Red Hat Security Advisory 2023-0114-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update  
Advisory ID:       RHSA-2023:0114-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0114  
Issue date:        2023-01-12  
CVE Names:         CVE-2022-2964 CVE-2022-4139   
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64  
Red Hat Enterprise Linux for Real Time (v. 8) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables  
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: memory corruption in AX88179_178A based USB ethernet device.  
(CVE-2022-2964)

* kernel: i915: Incorrect GPU TLB flush can lead to random memory access  
(CVE-2022-4139)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* The latest RHEL 8.7.z1 kernel changes need to be merged into the RT  
source tree to keep source parity between the two kernels. (BZ#2137411)

* [DELL EMC 8.6-RT BUG] System is not booting into RT Kernel with perc12.  
(BZ#2139867)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.  
2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access

6. Package List:

Red Hat Enterprise Linux Real Time for NFV (v. 8):

Source:  
kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.src.rpm

x86_64:  
kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-kvm-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-kvm-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

Red Hat Enterprise Linux for Real Time (v. 8):

Source:  
kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.src.rpm

x86_64:  
kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2964  
https://access.redhat.com/security/cve/CVE-2022-4139  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY7/jAtzjgjWX9erEAQhnKg//UYktJzLxcCq9/muMdr2bc0okwpJuoXPX  
JsYZ5YK/IkGX3/b7yqmrdXd3pEm/gLhANI4t9AvcSV2xbJVCyDbcGSz62P2NRI/k  
E4Rf+qGenUeGmez9T/FojeEU0vkpsogRuCGb0T69j77lVdoNdublAxdfz/UdVDz9  
K2KMIDkLxBuQYmAkTqCIqBjXm/dkQWJADwUegbP12akZ8x0wpVSPdpxvV9UUPKMz  
AluaBqgA/kjznqxHGNFubpAqLfgHl5BVGhX8eK7UrXdDbXNtEfdT6dHbGVqBxm2L  
ZLifoT0hWJqUseM/aIEMKJGnS8Hg78Mvj1WHUa58n3ieQSt5sfBqlTaEY5u2f+DT  
Tlnss59pV6ArHSdG3wcj3u2vBxePtvPt7xtFT6uwaP6MwyHHPyg/K5ttsJXt1AAl  
pglIYnqai5sWqbXS16vJCMbbAoM2obgqefh55RwqyzzdEEthTvJKEvPZrSVi/3wv  
Vv6jgEI8NSRWFLF81ZbGrDyr12WHvq25c6lYuNr2RvZipFCmcE4V7lp9ujXytfZd  
f1Id/aBE9ankE2C9a8jGwD9g0qI3Z5U/x/r2n+AByXnS9xuNf+otwK8DCxCgciJG  
TuuQ+7Ki5ETHHuEn8cKmh6xJKIr+4d8xC083JvD9E2WQBQo0iRMMs+Dhi7yP6sSh  
NVRYfRyxVzA=  
=EhaD  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0114-01

Red Hat Security Advisory 2023-0110-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: sqlite security update  
Advisory ID:       RHSA-2023:0110-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0110  
Issue date:        2023-01-12  
CVE Names:         CVE-2022-35737   
=====================================================================

1. Summary:

An update for sqlite is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

SQLite is a C library that implements an SQL database engine. A large  
subset of SQL92 is supported. A complete database is stored in a single  
disk file. The API is designed for convenience and ease of use.  
Applications that link against SQLite can enjoy the power and flexibility  
of an SQL database without the administrative hassles of supporting a  
separate database server.

Security Fix(es):

* sqlite: an array-bounds overflow if billions of bytes are used in a  
string argument to a C API (CVE-2022-35737)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2110291 - CVE-2022-35737 sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

aarch64:  
lemon-3.26.0-17.el8_7.aarch64.rpm  
lemon-debuginfo-3.26.0-17.el8_7.aarch64.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.aarch64.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.aarch64.rpm  
sqlite-debugsource-3.26.0-17.el8_7.aarch64.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.aarch64.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.aarch64.rpm

ppc64le:  
lemon-3.26.0-17.el8_7.ppc64le.rpm  
lemon-debuginfo-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-debugsource-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.ppc64le.rpm

s390x:  
lemon-3.26.0-17.el8_7.s390x.rpm  
lemon-debuginfo-3.26.0-17.el8_7.s390x.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.s390x.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.s390x.rpm  
sqlite-debugsource-3.26.0-17.el8_7.s390x.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.s390x.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.s390x.rpm

x86_64:  
lemon-3.26.0-17.el8_7.x86_64.rpm  
lemon-debuginfo-3.26.0-17.el8_7.x86_64.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.x86_64.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.x86_64.rpm  
sqlite-debugsource-3.26.0-17.el8_7.x86_64.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.x86_64.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 8):

Source:  
sqlite-3.26.0-17.el8_7.src.rpm

aarch64:  
lemon-debuginfo-3.26.0-17.el8_7.aarch64.rpm  
sqlite-3.26.0-17.el8_7.aarch64.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.aarch64.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.aarch64.rpm  
sqlite-debugsource-3.26.0-17.el8_7.aarch64.rpm  
sqlite-devel-3.26.0-17.el8_7.aarch64.rpm  
sqlite-libs-3.26.0-17.el8_7.aarch64.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.aarch64.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.aarch64.rpm

noarch:  
sqlite-doc-3.26.0-17.el8_7.noarch.rpm

ppc64le:  
lemon-debuginfo-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-debugsource-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-devel-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-libs-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.ppc64le.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.ppc64le.rpm

