861   
=====================================================================

1. Summary:

An update for python-flask is now available for Red Hat OpenStack Platform  
16.2 (Train).

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 16.2 - noarch

3. Description:

Flask is called a “micro-framework” because the idea to keep the core  
simple but extensible. There is no database abstraction layer, no form  
validation or anything else where different libraries already exist that  
can handle that. However Flask knows the concept of extensions that can add  
this functionality into your application as if it was implemented in Flask  
itself. There are currently extensions for object relational mappers, form  
validation, upload handling, various open authentication technologies and  
more.

Security Fix(es):

* Possible disclosure of permanent session cookie due to missing Vary:  
Cookie header (CVE-2023-30861)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2196643 - CVE-2023-30861 flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header

6. Package List:

Red Hat OpenStack Platform 16.2:

Source:  
python-flask-1.0.2-8.el8ost.src.rpm

noarch:  
python3-flask-1.0.2-8.el8ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-30861  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH537NzjgjWX9erEAQhb1A//Qfz5x8mNLdNmdb0wcsAZBycpQxytYopx  
qzQvijFJ/sB7xLEFi0KflSq5vW6DQWJInHPgw93byddP5KkK1NgbnBGpaMfQJ0zL  
nBZ4pjWNVWUrJuDyQSzB5Q1Oy/sg8gfDDcyW4zvmaWtXdqxG69iEYKcMxkN8Jmkz  
LmdI13dIPsbV8rTmMMv3/U/s5UyQhr3gyEWyVXlVIs1lTCDl8EslMWXgvnvMbyFH  
7jIWwQrNnncM3QyoWLnUiLjkuKzlIYMbJ15Zy5Wog9/zC6pZdd+vrTSHU1xHtKGL  
24OTtP+vtsKsSUSaKburNkUNW9DI5irsUHTj3mBFYenXif3vC11xNTk47nR5Y08W  
ICXUUFpLNMdN56G5cNMWlWVDL/bB5rqcj1hA24PWw47foHRTusOmqSOnLsIqkOHd  
eF7Wa56cV9NBNYU8ptkvyim6diqWHlaizLYy0+u3CNECo9na4RbNsCpjYkwlS8xN  
2I7xbje1sOYp/ZfVEivExPDFcbP2v2W9W4pSe5pwMAgPGFVzYT2+NFDvuM2EwmYZ  
ldvhYCC2m52PJEmP6Ln7+W+3qHsPFukFRku2vStbx80/aU5oS9qwvpleXm6kFIEu  
IL09wFXO2kqW3Kq4Y/2KVWwS2d2k+HG8ULaMjZKHJHZ3kEmFSvvXONXJIFG3zY5v  
i7BbHWKANm4=  
=rTee  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3444-01

Red Hat Security Advisory 2023-3428-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: cups-filters security update  
Advisory ID:       RHSA-2023:3428-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3428  
Issue date:        2023-06-02  
CVE Names:         CVE-2023-24805   
=====================================================================

1. Summary:

An update for cups-filters is now available for Red Hat Enterprise Linux  
8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2  
Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update  
Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

The cups-filters package contains back ends, filters, and other software  
that was once part of the core Common UNIX Printing System (CUPS)  
distribution but is now maintained independently.

Security Fix(es):

* cups-filters: remote code execution in cups-filters, beh CUPS backend  
(CVE-2023-24805)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2203051 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
cups-filters-1.20.0-19.el8_2.1.src.rpm

aarch64:  
cups-filters-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.aarch64.rpm

ppc64le:  
cups-filters-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.ppc64le.rpm

s390x:  
cups-filters-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.s390x.rpm

x86_64:  
cups-filters-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
cups-filters-1.20.0-19.el8_2.1.src.rpm

aarch64:  
cups-filters-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.aarch64.rpm

ppc64le:  
cups-filters-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.ppc64le.rpm

s390x:  
cups-filters-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.s390x.rpm

x86_64:  
cups-filters-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
cups-filters-1.20.0-19.el8_2.1.src.rpm

aarch64:  
cups-filters-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.aarch64.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.aarch64.rpm

ppc64le:  
cups-filters-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.ppc64le.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.ppc64le.rpm

