Red Hat Security Advisory 2023-1437-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1437-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1437  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.1  
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1):

Source:  
openssl-1.1.1c-6.el8_1.src.rpm

aarch64:  
openssl-1.1.1c-6.el8_1.aarch64.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.aarch64.rpm  
openssl-debugsource-1.1.1c-6.el8_1.aarch64.rpm  
openssl-devel-1.1.1c-6.el8_1.aarch64.rpm  
openssl-libs-1.1.1c-6.el8_1.aarch64.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.aarch64.rpm  
openssl-perl-1.1.1c-6.el8_1.aarch64.rpm

ppc64le:  
openssl-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-debugsource-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-devel-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-libs-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.ppc64le.rpm  
openssl-perl-1.1.1c-6.el8_1.ppc64le.rpm

s390x:  
openssl-1.1.1c-6.el8_1.s390x.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.s390x.rpm  
openssl-debugsource-1.1.1c-6.el8_1.s390x.rpm  
openssl-devel-1.1.1c-6.el8_1.s390x.rpm  
openssl-libs-1.1.1c-6.el8_1.s390x.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.s390x.rpm  
openssl-perl-1.1.1c-6.el8_1.s390x.rpm

x86_64:  
openssl-1.1.1c-6.el8_1.x86_64.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.i686.rpm  
openssl-debuginfo-1.1.1c-6.el8_1.x86_64.rpm  
openssl-debugsource-1.1.1c-6.el8_1.i686.rpm  
openssl-debugsource-1.1.1c-6.el8_1.x86_64.rpm  
openssl-devel-1.1.1c-6.el8_1.i686.rpm  
openssl-devel-1.1.1c-6.el8_1.x86_64.rpm  
openssl-libs-1.1.1c-6.el8_1.i686.rpm  
openssl-libs-1.1.1c-6.el8_1.x86_64.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.i686.rpm  
openssl-libs-debuginfo-1.1.1c-6.el8_1.x86_64.rpm  
openssl-perl-1.1.1c-6.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7dzjgjWX9erEAQj2fBAAonoENVQK1z0o1faaI5kJcpcjudplrNTx  
CWn5Q1bA7ZOU+8F4kocdGWUHfF7IIFHmcV/bfkz0pyOEx14pHdi4gbfp7DHMg+vh  
TnJBtCqCJVGWmoDu4qUzm81w96lSgRTFweoMdk8DZL8GBfPF7ZW4q46A8oBCxkXC  
jQ1gAhHZEfeDKCSsQ+JJvtjSZdAKCf3iDimy6FMFHDLg9hqXns+UXZ+7mJD3UpLP  
gqfzM8a1+YonxtC1piovlY7KaWV7EpgufVCzILjwXiLeKivfUo4SGDdw+fsv5rzr  
ex1qOKg9mucu3nq5eoZaOomtrvhFW9P8igS1aZVWNcdhv/nbYBkhUZ04U9wwnOru  
t5936OJzyl5gQxKTA3RCX45z4qs6TUE07DB4LYSrmXj1yQXZcwahJIB5/N63ttbn  
pqt04m9xLybFsn2+8TCOiBwfZUkrKsoepjBVrqcC05yfL41fsoZao7ZwLSiptByZ  
UO5Xy4wUQjOIRCqUkquE2GidOhVdIvQhrjOj2tsaW3vHSXsYLICBxru5fOTKsNdz  
fKdIDy0S62gU2QQeSWBukCIZTnWw7sfxWZJ1p4M//JgbA5njA59iBTv+zNSQ93pr  
I/GPiwNZInjgIWFPaUkrvn0O5VejKPb+i6Mz5ACd8GJPWOFxjxDCbnarqAlaMi7D  
s7TQu68jDN4ÏEA  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1437-01

Red Hat Security Advisory 2023-1439-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1439-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1439  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux BaseOS AUS (v. 8.2):