s390x:  
lemon-debuginfo-3.26.0-17.el8_7.s390x.rpm  
sqlite-3.26.0-17.el8_7.s390x.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.s390x.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.s390x.rpm  
sqlite-debugsource-3.26.0-17.el8_7.s390x.rpm  
sqlite-devel-3.26.0-17.el8_7.s390x.rpm  
sqlite-libs-3.26.0-17.el8_7.s390x.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.s390x.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.s390x.rpm

x86_64:  
lemon-debuginfo-3.26.0-17.el8_7.i686.rpm  
lemon-debuginfo-3.26.0-17.el8_7.x86_64.rpm  
sqlite-3.26.0-17.el8_7.i686.rpm  
sqlite-3.26.0-17.el8_7.x86_64.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.i686.rpm  
sqlite-analyzer-debuginfo-3.26.0-17.el8_7.x86_64.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.i686.rpm  
sqlite-debuginfo-3.26.0-17.el8_7.x86_64.rpm  
sqlite-debugsource-3.26.0-17.el8_7.i686.rpm  
sqlite-debugsource-3.26.0-17.el8_7.x86_64.rpm  
sqlite-devel-3.26.0-17.el8_7.i686.rpm  
sqlite-devel-3.26.0-17.el8_7.x86_64.rpm  
sqlite-libs-3.26.0-17.el8_7.i686.rpm  
sqlite-libs-3.26.0-17.el8_7.x86_64.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.i686.rpm  
sqlite-libs-debuginfo-3.26.0-17.el8_7.x86_64.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.i686.rpm  
sqlite-tcl-debuginfo-3.26.0-17.el8_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-35737  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY7/i/9zjgjWX9erEAQhB3xAAjjssNOL1S2J0s5hcPZWxpjsGF88e97GR  
pn7k5YE7r1ICInJpHxB3AzHNYDI7gEGXBh+NvmZVOma9DflYRutXrjTuRnQbisxa  
PODEMyaeWbFATQnb2jZ057im74yvJCLwceH0BfV1WchiYQS5qZsErS1ZCtnkj+rz  
RNd1Og307yRJzYjnHeeNxYvHIAsRkuDER06wS9fkQjeOOSNJOoyro0ZG/NLbrDln  
ykSsV8CQGTVkoxz4OLgN+LSe65J6xX8oTRy9EjVS8u61CEnj61B3hOCWkZVj7dTt  
qevHQ2eqGaJQMpdkFaKdMkK7oJDMcB7u581zd73ekvpO9CQnWLa9BX+nJR5qTFRR  
hGXtMz9j+buqIhqeDD3JAAD/sH21D41tmkIQ4LgyixcA139jCXGfNcWyezi5GRBy  
eaehaiWoSyRt33RnspNL6nLNbDCsYsgHUlwaTaNfaoOGe0XwZ/B2PFD4TnLBhxb1  
HqtBsM9/AFPDGZguvwsu2pRJ3TiP9kYzW0Kb2t+0I5qiq9jS5nKboab68TDQRYr/  
zIR7jaC23uVW6/RRMCyIxbm+4ui7XEEsiskj/f22O9XHEr1NlWHQTTChQSXwgTQ9  
+LPsKHAhaTBh4puPBUNkdXoIrS7in9qwyabmmkOuMBN9hdf1WwM2uzPuSKHmo/Ny  
MFJ2qbkASWI=  
=kL2f  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0110-01

A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem.

**Red Hat Product Security Center**

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

CVE-2022-3592: Red Hat Customer Portal - Access to 24x7 support and knowledge

Red Hat Security Advisory 2023-0123-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:0123-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0123  
Issue date:        2023-01-12  
CVE Names:         CVE-2022-2964 CVE-2022-4139   
=====================================================================

1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS (v. 8) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: memory corruption in AX88179_178A based USB ethernet device.  
(CVE-2022-2964)

* kernel: i915: Incorrect GPU TLB flush can lead to random memory access  
(CVE-2022-4139)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.  
2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:  
kpatch-patch-4_18_0-425_3_1-1-2.el8.src.rpm

ppc64le:  
kpatch-patch-4_18_0-425_3_1-1-2.el8.ppc64le.rpm  
kpatch-patch-4_18_0-425_3_1-debuginfo-1-2.el8.ppc64le.rpm  
kpatch-patch-4_18_0-425_3_1-debugsource-1-2.el8.ppc64le.rpm

x86_64:  
kpatch-patch-4_18_0-425_3_1-1-2.el8.x86_64.rpm  
kpatch-patch-4_18_0-425_3_1-debuginfo-1-2.el8.x86_64.rpm  
kpatch-patch-4_18_0-425_3_1-debugsource-1-2.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2964  
https://access.redhat.com/security/cve/CVE-2022-4139  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY7/i/NzjgjWX9erEAQjkhRAAobvxX9U+CJqUtMrpgkH9bKwP3tibH6Ct  
qKy1PFN2rQACX8MQcWg0rm7vhj9gxZr0hUwmFD4Df1Kw/Lb81mRanwRfR9WgEgyb  
DUIjUlxnYKbnR0dkAJkjlYeu9w+Mux9PVayF9xfe7Y/fu0nwpa9d4kgUlXVmgmGg  
oF5Xfg+UbzYwP/X8HCRyPlBds1PpN2n3ICTICC07d3ZuLWguS/r4EvqrGIjz3gPT  
qn9mUlMr1txrT24TXPY8ZkUK36v8vUkYKZrgkvCL4/ledXyGGnA03aCbvY16uGHV  
XBfoy0sd1nrdVzpWRLbgsiMpk5Rk4sby9wOrz4fo4vxW9vOAnta4bBUdMoPZOfTm  
bwsvD6TELncBIOdqTwqtwhNleulxwtcReNVYZ1SlbqcWrTDp3pgn+niYBO/arOQ7  
GgE+KqAOd/uoaa0IZZWIlStRJCNlvkb+2K/s+r/C89zPglmy4uBx2iMoDAkzjCGt  
zCYmHrIIFsblT6W5ekaww5zAgeH5/G47Mq+uVEJO1ZBJGG8vs12b1kvblx8Y8OBU  
kxSUjCFwff18i3lVMF/hYa/ff+CZxVLm077Dpymo+GTzqERhhd6jmplZAkJl7fyF  
WUxnHb7WgeGDyIlxe2/sjKenlZS421THK3LGqbGl2VZBTT4UJnGwBui2oj7YC+1F  
g5xbthsvB2w=  
=5lqj  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0123-01