s390x:  
cups-filters-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.s390x.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.s390x.rpm

x86_64:  
cups-filters-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-debugsource-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-libs-1.20.0-19.el8_2.1.x86_64.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.i686.rpm  
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-24805  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH532NzjgjWX9erEAQgRTg//S+AGLsYC080CU+gk/O5Rc5n9kdqpmbCi  
iHEyADw4qL5n5m03dmgXVdcEQRFx8+GNjbs6kQhh8Jzhb0Ior8TdXwkw4htBtbvI  
N+vj1+tFoSkWGU6yUXRor6V2Cck1dtGm9wQHxVsr3hvTPKBU1zMELLl1r0BwkMiF  
dGLf23Z8T2iEp5FsOeQT/2dyMbuI7KAejntX4m1kNLcW3rgL2cHXqUlh1GvDPnAF  
M08f2meAXDd/PC4bJyn+pzAaO5laTg2JNY0djTatiRMDwl6RE6wznHgnEfPbAw7J  
52n2MERjaUIf9yRqG9yV6uVcjm06WF7bSIvYe2hoEQqE4y3TTdQY26Lvrolebg4X  
5HXe7TFHEJCu+C3FQk1SqvpgAezezQpxtKY9xdSnApO5mFLON68z97YZQt+B7pu5  
TgCmItBIdpgez7qkoqUf6iNAC/Mv4YT+lY62dMxE0eDjuzrYvhc+KbU4MbNHiHjJ  
Fx0TKzIWkjU5Vz6IWlTCBz13qfbsQ+9HtgRBClwiF7g8X/keWBWVxVe4mZMLLaRz  
uXdi5ip7ExDG1ALLd4TrcihT/zYlZK6Dwi1hZS9w4Tda3B2pH4tW9osnfq4xv+Ki  
RACA5RoL9j5qegbyfAD/Urz3hngixa8gMPZINHF0ZAkufjLZKh8bovzTsxIGTtDW  
bPKGGtQG5qI=  
=JdrW  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3428-01

Red Hat Security Advisory 2023-3425-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: cups-filters security update  
Advisory ID:       RHSA-2023:3425-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3425  
Issue date:        2023-06-02  
CVE Names:         CVE-2023-24805   
=====================================================================

1. Summary:

An update for cups-filters is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The cups-filters package contains back ends, filters, and other software  
that was once part of the core Common UNIX Printing System (CUPS)  
distribution but is now maintained independently.

Security Fix(es):

* cups-filters: remote code execution in cups-filters, beh CUPS backend  
(CVE-2023-24805)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2203051 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
cups-filters-1.20.0-29.el8_8.2.src.rpm

aarch64:  
cups-filters-1.20.0-29.el8_8.2.aarch64.rpm  
cups-filters-debuginfo-1.20.0-29.el8_8.2.aarch64.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.aarch64.rpm  
cups-filters-libs-1.20.0-29.el8_8.2.aarch64.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.aarch64.rpm

ppc64le:  
cups-filters-1.20.0-29.el8_8.2.ppc64le.rpm  
cups-filters-debuginfo-1.20.0-29.el8_8.2.ppc64le.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.ppc64le.rpm  
cups-filters-libs-1.20.0-29.el8_8.2.ppc64le.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.ppc64le.rpm

s390x:  
cups-filters-1.20.0-29.el8_8.2.s390x.rpm  
cups-filters-debuginfo-1.20.0-29.el8_8.2.s390x.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.s390x.rpm  
cups-filters-libs-1.20.0-29.el8_8.2.s390x.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.s390x.rpm

x86_64:  
cups-filters-1.20.0-29.el8_8.2.x86_64.rpm  
cups-filters-debuginfo-1.20.0-29.el8_8.2.i686.rpm  
cups-filters-debuginfo-1.20.0-29.el8_8.2.x86_64.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.i686.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.x86_64.rpm  
cups-filters-libs-1.20.0-29.el8_8.2.i686.rpm  
cups-filters-libs-1.20.0-29.el8_8.2.x86_64.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.i686.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 8):