Source:  
openssl-1.1.1c-21.el8_2.src.rpm

aarch64:  
openssl-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.aarch64.rpm  
openssl-devel-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-perl-1.1.1c-21.el8_2.aarch64.rpm

ppc64le:  
openssl-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debugsource-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-devel-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-perl-1.1.1c-21.el8_2.ppc64le.rpm

s390x:  
openssl-1.1.1c-21.el8_2.s390x.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-debugsource-1.1.1c-21.el8_2.s390x.rpm  
openssl-devel-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-perl-1.1.1c-21.el8_2.s390x.rpm

x86_64:  
openssl-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.i686.rpm  
openssl-debugsource-1.1.1c-21.el8_2.x86_64.rpm  
openssl-devel-1.1.1c-21.el8_2.i686.rpm  
openssl-devel-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-perl-1.1.1c-21.el8_2.x86_64.rpm

Red Hat Enterprise Linux BaseOS E4S (v. 8.2):

Source:  
openssl-1.1.1c-21.el8_2.src.rpm

aarch64:  
openssl-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.aarch64.rpm  
openssl-devel-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-perl-1.1.1c-21.el8_2.aarch64.rpm

ppc64le:  
openssl-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debugsource-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-devel-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-perl-1.1.1c-21.el8_2.ppc64le.rpm

s390x:  
openssl-1.1.1c-21.el8_2.s390x.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-debugsource-1.1.1c-21.el8_2.s390x.rpm  
openssl-devel-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-perl-1.1.1c-21.el8_2.s390x.rpm

x86_64:  
openssl-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.i686.rpm  
openssl-debugsource-1.1.1c-21.el8_2.x86_64.rpm  
openssl-devel-1.1.1c-21.el8_2.i686.rpm  
openssl-devel-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-perl-1.1.1c-21.el8_2.x86_64.rpm

Red Hat Enterprise Linux BaseOS TUS (v. 8.2):

Source:  
openssl-1.1.1c-21.el8_2.src.rpm

aarch64:  
openssl-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.aarch64.rpm  
openssl-devel-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-1.1.1c-21.el8_2.aarch64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.aarch64.rpm  
openssl-perl-1.1.1c-21.el8_2.aarch64.rpm

ppc64le:  
openssl-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-debugsource-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-devel-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.ppc64le.rpm  
openssl-perl-1.1.1c-21.el8_2.ppc64le.rpm

s390x:  
openssl-1.1.1c-21.el8_2.s390x.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-debugsource-1.1.1c-21.el8_2.s390x.rpm  
openssl-devel-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-1.1.1c-21.el8_2.s390x.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.s390x.rpm  
openssl-perl-1.1.1c-21.el8_2.s390x.rpm

x86_64:  
openssl-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-debugsource-1.1.1c-21.el8_2.i686.rpm  
openssl-debugsource-1.1.1c-21.el8_2.x86_64.rpm  
openssl-devel-1.1.1c-21.el8_2.i686.rpm  
openssl-devel-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-1.1.1c-21.el8_2.x86_64.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.i686.rpm  
openssl-libs-debuginfo-1.1.1c-21.el8_2.x86_64.rpm  
openssl-perl-1.1.1c-21.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7NzjgjWX9erEAQh6gw//WJqLt9YyobqWOBG/NpiC73QzLQWHbVIh  
QPwDMXRYgHGUynZzutvtJsO2wAuWlplIdvKkHQRqYBFLJBVjZMz1PzgFm5EWZiY9  
4VNXNiP95rAU/IyhBqJKiHMtIfqmQPhO9DD/BKafUjc54umAowSBmZyHL5LnCtka  
XApVLo035R1mwUNWQsc0pOULWRDNKoYjZE7QR9ioUkQKSNC9zBgUXnS08uPh7BHD  
HjxsugjqH/3HNaLzF+56oKmFsZpbw9ZSnOfoM8pqBl1+A7twToR/8VvEKfvfhbid  
v+PaAH7SQcavJq7ot9p9dpNvfd161QXtK9tQXmbNC/WLSY3pYy4ju7GdDfedeS45  
63tDSkN1TVTiZnYJ4DcvEovWKfERLfw0ejdn0vQwAEHYEVlqFGsGMDFsHw3QTMGN  
hF8ynU/OB+pXOe2/V0PTvXix1c9NemE3jejQH/+I54TJTv0MWtSpq9jVTwGiqEFl  
oNoO4TQqPWHhOhfPYy7Kwom200ND6PKsiHdfSNlpB7SWbWXsvscY6Bn9JN8E9rff  
ubQcuoFR/9i8t9hoj2mPr/vcAqc5l/g75KwhHZD870gwuf7BgzOWQdmGlmA8KKRx  
9qmiwEZxPbQ0GL4hFX3H5LKntkt8w6DlhCXQzlM7cWZHI7M5jj7mxjlYJ4EDRC5C  
NZEzG8SUmpA=Knf2  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1439-01