Red Hat Security Advisory 2023-0128-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Issues addressed include a randomization vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: java-1.8.0-ibm security update  
Advisory ID:       RHSA-2023:0128-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0128  
Issue date:        2023-01-12  
CVE Names:         CVE-2022-21619 CVE-2022-21624 CVE-2022-21626   
                   CVE-2022-21628   
=====================================================================

1. Summary:

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux  
8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Supplementary (v. 8) - ppc64le, s390x, x86_64

3. Description:

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM  
Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR7-FP20.

Security Fix(es):

* OpenJDK: excessive memory allocation in X.509 certificate parsing  
(Security, 8286533) (CVE-2022-21626)

* OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server,  
8286918) (CVE-2022-21628)

* OpenJDK: improper handling of long NTLM client hostnames (Security,  
8286526) (CVE-2022-21619)

* OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI,  
8286910) (CVE-2022-21624)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take  
effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2133745 - CVE-2022-21619 OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)  
2133753 - CVE-2022-21626 OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)  
2133765 - CVE-2022-21624 OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)  
2133769 - CVE-2022-21628 OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)

6. Package List:

Red Hat Enterprise Linux Supplementary (v. 8):

ppc64le:  
java-1.8.0-ibm-1.8.0.7.20-1.el8_7.ppc64le.rpm  
java-1.8.0-ibm-demo-1.8.0.7.20-1.el8_7.ppc64le.rpm  
java-1.8.0-ibm-devel-1.8.0.7.20-1.el8_7.ppc64le.rpm  
java-1.8.0-ibm-headless-1.8.0.7.20-1.el8_7.ppc64le.rpm  
java-1.8.0-ibm-jdbc-1.8.0.7.20-1.el8_7.ppc64le.rpm  
java-1.8.0-ibm-plugin-1.8.0.7.20-1.el8_7.ppc64le.rpm  
java-1.8.0-ibm-src-1.8.0.7.20-1.el8_7.ppc64le.rpm  
java-1.8.0-ibm-webstart-1.8.0.7.20-1.el8_7.ppc64le.rpm

s390x:  
java-1.8.0-ibm-1.8.0.7.20-1.el8_7.s390x.rpm  
java-1.8.0-ibm-demo-1.8.0.7.20-1.el8_7.s390x.rpm  
java-1.8.0-ibm-devel-1.8.0.7.20-1.el8_7.s390x.rpm  
java-1.8.0-ibm-headless-1.8.0.7.20-1.el8_7.s390x.rpm  
java-1.8.0-ibm-jdbc-1.8.0.7.20-1.el8_7.s390x.rpm  
java-1.8.0-ibm-src-1.8.0.7.20-1.el8_7.s390x.rpm

x86_64:  
java-1.8.0-ibm-1.8.0.7.20-1.el8_7.x86_64.rpm  
java-1.8.0-ibm-demo-1.8.0.7.20-1.el8_7.x86_64.rpm  
java-1.8.0-ibm-devel-1.8.0.7.20-1.el8_7.x86_64.rpm  
java-1.8.0-ibm-headless-1.8.0.7.20-1.el8_7.x86_64.rpm  
java-1.8.0-ibm-jdbc-1.8.0.7.20-1.el8_7.x86_64.rpm  
java-1.8.0-ibm-plugin-1.8.0.7.20-1.el8_7.x86_64.rpm  
java-1.8.0-ibm-src-1.8.0.7.20-1.el8_7.x86_64.rpm  
java-1.8.0-ibm-webstart-1.8.0.7.20-1.el8_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-21619  
https://access.redhat.com/security/cve/CVE-2022-21624  
https://access.redhat.com/security/cve/CVE-2022-21626  
https://access.redhat.com/security/cve/CVE-2022-21628  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY7/i+tzjgjWX9erEAQgXZhAAnPO4wozg4xq9yVOJ3Ena/VncnYPboIzf  
wV07vvXXaO4oYNyV0rTVYH6vM26ZMpG949nlcpXAtv3DKHyCpLXFS9qHmFseQ3nC  
PEPHuBZaT5LEU/v/tyaj24UYR/t2RnaLeycHKfzWhPhs6YChB5XuhQwQkAtJT7uE  
6VXj6JNSI58jLC1eFkQNoXs2W0k+TKw8ZmZUMcnCqmXTAyGUSlwxr2XGQTvPiKFY  
yL3b5+hOeuXIVdgsk+wdCGE4kelsB05fUtpVTxvDyrSxtYdHYRsQ33VuDTMJU81R  
Ib/KdMEBHX5T3PPuv0HZb3R82a97BBlKuYSTmaJzgBuP4JgynMe0JUU5eof4W2lG  
fQU8a9Gfx7BRO+Tp3npDsFNPuMAWU7Q8G90dmpYKo5neebpxJBvBYiHRySrZxEd2  
b6o7/DcT1Hc4jocrtrv6T4jYXerVM9f5f4JBGaE+NlBdWWw8B/ffeB81hBqgooKE  
yPxg1PmWrh2tyD3EEVNEa801EKT0uyh8HJd60M4Tltej81G/eUAlUjQc2RypZlIl  
j+uDjeBFVVHL8ESjhAgbCcL2LAhZa/VMRkh9wa5xGT8gCY3nJNhwOdtoUru6QbH4  
zJWVBXI24tj5MfdK6BGWtywTOLlm3XwOt9eZsnMvC7e/WuRYLNcRjvBTUnjZTgBo  
kEylWEHnWb4=  
=sUX9  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0128-01