aarch64:  
cups-filters-debuginfo-1.20.0-29.el8_8.2.aarch64.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.aarch64.rpm  
cups-filters-devel-1.20.0-29.el8_8.2.aarch64.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.aarch64.rpm

ppc64le:  
cups-filters-debuginfo-1.20.0-29.el8_8.2.ppc64le.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.ppc64le.rpm  
cups-filters-devel-1.20.0-29.el8_8.2.ppc64le.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.ppc64le.rpm

s390x:  
cups-filters-debuginfo-1.20.0-29.el8_8.2.s390x.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.s390x.rpm  
cups-filters-devel-1.20.0-29.el8_8.2.s390x.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.s390x.rpm

x86_64:  
cups-filters-debuginfo-1.20.0-29.el8_8.2.i686.rpm  
cups-filters-debuginfo-1.20.0-29.el8_8.2.x86_64.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.i686.rpm  
cups-filters-debugsource-1.20.0-29.el8_8.2.x86_64.rpm  
cups-filters-devel-1.20.0-29.el8_8.2.i686.rpm  
cups-filters-devel-1.20.0-29.el8_8.2.x86_64.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.i686.rpm  
cups-filters-libs-debuginfo-1.20.0-29.el8_8.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-24805  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH53xtzjgjWX9erEAQinZQ//e8C3UZz2YSdb+iZcCQkHvpAXS5G4OnnF  
+TDdAQ+fdNuXkMzQey2UEl8/h/0xyEJqF33gOlbgEtIAHNtNR2WP6Wk1HgGNZONA  
teCMda5qliPG0L8H/t/sgNqrWxhQnGE4LbKLQLTXn8Bq0sZhSlZyiSBK4wLxURjS  
Ospqc6yZYpceh/AxJeN8UPkZqWtPq1U4GEVBeb6fQJNPKsCCORCZ+tQYlZlarZJ0  
TnWtzFnDCiAzgck/BKiu16KT4MLGwAzyAGVup3fMcumSkNqvfUtrlNeH7aO4CYMe  
wBmUtKubwrcxQielC/vMwIAZ2F6kgroqyuYrIubUQ/+DvyySy9J8QZmKjF2gc5h4  
yGkrjJEH2tTjdIPa2RF+9oVAKd+MuWj6K2dn0C0y1P8T7903JLt3IV1CYJiO8/Nu  
oWQginskxa+zMwpCeoRzqjx7ZjGUv89MQoh4c4QyD3iWs1suDGFLFbuUGKaX/mpx  
WhIyqOPGFw6jAfWUmW1kbmIjMPNniKLAcxy8Z1tugHfONAgpImbR3DA1KPzyUmQ2  
zssn6Mzn8L10r3oyXPoVJzXhRinbgLjrEuW9APDZR4vgC+8xWfbAO46EBMmjTrsN  
cmDILmHdkpM1Re8/0B8a3DE+y9X2QJi8jVDM/3s+7c8ccdHOu+Re5fMZ8zbFvhQo  
kJ9fZbZQauo=  
=3N+S  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3425-01

Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenStack Platform 16.2 (etcd) security update  
Advisory ID:       RHSA-2023:3445-01  
Product:           Red Hat OpenStack Platform  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3445  
Issue date:        2023-06-05  
CVE Names:         CVE-2021-28235 CVE-2022-41723 CVE-2022-41724   
                   CVE-2022-41725 CVE-2023-24534 CVE-2023-24536   
                   CVE-2023-24537 CVE-2023-24538 CVE-2023-24539   
                   CVE-2023-24540 CVE-2023-29400   
=====================================================================

1. Summary:

An update for etcd is now available for Red Hat OpenStack Platform 16.2  
(Train).

