A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.

CVE-2023-33004: Jenkins Security Advisory 2023-05-16

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVE-2023-33007: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.

CVE-2023-32996: Jenkins Security Advisory 2023-05-16

A vulnerability, which was classified as problematic, has been found in SourceCodester Guest Management System 1.0. Affected by this issue is some unknown functionality of the file dateTest.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229160.

Permalink

Cannot retrieve contributors at this time

**Guest Management System v1.0 has reflected cross-site scripting**

BUG\_Author: DRXYJ

Website source code address: https://www.sourcecodester.com/php/14664/guest-management-system-php-full-source-code.html

Vulnerability File: /guestmanagement/dateTest.php

GET parameter "name" exists reflected cross-site scripting vulnerability

Payload: /guestmanagement/dateTest.php?name="><script>alert(document.cookie)</script>&name1=Submit

The js code is successfully executed and the cookie value is returned, which proves that there is a reflected cross-site scripting vulnerability.

CVE-2023-2740: CVE/XSS.md at main · xryj920/CVE

Red Hat Security Advisory 2023-2863-01 - Ctags is a C programming language indexing and cross-reference tool.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: ctags security update  
Advisory ID:       RHSA-2023:2863-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2863  
Issue date:        2023-05-16  
CVE Names:         CVE-2022-4515  
====================================================================  
1. Summary:

An update for ctags is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

Ctags is a C programming language indexing and cross-reference tool.

Security Fix(es):

* ctags: arbitrary command execution via a tag file with a crafted filename  
(CVE-2022-4515)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 8.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2153519 - CVE-2022-4515 ctags: arbitrary command execution via a tag file with a crafted filename

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
ctags-5.8-23.el8.src.rpm

aarch64:  
ctags-5.8-23.el8.aarch64.rpm  
ctags-debuginfo-5.8-23.el8.aarch64.rpm  
ctags-debugsource-5.8-23.el8.aarch64.rpm

ppc64le:  
ctags-5.8-23.el8.ppc64le.rpm  
ctags-debuginfo-5.8-23.el8.ppc64le.rpm  
ctags-debugsource-5.8-23.el8.ppc64le.rpm

s390x:  
ctags-5.8-23.el8.s390x.rpm  
ctags-debuginfo-5.8-23.el8.s390x.rpm  
ctags-debugsource-5.8-23.el8.s390x.rpm

x86_64:  
ctags-5.8-23.el8.x86_64.rpm  
ctags-debuginfo-5.8-23.el8.x86_64.rpm  
ctags-debugsource-5.8-23.el8.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 8):

aarch64:  
ctags-debuginfo-5.8-23.el8.aarch64.rpm  
ctags-debugsource-5.8-23.el8.aarch64.rpm  
ctags-etags-5.8-23.el8.aarch64.rpm

ppc64le:  
ctags-debuginfo-5.8-23.el8.ppc64le.rpm  
ctags-debugsource-5.8-23.el8.ppc64le.rpm  
ctags-etags-5.8-23.el8.ppc64le.rpm

s390x:  
ctags-debuginfo-5.8-23.el8.s390x.rpm  
ctags-debugsource-5.8-23.el8.s390x.rpm  
ctags-etags-5.8-23.el8.s390x.rpm

x86_64:  
ctags-debuginfo-5.8-23.el8.x86_64.rpm  
ctags-debugsource-5.8-23.el8.x86_64.rpm  
ctags-etags-5.8-23.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-4515  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZGNwy9zjgjWX9erEAQghORAAhPcMdjAEpttsds8ljMdilMDa5xJqrylP  
iHC79nsZSbc3F3OfPmS8gAXVjlhCKReGjPzbvovn6ORaQJvl8I0KQOg26CBctXaC  
GcTn25EGPTU9pdMzZ6xgJEnSQxOPbSX4yvBaji+lVWTC82OKgPFRHtaz26ETLzZh  
ADCzVpQN3SpfczLMhT/gEZ4WvWWbKm8MY/luUVIIUNXz2lj1CHQowGQSawgWEf7C  
pp284YwGjxwjSkEvKZ8zLYnzWgjHz9Ji52sa1onMcpgIG7MM7V6mVhb7g5UL5Mk9  
nPIPrh45RqYhVndChF69+F2fSPyB4anWBvcrKxNHGprW5reQSmqXKI/PxV0Dv6lR  
c5vU/UOwRxcHWxzGOcHOCqPD0R7l/Tt3VvKhkXkB2CAzjoSmfB2ELom8PjSj9riv  
NCvxXBgMqPXBmvYwVFrFsYvGaAHkWVYB7K6fU9TyPl/USjBHl7aesq54Ao++KpML  
MObFechEMnP1KEg3WT9oIf7RCpvDZrNzZ4/c2dCfsSLlACxNSVaMskMvOpJN5LCQ  
Gm+WijvaAvG2fZV9gPr0WY4bAl5TdYfIAB0keSETxZIsCa5uwu+oS7KJw1TaNAmG  
qy9J/0SpmxiJYtafATiCbzJLHEKCx0TEtvnuhgXP/yqmh3kals4Q341zvMya+FSx  
shMaekwTT6QŒS/  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2863-01