Red Hat Security Advisory 2023-0113-01 - PostgreSQL is an advanced object-relational database management system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: postgresql:10 security update  
Advisory ID:       RHSA-2023:0113-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0113  
Issue date:        2023-01-12  
CVE Names:         CVE-2022-2625   
=====================================================================

1. Summary:

An update for the postgresql:10 module is now available for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system  
(DBMS).

Security Fix(es):

* postgresql: Extension scripts replace objects not belonging to the  
extension. (CVE-2022-2625)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2113825 - CVE-2022-2625 postgresql: Extension scripts replace objects not belonging to the extension.

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
postgresql-10.23-1.module+el8.7.0+17280+3a452e1f.src.rpm

aarch64:  
postgresql-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-contrib-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-contrib-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-debugsource-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-docs-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-docs-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-plperl-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-plperl-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-plpython3-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-plpython3-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-pltcl-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-pltcl-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-server-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-server-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-server-devel-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-server-devel-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-static-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-test-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-test-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-test-rpm-macros-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-upgrade-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-upgrade-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-upgrade-devel-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm  
postgresql-upgrade-devel-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.aarch64.rpm

ppc64le:  
postgresql-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-contrib-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-contrib-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-debugsource-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-docs-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-docs-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-plperl-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-plperl-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-plpython3-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-plpython3-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-pltcl-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-pltcl-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-server-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-server-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-server-devel-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-server-devel-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-static-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-test-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-test-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-test-rpm-macros-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-upgrade-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-upgrade-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-upgrade-devel-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm  
postgresql-upgrade-devel-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.ppc64le.rpm

s390x:  
postgresql-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-contrib-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-contrib-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-debugsource-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-docs-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-docs-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-plperl-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-plperl-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-plpython3-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-plpython3-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-pltcl-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-pltcl-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-server-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-server-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-server-devel-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-server-devel-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-static-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-test-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-test-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-test-rpm-macros-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-upgrade-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-upgrade-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-upgrade-devel-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm  
postgresql-upgrade-devel-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.s390x.rpm

x86_64:  
postgresql-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-contrib-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-contrib-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-debugsource-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-docs-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-docs-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-plperl-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-plperl-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-plpython3-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-plpython3-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-pltcl-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-pltcl-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-server-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-server-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-server-devel-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-server-devel-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-static-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-test-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-test-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-test-rpm-macros-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-upgrade-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-upgrade-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-upgrade-devel-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm  
postgresql-upgrade-devel-debuginfo-10.23-1.module+el8.7.0+17280+3a452e1f.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2625  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY7/i99zjgjWX9erEAQiXbA//WFJNDVuYD112PQg6wO+FY9ee3L4eDa7x  
XIuCvIpVe6MxugA85cM0/h6NyvsUM7PyZC0aH/QU2uN2yDVgYr39xLNexocHvxAR  
EFiJOZhK+24uBxc9bfm+jVNqtbVOjkzhScUwjNtP5W4QZbBxzgPPTb0Ybzd9ixvk  
GV8DifcjfX1edlBCqV78Hx1P1ISSMipKeTs5HtHsAZ4uK53anrdqZASe2yVy/FVr  
D/s1DeKfWh/AF/6w5JNWB+MWgsQzOnoXH25agzJAE91+uewLk1XWIm3ky7efSYny  
2QwuNCseR5IL1rdaSCgIZY1+khyc1qMk9MxRUs54bJzWi8OMJXvsN08I8gsngrxV  
Nf27NQfMx9KjIkMo/+cV93rWHzhsjzM0uNb1CrJvBNtr5xWfIsD4vTiSJIP91hpY  
hBqo8+1pI6Wo66dQkrLDrSo7gdmcLegE56GEAZtwEMPyraXcvb5qToM4OVW8kiVE  
4Kw7CGodi864kesB6ZCKPY7vr68/OjOkWhvbqtbQ1D9kz1UvzRMAAF0meP5fA//s  
PLidab430BWeGd1UagqkQVVBSZ+TTD+oOJwIb+dJBTYpZnEkIuNe4h7eHFW1PTLn  
dCR2CI6UsDUzMPS6bjklqaGEFxCLZpn2c7xzyKhcvOwmhEJEm0UWIAZZNk5ip4b0  
C67oezmmLbg=  
=GaKj  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0113-01

Red Hat Security Advisory 2023-0100-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: systemd security and bug fix update  
Advisory ID:       RHSA-2023:0100-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0100  
Issue date:        2023-01-12  
CVE Names:         CVE-2022-3821   
=====================================================================

1. Summary:

An update for systemd is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The systemd packages contain systemd, a system and service manager for  
Linux, compatible with the SysV and LSB init scripts. It provides  
aggressive parallelism capabilities, uses socket and D-Bus activation for  
starting services, offers on-demand starting of daemons, and keeps track of  
processes using Linux cgroups. In addition, it supports snapshotting and  
restoring of the system state, maintains mount and automount points, and  
implements an elaborate transactional dependency-based service control  
logic. It can also work as a drop-in replacement for sysvinit.