Red Hat Security Advisory 2023-1441-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1441-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1441  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.6):

Source:  
openssl-1.1.1k-8.el8_6.src.rpm

aarch64:  
openssl-1.1.1k-8.el8_6.aarch64.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.aarch64.rpm  
openssl-debugsource-1.1.1k-8.el8_6.aarch64.rpm  
openssl-devel-1.1.1k-8.el8_6.aarch64.rpm  
openssl-libs-1.1.1k-8.el8_6.aarch64.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.aarch64.rpm  
openssl-perl-1.1.1k-8.el8_6.aarch64.rpm

ppc64le:  
openssl-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-debugsource-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-devel-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-libs-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.ppc64le.rpm  
openssl-perl-1.1.1k-8.el8_6.ppc64le.rpm

s390x:  
openssl-1.1.1k-8.el8_6.s390x.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.s390x.rpm  
openssl-debugsource-1.1.1k-8.el8_6.s390x.rpm  
openssl-devel-1.1.1k-8.el8_6.s390x.rpm  
openssl-libs-1.1.1k-8.el8_6.s390x.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.s390x.rpm  
openssl-perl-1.1.1k-8.el8_6.s390x.rpm

x86_64:  
openssl-1.1.1k-8.el8_6.x86_64.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.i686.rpm  
openssl-debuginfo-1.1.1k-8.el8_6.x86_64.rpm  
openssl-debugsource-1.1.1k-8.el8_6.i686.rpm  
openssl-debugsource-1.1.1k-8.el8_6.x86_64.rpm  
openssl-devel-1.1.1k-8.el8_6.i686.rpm  
openssl-devel-1.1.1k-8.el8_6.x86_64.rpm  
openssl-libs-1.1.1k-8.el8_6.i686.rpm  
openssl-libs-1.1.1k-8.el8_6.x86_64.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.i686.rpm  
openssl-libs-debuginfo-1.1.1k-8.el8_6.x86_64.rpm  
openssl-perl-1.1.1k-8.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7NzjgjWX9erEAQjEGRAAk+B4NZVXOw/6ESexdRQa3UoAJBzJ6KaY  
IUjQ45hsLjQQd6bYj79D4V6onHaCUZwxD5KPzAL8rz29gfUJbN5dAef4F1Zq+k3Y  
5dutPiVFLZ5C5wuX2cPgKp6GOsShlwWR/D3pjO67L+oeQEoYJ1K9nhqc5Pg/2dbJ  
5mPejApHZ5iw6V3XQq8s9hHmkRB+dF7jKzRFjttBk3Enec5Y93krT90L0oKkarcd  
Q6oNqtcQBnMK2994D9LdKri9uYBZ+PTpgchfGxsIaceeJwGaslNxyNAbsk5bywHC  
3F7ajsM/VkbpEPYqonjX4Ww+SjR4qnfBAhSJDn88GP29I0htmNlsk8zRpwbKpdxn  
J2CbdgHASLoKMa6+o3tpkSQgwgTjoL4Z9yQvCTW1O6Q+21lKEfwCIqoh70BzINy3  
fN13qgUocmC2H7DT/cM1yxG849qUt0QCN0Y6UmIZytzdfTPib5ZR0PK7z8NEPih8  
cFr2uIGKa2UvisJ8wtSQ3KiIWjy+cU7zbPJAh6QDch82wLPrBTy7koyB+9qbZ408  
Whff+suKBHWxNXLwjnS2N6U7uodZry0cCTlusoi8VrLLkg64LY4++VQZfofUmjqz  
WSFFcRGdZNbCi9XFWCJWZ+suiNiuRyKhzM7y8GlAyCdHb1uzk7g4fKIiUkd0tthT  
FS5/PuRmzNI=pQbM  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1441-01

Red Hat Security Advisory 2023-1438-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1438-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1438  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 6  
Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server (v. 6 ELS) - i386, s390x, x86_64  
Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux Server (v. 6 ELS):