Red Hat Security Advisory 2023-3067-01 - AutoTrace is a program for converting bitmaps to vector graphics. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: autotrace security update  
Advisory ID:       RHSA-2023:3067-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3067  
Issue date:        2023-05-16  
CVE Names:         CVE-2022-32323  
====================================================================  
1. Summary:

An update for autotrace is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

AutoTrace is a program for converting bitmaps to vector graphics.

Security Fix(es):

* autotrace: heap-buffer overflow via the ReadImage() at input-bmp.c  
(CVE-2022-32323)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 8.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2107471 - CVE-2022-32323 autotrace: heap-buffer overflow via the ReadImage() at input-bmp.c

6. Package List:

Red Hat Enterprise Linux CRB (v. 8):

Source:  
autotrace-0.31.1-55.el8.src.rpm

aarch64:  
autotrace-0.31.1-55.el8.aarch64.rpm  
autotrace-debuginfo-0.31.1-55.el8.aarch64.rpm  
autotrace-debugsource-0.31.1-55.el8.aarch64.rpm

ppc64le:  
autotrace-0.31.1-55.el8.ppc64le.rpm  
autotrace-debuginfo-0.31.1-55.el8.ppc64le.rpm  
autotrace-debugsource-0.31.1-55.el8.ppc64le.rpm

s390x:  
autotrace-0.31.1-55.el8.s390x.rpm  
autotrace-debuginfo-0.31.1-55.el8.s390x.rpm  
autotrace-debugsource-0.31.1-55.el8.s390x.rpm

x86_64:  
autotrace-0.31.1-55.el8.i686.rpm  
autotrace-0.31.1-55.el8.x86_64.rpm  
autotrace-debuginfo-0.31.1-55.el8.i686.rpm  
autotrace-debuginfo-0.31.1-55.el8.x86_64.rpm  
autotrace-debugsource-0.31.1-55.el8.i686.rpm  
autotrace-debugsource-0.31.1-55.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-32323  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZGNuq9zjgjWX9erEAQgKAxAAo2uU4hr+KYz0nCSwRK9wKuwzfRXMhyG5  
z4zEx3L0vcEfuOZwleWyg6RgiSJPUgFFQWjx/YxLKrD7j5QSqhyhjrQQ0/xxF9d4  
mIIIANQUS8WkugGGPRFZjCndUHS+gTRO97yDh/gnD5s6wfylqesWV33m/cNCDvlt  
+hIpLb8LP9rbmRkskigvLHHjj+P4nNqptO3a7vzHn817CDijKO2vX3zVtVI+j1Ay  
/uQMMp9o2Z3MkP6WSsM9Og92TFDrr2EuyAuXlXI2RwwM5eEb5NbYozp9k6++zYtN  
hSeduBw8TmaFTRCN5m13mgESycSl2NpzaxnkoHHYk6KsKNXXnkP5gwlmCPkyzBMB  
CeNzn8TldXJzei7n+B/JHyoD54Ia6EfyAHvsx/NnP4Y6OyM63muvxODDGRfnZQjV  
mc75A1vAWUVYwghXlbH/zB/HkEA78eW6cgkszwPL//J/U7cvLYk5xKhb8XZHPzoC  
bcE4yZJNdBQs52Zlq2z0KkjA7BVs3fa+H70W41cO3n8nJjsKkA2o73fuRkUFnIAA  
DlnfMs2IesDINAdcl2UxegAcuI5sG0YU3vsljd/JaGySgfj9ObDKVPTasIJVA6R/  
yYjRk1XrtiEF2mjAsFKkP4Yk4Bi8HAWisuPZGeZX7RyF2CL8KL8nsps5eiS8YPm8  
Cr6Kz7qZCO8=Q1x0  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3067-01