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 16.2 - ppc64le, x86_64

3. Description:

A highly-available key value store for shared configuration

Security Fix(es):

* Information discosure via debug function (CVE-2021-28235)

* html/template: improper handling of JavaScript whitespace  
(CVE-2023-24540)

* golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding  
(CVE-2022-41723)

* crypto/tls: large handshake records may cause panics (CVE-2022-41724)

* net/http mime/multipart: denial of service from excessive resource  
consumption (CVE-2022-41725)

* net/http net/textproto: denial of service from excessive memory  
allocation (CVE-2023-24534)

* net/http net/textproto mime/multipart: denial of service from excessive  
resource consumption (CVE-2023-24536)

* go/parser: Infinite loop in parsing (CVE-2023-24537)

* html/template: backticks not treated as string delimiters  
(CVE-2023-24538)

* html/template: improper sanitization of CSS values (CVE-2023-24539)

* html/template: improper handling of empty HTML attributes  
(CVE-2023-29400)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding  
2178488 - CVE-2022-41725 golang: net/http, mime/multipart: denial of service from excessive resource consumption  
2178492 - CVE-2022-41724 golang: crypto/tls: large handshake records may cause panics  
2184441 - CVE-2021-28235 etcd: Information discosure via debug function  
2184481 - CVE-2023-24538 golang: html/template: backticks not treated as string delimiters  
2184482 - CVE-2023-24536 golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption  
2184483 - CVE-2023-24534 golang: net/http, net/textproto: denial of service from excessive memory allocation  
2184484 - CVE-2023-24537 golang: go/parser: Infinite loop in parsing  
2196026 - CVE-2023-24539 golang: html/template: improper sanitization of CSS values  
2196027 - CVE-2023-24540 golang: html/template: improper handling of JavaScript whitespace  
2196029 - CVE-2023-29400 golang: html/template: improper handling of empty HTML attributes

6. Package List:

Red Hat OpenStack Platform 16.2:

Source:  
etcd-3.3.23-14.el8ost.src.rpm

ppc64le:  
etcd-3.3.23-14.el8ost.ppc64le.rpm  
etcd-debuginfo-3.3.23-14.el8ost.ppc64le.rpm  
etcd-debugsource-3.3.23-14.el8ost.ppc64le.rpm

x86_64:  
etcd-3.3.23-14.el8ost.x86_64.rpm  
etcd-debuginfo-3.3.23-14.el8ost.x86_64.rpm  
etcd-debugsource-3.3.23-14.el8ost.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-28235  
https://access.redhat.com/security/cve/CVE-2022-41723  
https://access.redhat.com/security/cve/CVE-2022-41724  
https://access.redhat.com/security/cve/CVE-2022-41725  
https://access.redhat.com/security/cve/CVE-2023-24534  
https://access.redhat.com/security/cve/CVE-2023-24536  
https://access.redhat.com/security/cve/CVE-2023-24537  
https://access.redhat.com/security/cve/CVE-2023-24538  
https://access.redhat.com/security/cve/CVE-2023-24539  
https://access.redhat.com/security/cve/CVE-2023-24540  
https://access.redhat.com/security/cve/CVE-2023-29400  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH53s9zjgjWX9erEAQgpwxAAkfstwwUD75m6f/Qmmdi67+HgVXAPNFvi  
LPekOWmrHirPvoahQKPczenMI4bSFOfGdSFrlPVVCjYqN4OJKrfbRDGy5OwQrSPn  
tSohg6rNm0Wwsq0GxKtMj4L8OR3eBXYKe7oSDBw6V2eiD385T4fnxBKYg7MFJPM0  
yEmop8Ti7WWq1znasXkKmgoOWOGKGBhM+6rYXPvijY02edLn1P52DhVyCZMP/f2+  
Al7jkf1esytYboGzLAczvELoQruQeKFw/Cg58fABz60jTmtcY5Hm8KEuUyHGDdvK  
9ZfbWpvO9I8HJ/t/pBbyrA9WGhgPeQji6ObkmD2s8UPL3VSAr0GuFFqsivD9FvnS  
XH5JNqktY5S8ge6aTXDKQYb5x5gZ05Ab0z7MC8j4amqhdjM9aY1W09I4O6w9UJWI  
8zc7z6+G5fHsFDtrGlnLt8V0eedbLpowrNG31AVs5cSzPTZa9tIBMiset0X0jad1  
489WmjsgiaFpOaIcyscm2f++k/0mkfHxq536mnlnZQHdsQ9PstmHndZOlH0fLFAd  
nW+SE1rC5ms8CjGXzPMigyRm8p3+UK1lgik1c4PIcWCb2CD92F6mukOJK5gBH0zE  
t34a708eSFY6KY5Sy9kq6r3urU2i2sjbNHhQMKEx0J5tAXhvqCPgmenxc7S/tjmn  
szAz6pricSc=  
=3Mtd  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3445-01

Red Hat Security Advisory 2023-3446-01 - An update for python-flask is now available for Red Hat OpenStack Platform 16.1 (Train).