Source:  
openssl-1.0.1e-61.el6_10.src.rpm

i386:  
openssl-1.0.1e-61.el6_10.i686.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.i686.rpm  
openssl-devel-1.0.1e-61.el6_10.i686.rpm

s390x:  
openssl-1.0.1e-61.el6_10.s390.rpm  
openssl-1.0.1e-61.el6_10.s390x.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.s390.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.s390x.rpm  
openssl-devel-1.0.1e-61.el6_10.s390.rpm  
openssl-devel-1.0.1e-61.el6_10.s390x.rpm

x86_64:  
openssl-1.0.1e-61.el6_10.i686.rpm  
openssl-1.0.1e-61.el6_10.x86_64.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.i686.rpm  
openssl-debuginfo-1.0.1e-61.el6_10.x86_64.rpm  
openssl-devel-1.0.1e-61.el6_10.i686.rpm  
openssl-devel-1.0.1e-61.el6_10.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6 ELS):

i386:  
openssl-debuginfo-1.0.1e-61.el6_10.i686.rpm  
openssl-perl-1.0.1e-61.el6_10.i686.rpm  
openssl-static-1.0.1e-61.el6_10.i686.rpm

s390x:  
openssl-debuginfo-1.0.1e-61.el6_10.s390x.rpm  
openssl-perl-1.0.1e-61.el6_10.s390x.rpm  
openssl-static-1.0.1e-61.el6_10.s390x.rpm

x86_64:  
openssl-debuginfo-1.0.1e-61.el6_10.x86_64.rpm  
openssl-perl-1.0.1e-61.el6_10.x86_64.rpm  
openssl-static-1.0.1e-61.el6_10.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7NzjgjWX9erEAQjEng/9H4eD9JfHPrMo7I2nNn5BmFSsAkVKGJmH  
S+UwS28apMed5VKlk+kZuBlJh3q6FhE2TlEU+bQ2FjJCFi77UWzlI4upEvjbq//1  
p+U+3/mW1safS9tGkWzQ412ZyEJFwmiO5LwBdzTg8MFwt1DnE3Dqhx+DD5DY19hN  
+v8tOPVDKG7WthUB0bnzI38GKAo6xCNwHXAH/22SRgBMbxMp6PY9NoiXpNt8YON3  
YFIW16qvTpjfWtKvalhmg97icKyxEh/hOXThHgaLT8m39NfiMrb0uNYMOsPuYos8  
/uXuQXSlGCfKSAf6wz1KMa94fg9p1GXuW2dLM+hgjENcIKGFiB6Wqp6LrrIezT1j  
0v4XRtcTp6Qhq2YR+053EI1VBZa7Uj0icWiN8o0efgOezX7LdyucRMa7jWkPac72  
ewpf59CSsUuvuh8+DJhZAr1bnK1LDiP9WwAmL6KC7pe+/hGGHuPNxmA3bB2pNRXu  
k9CAuxTtpEGqM8NpvvtnixNJ/vhvJ1r7jQErwVDLSBNlYEtEDxPk7TsDxdhlA2Tf  
o6aZi4yMFDdJSrktR96t+xthkgjkHicMn3wt+XSFzXAWNf0+nBR6Jm8PxD19eApB  
DDI0U0Alkd1mG9EehN/gDegTorACR+lJccdgc0O+j37rtMNuxGT9LpiwWJj5xn7i  
dKBbvGOB2ok=W1uu  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1438-01

Red Hat Security Advisory 2023-1442-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:1442-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1442  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-25751 CVE-2023-25752 CVE-2023-28162  
                   CVE-2023-28164 CVE-2023-28176  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1  
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.1) - ppc64le, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.9.0.

Security Fix(es):

* Mozilla: Incorrect code generation during JIT compilation  
(CVE-2023-25751)

* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9  
(CVE-2023-28176)

* Mozilla: Potential out-of-bounds when accessing throttled streams  
(CVE-2023-25752)

* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

* Mozilla: URL being dragged from a removed cross-origin iframe into the  
same tab triggered navigation (CVE-2023-28164)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2178458 - CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation  
2178460 - CVE-2023-25752 Mozilla: Potential out-of-bounds when accessing throttled streams  
2178466 - CVE-2023-28162 Mozilla: Invalid downcast in Worklets  
2178470 - CVE-2023-28164 Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation  
2178472 - CVE-2023-28176 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.1):