Security Fix(es):

* systemd: buffer overrun in format_timespan() function (CVE-2022-3821)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* ShutdownWatchdogSec value is not taken into account on reboot  
(BZ#2127170)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2127170 - ShutdownWatchdogSec value is not taken into account on reboot [rhel-8.7.0.z]  
2139327 - CVE-2022-3821 systemd: buffer overrun in format_timespan() function

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:  
systemd-239-68.el8_7.1.src.rpm

aarch64:  
systemd-239-68.el8_7.1.aarch64.rpm  
systemd-container-239-68.el8_7.1.aarch64.rpm  
systemd-container-debuginfo-239-68.el8_7.1.aarch64.rpm  
systemd-debuginfo-239-68.el8_7.1.aarch64.rpm  
systemd-debugsource-239-68.el8_7.1.aarch64.rpm  
systemd-devel-239-68.el8_7.1.aarch64.rpm  
systemd-journal-remote-239-68.el8_7.1.aarch64.rpm  
systemd-journal-remote-debuginfo-239-68.el8_7.1.aarch64.rpm  
systemd-libs-239-68.el8_7.1.aarch64.rpm  
systemd-libs-debuginfo-239-68.el8_7.1.aarch64.rpm  
systemd-pam-239-68.el8_7.1.aarch64.rpm  
systemd-pam-debuginfo-239-68.el8_7.1.aarch64.rpm  
systemd-tests-239-68.el8_7.1.aarch64.rpm  
systemd-tests-debuginfo-239-68.el8_7.1.aarch64.rpm  
systemd-udev-239-68.el8_7.1.aarch64.rpm  
systemd-udev-debuginfo-239-68.el8_7.1.aarch64.rpm

ppc64le:  
systemd-239-68.el8_7.1.ppc64le.rpm  
systemd-container-239-68.el8_7.1.ppc64le.rpm  
systemd-container-debuginfo-239-68.el8_7.1.ppc64le.rpm  
systemd-debuginfo-239-68.el8_7.1.ppc64le.rpm  
systemd-debugsource-239-68.el8_7.1.ppc64le.rpm  
systemd-devel-239-68.el8_7.1.ppc64le.rpm  
systemd-journal-remote-239-68.el8_7.1.ppc64le.rpm  
systemd-journal-remote-debuginfo-239-68.el8_7.1.ppc64le.rpm  
systemd-libs-239-68.el8_7.1.ppc64le.rpm  
systemd-libs-debuginfo-239-68.el8_7.1.ppc64le.rpm  
systemd-pam-239-68.el8_7.1.ppc64le.rpm  
systemd-pam-debuginfo-239-68.el8_7.1.ppc64le.rpm  
systemd-tests-239-68.el8_7.1.ppc64le.rpm  
systemd-tests-debuginfo-239-68.el8_7.1.ppc64le.rpm  
systemd-udev-239-68.el8_7.1.ppc64le.rpm  
systemd-udev-debuginfo-239-68.el8_7.1.ppc64le.rpm

s390x:  
systemd-239-68.el8_7.1.s390x.rpm  
systemd-container-239-68.el8_7.1.s390x.rpm  
systemd-container-debuginfo-239-68.el8_7.1.s390x.rpm  
systemd-debuginfo-239-68.el8_7.1.s390x.rpm  
systemd-debugsource-239-68.el8_7.1.s390x.rpm  
systemd-devel-239-68.el8_7.1.s390x.rpm  
systemd-journal-remote-239-68.el8_7.1.s390x.rpm  
systemd-journal-remote-debuginfo-239-68.el8_7.1.s390x.rpm  
systemd-libs-239-68.el8_7.1.s390x.rpm  
systemd-libs-debuginfo-239-68.el8_7.1.s390x.rpm  
systemd-pam-239-68.el8_7.1.s390x.rpm  
systemd-pam-debuginfo-239-68.el8_7.1.s390x.rpm  
systemd-tests-239-68.el8_7.1.s390x.rpm  
systemd-tests-debuginfo-239-68.el8_7.1.s390x.rpm  
systemd-udev-239-68.el8_7.1.s390x.rpm  
systemd-udev-debuginfo-239-68.el8_7.1.s390x.rpm