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenStack Platform 16.1 (python-flask) security update  
Advisory ID:       RHSA-2023:3446-01  
Product:           Red Hat OpenStack Platform  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3446  
Issue date:        2023-06-05  
CVE Names:         CVE-2023-30861   
=====================================================================

1. Summary:

An update for python-flask is now available for Red Hat OpenStack Platform  
16.1 (Train).

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 16.1 - noarch

3. Description:

Flask is called a “micro-framework” because the idea to keep the core  
simple but extensible. There is no database abstraction layer, no form  
validation or anything else where different libraries already exist that  
can handle that. However Flask knows the concept of extensions that can add  
this functionality into your application as if it was implemented in Flask  
itself. There are currently extensions for object relational mappers, form  
validation, upload handling, various open authentication technologies and  
more.

Security Fix(es):

* Possible disclosure of permanent session cookie due to missing Vary:  
Cookie header (CVE-2023-30861)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2196643 - CVE-2023-30861 flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header

6. Package List:

Red Hat OpenStack Platform 16.1:

Source:  
python-flask-1.0.2-8.el8ost.src.rpm

noarch:  
python3-flask-1.0.2-8.el8ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-30861  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH53pdzjgjWX9erEAQg8lw//b6uYgkWJ7vu0404JVWDmPmw4+UolL/Ne  
ugFYxIvCEsj7aBcv7hcUT/AzFbKSC+kmG2LPgNmXPxmoyxgvtmX5cmfJ3I2yx62r  
DleLwfKkmaPYFOQHu2EZEHUu+UrwMqQwOLm5Q+dZbfMuToZYGdG7k8ygKYbONK4l  
xzvYKHyyOYV6/sjO23qTgZMWl1OUibKJWcK0jmbw0W5uwZrbdLDy78i35Z9Lzmwz  
cAUF3SofkV3V2DizB2zIQ+WVyajdPtW3awOHu5Ss0Pf50e7rWuieuyWtgxM1OEHc  
TKFSdphhfUbbkSZDi1Yw66/SuMTa1NumbpHz9zAMwEquRyY00SFbpeEznc17GKoe  
9sPgwwZj+BcbdUKZHA9qTlv4pWNPE+IqWtt7aD8KqqQYs3V+zYmdXjzDGvVXE18m  
SoG13W81uKOWYhn+ZOQetfFpOdIETA5j6tY+hg1cpofqpZ/m+SoqCuVxqRFQsR6H  
QqFlveWv/FIpfoQJvzpiGPIEUswyG8kAn4fxVU5oqweo20WWplz2foiTxCd6pldm  
13DsPXTfqFiYXKfaxBjn7VhZ+3HIR8BZzLMj7E53/+B0fqC8KGGTWgsNDWmKe2sX  
toncwDU4Og8Qw848+fYZJbs3R3PrmJy8q40UWZHlKkcP1Qj0CEk6kB9K8F02zD7r  
EVc0Nlt1wsw=  
=1E7v  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3446-01

Red Hat Security Advisory 2023-3431-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:3431-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3431  
Issue date:        2023-06-05  
CVE Names:         CVE-2022-3564 CVE-2022-4378   
=====================================================================

1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v.8.6) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: use-after-free caused by l2cap_reassemble_sdu() in  
net/bluetooth/l2cap_core.c (CVE-2022-3564)

* kernel: stack overflow in do_proc_dointvec and proc_skip_spaces  
(CVE-2022-4378)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c  
2152548 - CVE-2022-4378 kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.6):