Source:  
thunderbird-102.9.0-2.el8_1.src.rpm

ppc64le:  
thunderbird-102.9.0-2.el8_1.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-2.el8_1.ppc64le.rpm  
thunderbird-debugsource-102.9.0-2.el8_1.ppc64le.rpm

x86_64:  
thunderbird-102.9.0-2.el8_1.x86_64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_1.x86_64.rpm  
thunderbird-debugsource-102.9.0-2.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-25751  
https://access.redhat.com/security/cve/CVE-2023-25752  
https://access.redhat.com/security/cve/CVE-2023-28162  
https://access.redhat.com/security/cve/CVE-2023-28164  
https://access.redhat.com/security/cve/CVE-2023-28176  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7dzjgjWX9erEAQiDhQ//WZN53iMM+vQklg2sgeqWFU4w9622Ndy2  
UiCyKDvrDPVaT09ZKpjvjVFVMitQ/D4M4P7HVvyduqA2rs/DMoAF5OcDHKJKzJpn  
AlOy4ti6dsnozKSmuzAl9UbZqiuvevnoangePNvnClxEvDX8svAxTrARIJ0AkC1F  
OmBpycj2C7B3MzSLcw1WtiL5rDkV06Za2oGB2h5Bj5u6Nw+frx6qZ2EBR6Lwhbfh  
qgZ78hj0bd/kaPLwZOmWaYfjA0Fl6xPdnWwlYQsefDmHJeyatO8fEuNTaNNFnBuf  
nZSnuCNRY0D+WUXChA2sRvc4+tJkeoBIL7XVBYocSOZDChpHBBk5uYTAavE9npYh  
t3T/ji28j0EN4F6SjUKA/BrCb4YMngDozHbhflbUNReKc/TN3O9BtD1Owy0gw3/N  
YRW93nrDaZ/FuaKm4o3rzJDXYaiYWWcm8aaQALqZq3jnTYaq7Mov9ARNEkOYSXKX  
ZnkkDJNIkUWsdxispXx/qacTR6jxePEeX3fC5/nYIuKr19mbxJpbErU4+3WrXwpt  
pmB/Vl2sybnvqr0wdM4LSTbfsnVfRn/+rqBUJC2n8wRPeTp2HzXF3Sv5cV+Fw8Oy  
0pFAHaOdU7eC1yMluHdw9a51wJH6U3G8L5SJp7uHPH9fSRpHocS+ncbQ1+eGMvRD  
WlWFLUh+aHo=5PlR  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1442-01

Red Hat Security Advisory 2023-1443-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:1443-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1443  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-25751 CVE-2023-25752 CVE-2023-28162  
                   CVE-2023-28164 CVE-2023-28176  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.9.0.

Security Fix(es):

* Mozilla: Incorrect code generation during JIT compilation  
(CVE-2023-25751)

* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9  
(CVE-2023-28176)

* Mozilla: Potential out-of-bounds when accessing throttled streams  
(CVE-2023-25752)

* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

* Mozilla: URL being dragged from a removed cross-origin iframe into the  
same tab triggered navigation (CVE-2023-28164)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2178458 - CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation  
2178460 - CVE-2023-25752 Mozilla: Potential out-of-bounds when accessing throttled streams  
2178466 - CVE-2023-28162 Mozilla: Invalid downcast in Worklets  
2178470 - CVE-2023-28164 Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation  
2178472 - CVE-2023-28176 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
thunderbird-102.9.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
thunderbird-102.9.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
thunderbird-102.9.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.9.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.9.0-2.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-25751  
https://access.redhat.com/security/cve/CVE-2023-25752  
https://access.redhat.com/security/cve/CVE-2023-28162  
https://access.redhat.com/security/cve/CVE-2023-28164  
https://access.redhat.com/security/cve/CVE-2023-28176  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7dzjgjWX9erEAQi/sg/+NLD4hWXVuxCNvUPRPIcFOvAxbUVPuy8+  
oCypHbape84h8IspAQQc3xy2phNnJCeZ+03kI4YuIn9sDsh17T3diDCQKq/Ltwwn  
pfKfCffM00QlNIv2yLgGz4m/lU08oF27VsQcV4hdTlNv1Hx4cp+h3xee2KBEzY4W  
pywMVZhGgKlaigIzyb6J/MhSDKBp6OLE4glgNkec4dRDjLtWK2BWxSNAOi07/ppX  
LxIrEvQlIjG0mh/6sOakXuuaXdVkpoScHPsGEhQxd8Ri1xrHPcO+udKuWahQzpkp  
Say6MDprb25u/hdNA387kkH4d6aaVS2iMZP6L2U0Z0c4dDDuBeC65fMeuPlRxMjJ  
/+hsCsUvJfFYUXm4ILrzoB9OyYwsvnGMeXd7dCJvcgN84m8bfJLx45hKiduIkmcd  
pSztKh6W2OippMaJaDdJTnvy5Pg5KysL+1J9mA5VEjaGfLGnFXghHbxrFTsfLqTJ  
X2avB3RxFX04Gp3cyTQlDP4hsEIUM+57zOQtIJqtJyVqbcGiVPSgUfOtaJZdjvvc  
IW5WHXkWzquFYSDTRB7CCAVPY5ZRCXvJ4W1ziRZPWmEYMYYSAZA8IIqFXoe2wUMD  
4eiXjCy4Y9ZuCnYoEnOSr0Yhv8ApB/tGvLoL2cHxvA6bimi0laZzYyrnGhGcxxnA  
Iuuhp2w3Qb0=I1JY  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1443-01