x86_64:  
systemd-239-68.el8_7.1.i686.rpm  
systemd-239-68.el8_7.1.x86_64.rpm  
systemd-container-239-68.el8_7.1.i686.rpm  
systemd-container-239-68.el8_7.1.x86_64.rpm  
systemd-container-debuginfo-239-68.el8_7.1.i686.rpm  
systemd-container-debuginfo-239-68.el8_7.1.x86_64.rpm  
systemd-debuginfo-239-68.el8_7.1.i686.rpm  
systemd-debuginfo-239-68.el8_7.1.x86_64.rpm  
systemd-debugsource-239-68.el8_7.1.i686.rpm  
systemd-debugsource-239-68.el8_7.1.x86_64.rpm  
systemd-devel-239-68.el8_7.1.i686.rpm  
systemd-devel-239-68.el8_7.1.x86_64.rpm  
systemd-journal-remote-239-68.el8_7.1.x86_64.rpm  
systemd-journal-remote-debuginfo-239-68.el8_7.1.i686.rpm  
systemd-journal-remote-debuginfo-239-68.el8_7.1.x86_64.rpm  
systemd-libs-239-68.el8_7.1.i686.rpm  
systemd-libs-239-68.el8_7.1.x86_64.rpm  
systemd-libs-debuginfo-239-68.el8_7.1.i686.rpm  
systemd-libs-debuginfo-239-68.el8_7.1.x86_64.rpm  
systemd-pam-239-68.el8_7.1.x86_64.rpm  
systemd-pam-debuginfo-239-68.el8_7.1.i686.rpm  
systemd-pam-debuginfo-239-68.el8_7.1.x86_64.rpm  
systemd-tests-239-68.el8_7.1.x86_64.rpm  
systemd-tests-debuginfo-239-68.el8_7.1.i686.rpm  
systemd-tests-debuginfo-239-68.el8_7.1.x86_64.rpm  
systemd-udev-239-68.el8_7.1.x86_64.rpm  
systemd-udev-debuginfo-239-68.el8_7.1.i686.rpm  
systemd-udev-debuginfo-239-68.el8_7.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-3821  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY7/i9NzjgjWX9erEAQjKXg//akCX8D/qkLQEtcWYa0m9aXlkPwsCWkPY  
ScbAPZer9Pq8Nc+F9QTwuQoip+4iZ9nmUzOfqBllp81JMnn2gzT0y3NZWNNxZvaX  
1zMyUo7kA+tBDUL0PkMjchNRU/JWAlL962jXmUnuFMRoNyjFuccvodCvalSTuH2q  
eleJ+ClSVqPyusDbzNsXT/00d9ee7IFDTvmxUaf5jDpT6kUH3h/P4QtfQPLR7WL1  
/khIvs0r6FKaSqjYrhkeo9DYCo/VDzWmKL3FbY4ZY3EiEtbbwGrgPa4PSAxNIH7x  
8UKhzMRi22bcqIpdFxdcWaMGzl0vTeJHbHx3BgPtCGFldivlu6DBth0iRMbOpQsH  
zZu6/W8rOBbFw1hX2vfOKgSt3EcP08BCvOYq+5m+kUONPpbkDa4E8VtbEb8Tl/FV  
CdhNOhQTT4XTa2hrxYI/0H26i2C/m3YZyGpm2XzsrZtQLEatFjI1HDR6nPdeNNsF  
HxuYxr5ac8LCTDbg1hgRtjj2bVQvoCV5PwbbA82Q7h4kRuuoN1iedq/p+7hhPVjh  
cQlPK6ivq4txHCz0R0azo4yA6lIBM4CwxtjdWjEqAt85Wr3cW3WpOO3g0KCrPPRO  
M/Knn7fxDWbusU+m1mp6CM6A1ITmWcUvtJHhwD8dv1SjXwHIWwHPlD7TiI2Y3icZ  
I8bFgejxn4U=  
=QrfL  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0100-01

Red Hat Security Advisory 2023-0116-01 - A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: libtasn1 security update  
Advisory ID:       RHSA-2023:0116-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0116  
Issue date:        2023-01-12  
CVE Names:         CVE-2021-46848   
=====================================================================

1. Summary:

An update for libtasn1 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

A library that provides Abstract Syntax Notation One (ASN.1, as specified  
by the X.680 ITU-T recommendation) parsing and structures management, and  
Distinguished Encoding Rules (DER, as per X.690) encoding and decoding  
functions.

Security Fix(es):

* libtasn1: Out-of-bound access in ETYPE_OK (CVE-2021-46848)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2140058 - CVE-2021-46848 libtasn1: Out-of-bound access in ETYPE_OK

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

aarch64:  
libtasn1-debuginfo-4.13-4.el8_7.aarch64.rpm  
libtasn1-debugsource-4.13-4.el8_7.aarch64.rpm  
libtasn1-devel-4.13-4.el8_7.aarch64.rpm  
libtasn1-tools-4.13-4.el8_7.aarch64.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.aarch64.rpm

ppc64le:  
libtasn1-debuginfo-4.13-4.el8_7.ppc64le.rpm  
libtasn1-debugsource-4.13-4.el8_7.ppc64le.rpm  
libtasn1-devel-4.13-4.el8_7.ppc64le.rpm  
libtasn1-tools-4.13-4.el8_7.ppc64le.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.ppc64le.rpm

s390x:  
libtasn1-debuginfo-4.13-4.el8_7.s390x.rpm  
libtasn1-debugsource-4.13-4.el8_7.s390x.rpm  
libtasn1-devel-4.13-4.el8_7.s390x.rpm  
libtasn1-tools-4.13-4.el8_7.s390x.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.s390x.rpm

x86_64:  
libtasn1-debuginfo-4.13-4.el8_7.i686.rpm  
libtasn1-debuginfo-4.13-4.el8_7.x86_64.rpm  
libtasn1-debugsource-4.13-4.el8_7.i686.rpm  
libtasn1-debugsource-4.13-4.el8_7.x86_64.rpm  
libtasn1-devel-4.13-4.el8_7.i686.rpm  
libtasn1-devel-4.13-4.el8_7.x86_64.rpm  
libtasn1-tools-4.13-4.el8_7.x86_64.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.i686.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 8):

Source:  
libtasn1-4.13-4.el8_7.src.rpm

aarch64:  
libtasn1-4.13-4.el8_7.aarch64.rpm  
libtasn1-debuginfo-4.13-4.el8_7.aarch64.rpm  
libtasn1-debugsource-4.13-4.el8_7.aarch64.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.aarch64.rpm

ppc64le:  
libtasn1-4.13-4.el8_7.ppc64le.rpm  
libtasn1-debuginfo-4.13-4.el8_7.ppc64le.rpm  
libtasn1-debugsource-4.13-4.el8_7.ppc64le.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.ppc64le.rpm

s390x:  
libtasn1-4.13-4.el8_7.s390x.rpm  
libtasn1-debuginfo-4.13-4.el8_7.s390x.rpm  
libtasn1-debugsource-4.13-4.el8_7.s390x.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.s390x.rpm