Source:  
kpatch-patch-4_18_0-372_36_1-1-6.el8_6.src.rpm  
kpatch-patch-4_18_0-372_40_1-1-6.el8_6.src.rpm  
kpatch-patch-4_18_0-372_41_1-1-5.el8_6.src.rpm  
kpatch-patch-4_18_0-372_46_1-1-3.el8_6.src.rpm  
kpatch-patch-4_18_0-372_51_1-1-2.el8_6.src.rpm  
kpatch-patch-4_18_0-372_52_1-1-1.el8_6.src.rpm

ppc64le:  
kpatch-patch-4_18_0-372_36_1-1-6.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_36_1-debuginfo-1-6.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_36_1-debugsource-1-6.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_40_1-1-6.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_40_1-debuginfo-1-6.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_40_1-debugsource-1-6.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_41_1-1-5.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_41_1-debuginfo-1-5.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_41_1-debugsource-1-5.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_46_1-1-3.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_46_1-debuginfo-1-3.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_46_1-debugsource-1-3.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_51_1-1-2.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_51_1-debuginfo-1-2.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_51_1-debugsource-1-2.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_52_1-1-1.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_52_1-debuginfo-1-1.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_52_1-debugsource-1-1.el8_6.ppc64le.rpm

x86_64:  
kpatch-patch-4_18_0-372_36_1-1-6.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_36_1-debuginfo-1-6.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_36_1-debugsource-1-6.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_40_1-1-6.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_40_1-debuginfo-1-6.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_40_1-debugsource-1-6.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_41_1-1-5.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_41_1-debuginfo-1-5.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_41_1-debugsource-1-5.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_46_1-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_46_1-debuginfo-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_46_1-debugsource-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_51_1-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_51_1-debuginfo-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_51_1-debugsource-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_52_1-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_52_1-debuginfo-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_52_1-debugsource-1-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-3564  
https://access.redhat.com/security/cve/CVE-2022-4378  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH53ltzjgjWX9erEAQjL1A//SXtOUNzylRkLiafG9pFKnIdAzNlLG/Fy  
9sieWb7ffaXBYe3uty4JztqZE5a8kXylXVxvGexKq8PwrNhA9WIGo1GqbrZ0T+CF  
4ycGhbr+DXyHaNvXFIdnj1e1v6jrGlNdFbofmEQ2lQ/FpbaCLvmV1E2Z95dIIa75  
Usvf8mt6kDPP4NtOlGucrUSqBId6SleAnNjI4i3Itt/K35ErcAjsx1dLmjcpy7wX  
VdSj75kFiJv2iknwy0IfWyEnXmbFpH9rw9QCoy4804m6Q8ldqgj/C5+HKF2wkkjx  
k7UvAbQtQhpUiGKDmGEU1iXTrW7gJXPwpj6r+HpXgcnzxl0pn6pdA1l2oVZaExQY  
Ak3dwPeR+XHmRdnt7XE3osxvv5xNBFitdfVdq0Stk578PvUT0/IzKoKydaAzgFJb  
6hR7g+ab7yHSbUCaZoRgMfVPopPkYE6qLxfH4pEOjc/Xf9EGyJgTVIObZgigcKqI  
3OSkwJ4Db+h7VZlIZqpxp/e72DXT3CaihXLxgPLhGBxhz1xlOZrxZLjWyVR7iQw9  
wb9U2zBVxOYHryw+hoBMDgqVZcriwXWjV0dW5ExpJEU6EwXiw2+Ge5Gc/iy10zZP  
JM1f1H0xIKoA9Xufvl6MtmHzHpif2hSb1PJ+wV/M+MPo39FBMbujo0fx+111LHdK  
vWX7iHWwHCw=  
=yZd1  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3431-01

Red Hat Security Advisory 2023-3429-02 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: cups-filters security update  
Advisory ID:       RHSA-2023:3429-02  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3429  
Issue date:        2023-06-02  
CVE Names:         CVE-2023-24805   
=====================================================================

1. Summary:

An update for cups-filters is now available for Red Hat Enterprise Linux  
8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.1) - aarch64, ppc64le, s390x, x86_64

3. Description:

The cups-filters package contains back ends, filters, and other software  
that was once part of the core Common UNIX Printing System (CUPS)  
distribution but is now maintained independently.