Red Hat Security Advisory 2023-1406-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: nss security update  
Advisory ID:       RHSA-2023:1406-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1406  
Issue date:        2023-03-22  
CVE Names:         CVE-2023-0767  
====================================================================  
1. Summary:

An update for nss is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

Network Security Services (NSS) is a set of libraries designed to support  
the cross-platform development of security-enabled client and server  
applications.

Security Fix(es):

* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, applications using NSS (for example, Firefox)  
must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2170377 - CVE-2023-0767 nss: Arbitrary memory write via PKCS 12

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
nss-3.53.1-13.el8_2.src.rpm

aarch64:  
nss-3.53.1-13.el8_2.aarch64.rpm  
nss-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-debugsource-3.53.1-13.el8_2.aarch64.rpm  
nss-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-3.53.1-13.el8_2.aarch64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-devel-3.53.1-13.el8_2.aarch64.rpm

ppc64le:  
nss-3.53.1-13.el8_2.ppc64le.rpm  
nss-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-debugsource-3.53.1-13.el8_2.ppc64le.rpm  
nss-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-devel-3.53.1-13.el8_2.ppc64le.rpm

s390x:  
nss-3.53.1-13.el8_2.s390x.rpm  
nss-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-debugsource-3.53.1-13.el8_2.s390x.rpm  
nss-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-tools-3.53.1-13.el8_2.s390x.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-3.53.1-13.el8_2.s390x.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-devel-3.53.1-13.el8_2.s390x.rpm

x86_64:  
nss-3.53.1-13.el8_2.i686.rpm  
nss-3.53.1-13.el8_2.x86_64.rpm  
nss-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-debugsource-3.53.1-13.el8_2.i686.rpm  
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm  
nss-devel-3.53.1-13.el8_2.i686.rpm  
nss-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-3.53.1-13.el8_2.i686.rpm  
nss-softokn-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-3.53.1-13.el8_2.i686.rpm  
nss-util-3.53.1-13.el8_2.x86_64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-devel-3.53.1-13.el8_2.i686.rpm  
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
nss-3.53.1-13.el8_2.src.rpm

aarch64:  
nss-3.53.1-13.el8_2.aarch64.rpm  
nss-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-debugsource-3.53.1-13.el8_2.aarch64.rpm  
nss-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-3.53.1-13.el8_2.aarch64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-devel-3.53.1-13.el8_2.aarch64.rpm

ppc64le:  
nss-3.53.1-13.el8_2.ppc64le.rpm  
nss-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-debugsource-3.53.1-13.el8_2.ppc64le.rpm  
nss-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-devel-3.53.1-13.el8_2.ppc64le.rpm

s390x:  
nss-3.53.1-13.el8_2.s390x.rpm  
nss-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-debugsource-3.53.1-13.el8_2.s390x.rpm  
nss-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-tools-3.53.1-13.el8_2.s390x.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-3.53.1-13.el8_2.s390x.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-devel-3.53.1-13.el8_2.s390x.rpm