x86_64:  
libtasn1-4.13-4.el8_7.i686.rpm  
libtasn1-4.13-4.el8_7.x86_64.rpm  
libtasn1-debuginfo-4.13-4.el8_7.i686.rpm  
libtasn1-debuginfo-4.13-4.el8_7.x86_64.rpm  
libtasn1-debugsource-4.13-4.el8_7.i686.rpm  
libtasn1-debugsource-4.13-4.el8_7.x86_64.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.i686.rpm  
libtasn1-tools-debuginfo-4.13-4.el8_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-46848  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY7/i8dzjgjWX9erEAQiZmhAAmQwNAKws70pWIocKzUsb/fYYYMcchqrn  
43gAEVYZ+USKwd0/le9Xbhx7Z22mrabueClq9A74J4B2YXmzFqOJLOz+7LCQAx8+  
B86MlnkcRHNTT5tyi6qmWTm99GqOpyuKf30N5AYceAfBbCO6D9B2bBEyaIb+uSwB  
Sw5EJJFblXhZlHF67K6Lp7I6NSj5aSK+KT6Jru5qJQ/v6K5TznOIyvUJriW4GyQK  
n+xhXLizOV14Rkh6TaWarz7fIKWsAffLUU+n2ZJ3bPbRrL7PqNrTm46AJoZgNK51  
0IbA5xORFGgJaUk+3dTiwvqr6yBSWGWyztqOi7ywoGdeGZf768YHzcMNbTqAGmrd  
wETBwvg/QMSZHeJ62ALGOnkGgzFZqr8/Yu4hJ2Tb8D6oww6MWO4E2Z/BB8madOA+  
q05+JfrIDe3WU+GMYjlmzjezWbKmAQdUnbPkX0fCYtT+0D7R8HN8MLCOR8Bi/Vlo  
06gjDT0rKElpETR81LF70shM6vXRQ4UjmwmPXcHbNTCiNSgE8NNy7woEZT1rsYog  
dY2Y9Ah2nodWTgObLn2X9XEsgjr/lc2Dc4l3DCl1l2sdI74UstqAiYiM6L6QTC/r  
E5wlx10mcbHPTXUOh+NbESzH5IWuqKXaxWjdp0R4vCLuN4+WUHAu9dN2YQTk1E89  
m3+mOt3oApY=  
=53fB  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0116-01

Red Hat Security Advisory 2023-0099-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds read vulnerability.

Red Hat Security Advisory 2023-0099-01

Red Hat Security Advisory 2023-0101-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update  
Advisory ID:       RHSA-2023:0101-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0101  
Issue date:        2023-01-12  
CVE Names:         CVE-2022-2964 CVE-2022-4139   
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux  
operating system.

Security Fix(es):

* kernel: memory corruption in AX88179_178A based USB ethernet device.  
(CVE-2022-2964)

* kernel: i915: Incorrect GPU TLB flush can lead to random memory access  
(CVE-2022-4139)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* RHEL8.4 - zfcp: fix missing auto port scan and thus missing target ports  
(BZ#2127849)

* vfio zero page mappings fail after 2M instances (BZ#2128515)

* ice: Driver Update up to 5.19 (BZ#2130992)

* atlantic: missing hybernate/resume fixes (BZ#2131935)

* Bluefield 2 DPU would crash and reboot due to a kernel panic (BZ#2134084)

* Fix issue that enables STABLE_WRITES by default and causes performance  
regressions (BZ#2135813)

* ice: Intel E810 PTP clock glitching (BZ#2136036)

* ice: configure link-down-on-close on and change interface mtu to 9000,the  
interface can't up (BZ#2136216)

* ice: dump additional CSRs for Tx hang debugging (BZ#2136513)

* ice,iavf: system panic during sriov sriov_test_cntvf_reboot testing  
(BZ#2137270)

* After upgrading to ocp4.11.1, our dpdk application using vlan strip  
offload is not working (BZ#2138157)

* i40e: orphaned-leaky memory when interacting with driver memory  
parameters (BZ#2138205)

* WARNING: CPU: 0 PID: 9637 at kernel/time/hrtimer.c:1309  
hrtimer_start_range_ns+0x35d/0x400 (BZ#2138953)

* DELL EMC 8.6-RT: System is not booting into RT Kernel with perc12.  
(BZ#2139216)

* Lenovo 8.7: The VGA display shows no signal when install RHEL8.7  
(BZ#2140152)

* Host Pod -> NodePort Service traffic (Host Backend - Same Node) Flow  
Iperf Cannot Pass Traffic (BZ#2141878)

* mlx5_core: mlx5_cmd_check messages scrolling with hardware offload  
enabled (BZ#2141957)

* net/ice: VIRTCHNL_OP_CONFIG_VSI_QUEUES command handling failure with  
in-tree driver (BZ#2142017)

* RHEL:8.6+ IBM Partner issue - Loopback driver with ABORT_TASKS causing  
hangs in scsi eh, this bug was cloned for RHEL8.6 and need this patch in  
8.6+ (BZ#2144583)

* AMdCLIENT 8.8: The kernel command line parameter "nomodeset" not working  
properly (BZ#2145218)

* Path loss during Volume Ownership Change on RHEL 8.7 SAS (BZ#2147374)

* net/ice: OP_SET_RSS_HENA command not supported with in-tree driver  
(BZ#2148130)

* iavf panic: iavf 0000:ca:01.0: Failed to init adminq: -53 (BZ#2149081)

* Intel 8.8 iavf: Driver Update (bugfixes) (BZ#2149742)

* Azure RHEL-8 PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot  
time (BZ#2150912)