Security Fix(es):

* cups-filters: remote code execution in cups-filters, beh CUPS backend  
(CVE-2023-24805)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2203051 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.1):

Source:  
cups-filters-1.20.0-18.el8_1.1.src.rpm

aarch64:  
cups-filters-1.20.0-18.el8_1.1.aarch64.rpm  
cups-filters-debuginfo-1.20.0-18.el8_1.1.aarch64.rpm  
cups-filters-debugsource-1.20.0-18.el8_1.1.aarch64.rpm  
cups-filters-libs-1.20.0-18.el8_1.1.aarch64.rpm  
cups-filters-libs-debuginfo-1.20.0-18.el8_1.1.aarch64.rpm

ppc64le:  
cups-filters-1.20.0-18.el8_1.1.ppc64le.rpm  
cups-filters-debuginfo-1.20.0-18.el8_1.1.ppc64le.rpm  
cups-filters-debugsource-1.20.0-18.el8_1.1.ppc64le.rpm  
cups-filters-libs-1.20.0-18.el8_1.1.ppc64le.rpm  
cups-filters-libs-debuginfo-1.20.0-18.el8_1.1.ppc64le.rpm

s390x:  
cups-filters-1.20.0-18.el8_1.1.s390x.rpm  
cups-filters-debuginfo-1.20.0-18.el8_1.1.s390x.rpm  
cups-filters-debugsource-1.20.0-18.el8_1.1.s390x.rpm  
cups-filters-libs-1.20.0-18.el8_1.1.s390x.rpm  
cups-filters-libs-debuginfo-1.20.0-18.el8_1.1.s390x.rpm

x86_64:  
cups-filters-1.20.0-18.el8_1.1.x86_64.rpm  
cups-filters-debuginfo-1.20.0-18.el8_1.1.i686.rpm  
cups-filters-debuginfo-1.20.0-18.el8_1.1.x86_64.rpm  
cups-filters-debugsource-1.20.0-18.el8_1.1.i686.rpm  
cups-filters-debugsource-1.20.0-18.el8_1.1.x86_64.rpm  
cups-filters-libs-1.20.0-18.el8_1.1.i686.rpm  
cups-filters-libs-1.20.0-18.el8_1.1.x86_64.rpm  
cups-filters-libs-debuginfo-1.20.0-18.el8_1.1.i686.rpm  
cups-filters-libs-debuginfo-1.20.0-18.el8_1.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-24805  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZH53jtzjgjWX9erEAQh0vg//UBqwZMmzLAZt1mOBI3HSkj041LcSFG7w  
s70FPF3/KUdtxYcZvwVLWt4J4HdUSXIfgh9hY1ZLfOhbYtRmel32GWUAqM6RK1nX  
U4ZXwDF+wSF1bxyybzMnCRUFifHM6ACNfqZUxZ8GTy7zG9r8LAN0k76y5DxfmiHg  
RJFowO6p4aCQDPqU1X0GxFre9D99YSrhMKeefzF0cmFF1QPpdWPgRIy6pkzJ+cK1  
WG1pF6c+/F6RrubW3nyubLFkMnlLe6/KAgG5pub8iuGpUNqC0EF85hOnigA8S6qH  
3XzVBAz52WIErT69CHTqv+c/EIZJNME69fTDNFqegwOzCu8sCX2iXmaaaMF21okf  
NoJqS5OeizkKMndAwMPAp4JxNg9n+HNDrfLTDsdVkNJi8TBYh4ODzJEgy9WWciwB  
mxp5lFtzHDt4K/4HiI74FltUPK3LhtS8c8tRP9f/BCBIIMmdi/Fvhta+RgKinoLP  
tW3b+/oO4Lqmat16YzsnjQsCSkowxUYPdKwOtlXN1q9fH2O7G8zeXPB2fewGyyoj  
c/qn1sO4iTEiB8CStxStNIqjIjux4O4qNmPbZN9iLwRZRo/1DT/8Gzz1aFRiJdQo  
31wetgcMa+kdiYQcwl5J6BXFmJsfIW6FQ3hxgiF0fzcaMKApbz3+sBfSj+BiPAEX  
vAPD413QGSM=  
=n2OG  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#red_hat