x86_64:  
nss-3.53.1-13.el8_2.i686.rpm  
nss-3.53.1-13.el8_2.x86_64.rpm  
nss-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-debugsource-3.53.1-13.el8_2.i686.rpm  
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm  
nss-devel-3.53.1-13.el8_2.i686.rpm  
nss-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-3.53.1-13.el8_2.i686.rpm  
nss-softokn-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-3.53.1-13.el8_2.i686.rpm  
nss-util-3.53.1-13.el8_2.x86_64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-devel-3.53.1-13.el8_2.i686.rpm  
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
nss-3.53.1-13.el8_2.src.rpm

aarch64:  
nss-3.53.1-13.el8_2.aarch64.rpm  
nss-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-debugsource-3.53.1-13.el8_2.aarch64.rpm  
nss-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-3.53.1-13.el8_2.aarch64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-3.53.1-13.el8_2.aarch64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-3.53.1-13.el8_2.aarch64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.aarch64.rpm  
nss-util-devel-3.53.1-13.el8_2.aarch64.rpm

ppc64le:  
nss-3.53.1-13.el8_2.ppc64le.rpm  
nss-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-debugsource-3.53.1-13.el8_2.ppc64le.rpm  
nss-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-3.53.1-13.el8_2.ppc64le.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-3.53.1-13.el8_2.ppc64le.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.ppc64le.rpm  
nss-util-devel-3.53.1-13.el8_2.ppc64le.rpm

s390x:  
nss-3.53.1-13.el8_2.s390x.rpm  
nss-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-debugsource-3.53.1-13.el8_2.s390x.rpm  
nss-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-devel-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-3.53.1-13.el8_2.s390x.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-tools-3.53.1-13.el8_2.s390x.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-3.53.1-13.el8_2.s390x.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.s390x.rpm  
nss-util-devel-3.53.1-13.el8_2.s390x.rpm

x86_64:  
nss-3.53.1-13.el8_2.i686.rpm  
nss-3.53.1-13.el8_2.x86_64.rpm  
nss-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-debugsource-3.53.1-13.el8_2.i686.rpm  
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm  
nss-devel-3.53.1-13.el8_2.i686.rpm  
nss-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-3.53.1-13.el8_2.i686.rpm  
nss-softokn-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm  
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-3.53.1-13.el8_2.x86_64.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-3.53.1-13.el8_2.i686.rpm  
nss-util-3.53.1-13.el8_2.x86_64.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm  
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm  
nss-util-devel-3.53.1-13.el8_2.i686.rpm  
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0767  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxe+dzjgjWX9erEAQgVwA/+IBlJG0b42blekqQi5m59kTCOI8Dx9QgV  
4ZBgPpOtwfMi2jmwG754CT9TqX3AL54vWPI7AravL4uPRPl4iYKDtYxQkCfT8kS9  
9UONxRafYT41m85WWmVz6lNwB+CepaxLoGa5kkmoS3i5/k5vMiTKS64k2u1dwP7a  
IByruQA1AnB1y64SF12dRNyZtZdLNXR1KbEjky+ZyhIrsoaUF7O22jGyOE96KodS  
76Fefaq1AYHA0heg3nvZeSpT2md9lJVveinFQ2NQoot6GPPyfFhFFyvocrZeqoko  
6f0idf4QJrigftvPIv8B/rNkZVQM9ILNL3jVFrRx8Q+BcJ0WZdioqFoivt4/Y/W3  
lqwIa69X0JKQfajsp/NpCOawwavYxFJgL2jnLQBZ09J6jBhgkjoTZx051Tad02m6  
8Pe7HVP+0NXCPGUtSaR5kPdeGzS6VjwBRHpa1WX8xISbYfe9G/SyB8c/E1lSjITP  
dwwGs+foTED+xRZV16bWlHgcL2GTzFaoSYL4bi8l0pn0pDNVBzK6m+C9U9uh1ENz  
BaG6v6K6KpJ/zWXFolNczEyAi1NgcxOD16yK3Hl6IjkQAQBqH5bTOIpLUtvyfmk5  
3VZokf1RVzByjYenvmsUlqciJPC6dOFoozy3UUFCRiXKuVeWrtx48dx5enVpYmxH  
whMZIzQsfKE=UL8Q  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1406-01

Red Hat Security Advisory 2023-1404-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:1404-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1404  
Issue date:        2023-03-22  
CVE Names:         CVE-2023-25751 CVE-2023-25752 CVE-2023-28162  
                   CVE-2023-28164 CVE-2023-28176  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.9.0.