* RHEL-8.7: System fails to boot with soft lockup while loading/unloading  
an unsigned (E) kernel module. (BZ#2152206)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.  
2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:  
kernel-4.18.0-425.10.1.el8_7.src.rpm

aarch64:  
bpftool-4.18.0-425.10.1.el8_7.aarch64.rpm  
bpftool-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-core-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-cross-headers-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debug-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debug-core-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debug-devel-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debug-modules-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debug-modules-extra-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-devel-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-headers-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-modules-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-modules-extra-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-tools-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-tools-libs-4.18.0-425.10.1.el8_7.aarch64.rpm  
perf-4.18.0-425.10.1.el8_7.aarch64.rpm  
perf-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
python3-perf-4.18.0-425.10.1.el8_7.aarch64.rpm  
python3-perf-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm

noarch:  
kernel-abi-stablelists-4.18.0-425.10.1.el8_7.noarch.rpm  
kernel-doc-4.18.0-425.10.1.el8_7.noarch.rpm

ppc64le:  
bpftool-4.18.0-425.10.1.el8_7.ppc64le.rpm  
bpftool-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-core-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-cross-headers-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debug-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debug-core-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debug-devel-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debug-modules-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debug-modules-extra-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-devel-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-headers-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-modules-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-modules-extra-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-tools-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-tools-libs-4.18.0-425.10.1.el8_7.ppc64le.rpm  
perf-4.18.0-425.10.1.el8_7.ppc64le.rpm  
perf-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
python3-perf-4.18.0-425.10.1.el8_7.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm

s390x:  
bpftool-4.18.0-425.10.1.el8_7.s390x.rpm  
bpftool-debuginfo-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-core-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-cross-headers-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-debug-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-debug-core-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-debug-debuginfo-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-debug-devel-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-debug-modules-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-debug-modules-extra-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-debuginfo-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-debuginfo-common-s390x-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-devel-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-headers-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-modules-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-modules-extra-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-tools-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-tools-debuginfo-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-zfcpdump-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-zfcpdump-core-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-zfcpdump-debuginfo-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-zfcpdump-devel-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-zfcpdump-modules-4.18.0-425.10.1.el8_7.s390x.rpm  
kernel-zfcpdump-modules-extra-4.18.0-425.10.1.el8_7.s390x.rpm  
perf-4.18.0-425.10.1.el8_7.s390x.rpm  
perf-debuginfo-4.18.0-425.10.1.el8_7.s390x.rpm  
python3-perf-4.18.0-425.10.1.el8_7.s390x.rpm  
python3-perf-debuginfo-4.18.0-425.10.1.el8_7.s390x.rpm

x86_64:  
bpftool-4.18.0-425.10.1.el8_7.x86_64.rpm  
bpftool-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-core-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-cross-headers-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debug-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debug-core-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debug-devel-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debug-modules-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debug-modules-extra-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-devel-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-headers-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-modules-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-modules-extra-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-tools-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-tools-libs-4.18.0-425.10.1.el8_7.x86_64.rpm  
perf-4.18.0-425.10.1.el8_7.x86_64.rpm  
perf-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
python3-perf-4.18.0-425.10.1.el8_7.x86_64.rpm  
python3-perf-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:  
bpftool-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
kernel-tools-libs-devel-4.18.0-425.10.1.el8_7.aarch64.rpm  
perf-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm  
python3-perf-debuginfo-4.18.0-425.10.1.el8_7.aarch64.rpm

ppc64le:  
bpftool-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
kernel-tools-libs-devel-4.18.0-425.10.1.el8_7.ppc64le.rpm  
perf-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-425.10.1.el8_7.ppc64le.rpm

x86_64:  
bpftool-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
kernel-tools-libs-devel-4.18.0-425.10.1.el8_7.x86_64.rpm  
perf-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm  
python3-perf-debuginfo-4.18.0-425.10.1.el8_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2964  
https://access.redhat.com/security/cve/CVE-2022-4139  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY7/i69zjgjWX9erEAQi7og/+NmgRZHeaRAFdkzMYD9KOIoU1RNAlKAfu  
hJf63p0zW4JqRUcn7p+v3qFw84eBJR4Q+dWsx9I8IBKoZ+jZQQlvMOy17eXPnedD  
et7KieOv6+4YXYh9QDD6LzqXjrhdZCFVTbd2Yjhnsvll74o/r4T8at+MGZmAEbsc  
9vWDOyknBmusOnk1GcKKgvrOGfpw/WHKsn/O+iZAT3o1kEHxQoUF689rYGn/Nm56  
i+53s/QlbvXTAmiyMjMWTfM7fR899BRfYfEy0GCrFT7NOcXZ14DwZ4bgLXqeFaHv  
pIVDryqShKr6qUsp0Whb8y6RcqZebL57mCDmnGhrCn3O4n9RMtjn3ApDks9urp0t  
wmrO/TuejHqM9Agjyz2SZSJf23nJSoCxfssHkRPbd/NxPVv2a05iOe/GPrMdmA1D  
bLUKyIeAy8gxNzxIqrH/MmTlyddUVgy/3Oi15etSSRYxG3zPQYAIB3yxdVKxOS4K  
YJhZzL5OMQilO/dP3zYrGSjJkA5CTYU0laMs8QPDpBiKUJU8q/r7XRj6PS6THCOZ  
Xjpf66XYbT42v6Ly3lIvM+w6TZpy2NzxFBfq8Ab8J+ssUYzEpxlD7voZ0ca9rbzv  
V4SVdHzEpMITwqkW1OPjKMWYlFFkMn7RcgzU1jgxTTwN3y1IIJSVCU67NP4K+re7  
Vh1Z7+eM4CY=  
=B1Qw  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#red_hat