Security Fix(es):

* Mozilla: Incorrect code generation during JIT compilation  
(CVE-2023-25751)

* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9  
(CVE-2023-28176)

* Mozilla: Potential out-of-bounds when accessing throttled streams  
(CVE-2023-25752)

* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

* Mozilla: URL being dragged from a removed cross-origin iframe into the  
same tab triggered navigation (CVE-2023-28164)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2178458 - CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation  
2178460 - CVE-2023-25752 Mozilla: Potential out-of-bounds when accessing throttled streams  
2178466 - CVE-2023-28162 Mozilla: Invalid downcast in Worklets  
2178470 - CVE-2023-28164 Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation  
2178472 - CVE-2023-28176 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.6):

Source:  
thunderbird-102.9.0-1.el8_6.src.rpm

aarch64:  
thunderbird-102.9.0-1.el8_6.aarch64.rpm  
thunderbird-debuginfo-102.9.0-1.el8_6.aarch64.rpm  
thunderbird-debugsource-102.9.0-1.el8_6.aarch64.rpm

ppc64le:  
thunderbird-102.9.0-1.el8_6.ppc64le.rpm  
thunderbird-debuginfo-102.9.0-1.el8_6.ppc64le.rpm  
thunderbird-debugsource-102.9.0-1.el8_6.ppc64le.rpm

s390x:  
thunderbird-102.9.0-1.el8_6.s390x.rpm  
thunderbird-debuginfo-102.9.0-1.el8_6.s390x.rpm  
thunderbird-debugsource-102.9.0-1.el8_6.s390x.rpm

x86_64:  
thunderbird-102.9.0-1.el8_6.x86_64.rpm  
thunderbird-debuginfo-102.9.0-1.el8_6.x86_64.rpm  
thunderbird-debugsource-102.9.0-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-25751  
https://access.redhat.com/security/cve/CVE-2023-25752  
https://access.redhat.com/security/cve/CVE-2023-28162  
https://access.redhat.com/security/cve/CVE-2023-28164  
https://access.redhat.com/security/cve/CVE-2023-28176  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxe+dzjgjWX9erEAQhH0hAAn+dGyNfI2xVp0qr66rpGD5I7c9lLoa1p  
DmiUGUw1obkvqD7pvlqvLXcMAyYviDDoy048aZ1I7tsZwmrf8FDy+zuBakqo/XCA  
lS371eKgDlAbLfz24sFJdDITAo+mUFYzU6WE3iRmjZ+0L/o6fuhMeaBEL1nM4+ry  
3Q0QkzgJi/2fLzXMg6BG6kIBwKe1v8hMMH1YVrBduyYUQNGIGUvbektfvbVPCgIq  
q+9Lj/SIkeUyW0VjciEmwOXNmqtZGSi79/VUUEBCWbQDMKNWrsMpo5O/kjgyv6Qq  
aZveKztob1sbhw1q7p5waGmKwkv2DU8qymmnfBolutJupVlLcs2GaX4h6r5B4vzl  
e7uQHGgRWFmyfOa7i5jeSc6w855bz+mTtd4OBKM7HllVlHBxF5m7gsfjgbaiGfgO  
Lw1u5dcvS4sUhIEjoQ4BhOHzXZQ8eo7h0NC9HEWABax2kZmJjzTdGIevDpKr35CM  
dx4/HgUNyc9G5qL7Z5H04zPdus5yB9LJxhvz9jASMEMBFAuxXfiqMGk8Hgy2MRWO  
+tXo6QET/NzwSgj7VosCogb8a7S//KoH3hHaM6x5Ff9VxZiEpy9TDw98RK/A0GD3  
yvZT7ckqTMp6xR2ArXkMDxcIuGX45T0xYLlO5S3xcrx0b6NBzy619UX261P3RCJ9  
9ywwF2mhR8A=Zc5g  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1404-01

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.

**Red Hat Product Security Center**

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

CVE-2023-0056: Red Hat Customer Portal - Access to 24x7 support and knowledge

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.

Tag

#red_hat