Red Hat Security Advisory 2023-3097-01 - The gssntlmssp is a GSSAPI NTLM mechanism that allows to perform NTLM authentication in GSSAPI programs. Issues addressed include memory leak and out of bounds read vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: gssntlmssp security update  
Advisory ID:       RHSA-2023:3097-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3097  
Issue date:        2023-05-16  
CVE Names:         CVE-2023-25563 CVE-2023-25564 CVE-2023-25565  
                   CVE-2023-25566 CVE-2023-25567  
====================================================================  
1. Summary:

An update for gssntlmssp is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The gssntlmssp is a GSSAPI NTLM mechanism that allows to perform NTLM  
authentication in GSSAPI programs.

Security Fix(es):

* gssntlmssp: multiple out-of-bounds read when decoding NTLM fields  
(CVE-2023-25563)

* gssntlmssp: memory corruption when decoding UTF16 strings  
(CVE-2023-25564)

* gssntlmssp: incorrect free when decoding target information  
(CVE-2023-25565)

* gssntlmssp: memory leak when parsing usernames (CVE-2023-25566)

* gssntlmssp: out-of-bounds read when decoding target information  
(CVE-2023-25567)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2172019 - CVE-2023-25563 gssntlmssp: multiple out-of-bounds read when decoding NTLM fields  
2172020 - CVE-2023-25564 gssntlmssp: memory corruption when decoding UTF16 strings  
2172021 - CVE-2023-25565 gssntlmssp: incorrect free when decoding target information  
2172022 - CVE-2023-25566 gssntlmssp: memory leak when parsing usernames  
2172023 - CVE-2023-25567 gssntlmssp: out-of-bounds read when decoding target information

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
gssntlmssp-1.2.0-1.el8_8.src.rpm

aarch64:  
gssntlmssp-1.2.0-1.el8_8.aarch64.rpm  
gssntlmssp-debuginfo-1.2.0-1.el8_8.aarch64.rpm  
gssntlmssp-debugsource-1.2.0-1.el8_8.aarch64.rpm

ppc64le:  
gssntlmssp-1.2.0-1.el8_8.ppc64le.rpm  
gssntlmssp-debuginfo-1.2.0-1.el8_8.ppc64le.rpm  
gssntlmssp-debugsource-1.2.0-1.el8_8.ppc64le.rpm

s390x:  
gssntlmssp-1.2.0-1.el8_8.s390x.rpm  
gssntlmssp-debuginfo-1.2.0-1.el8_8.s390x.rpm  
gssntlmssp-debugsource-1.2.0-1.el8_8.s390x.rpm

x86_64:  
gssntlmssp-1.2.0-1.el8_8.x86_64.rpm  
gssntlmssp-debuginfo-1.2.0-1.el8_8.x86_64.rpm  
gssntlmssp-debugsource-1.2.0-1.el8_8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-25563  
https://access.redhat.com/security/cve/CVE-2023-25564  
https://access.redhat.com/security/cve/CVE-2023-25565  
https://access.redhat.com/security/cve/CVE-2023-25566  
https://access.redhat.com/security/cve/CVE-2023-25567  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZGNwpNzjgjWX9erEAQjhaA//fxlq/Nag7VoFfE1Y5XCdKkIvvZzUZyBu  
AuzLCsBmfy9IFUIDHcS/EXiLDD56l045V7jstindFbCJGyyh/HGCgV2pXTG4VZYc  
hAGGI2jqAvIKMfuSPfS4iP3u6iWBE8HIalfFzlfgKKn/mLU+EUNhsc+Vld4D9/qx  
XuyckvMP/OqhIdN7q5hzYRYWBpnmv9Q4oOQKHPcncanlYiVRw8nf8hGZdeOonFnP  
187jWDG1djdJ9a4QUcc94aNJ3v2ySb1xIAdtHc1MZLLjtXg5XMmoTujN0Ihs10E2  
MgU0eveLoaD69vHeIpgaA7bXydSEYAIiXwkCQkcU06za1y7pmTMIPgscaLdu9HGs  
kW0YvLRlEh1liOUb/GSutqKf7Z/xW8n1P/eOtjghJRpVK+g5p1LpFiVm0Fa8+Kvq  
hJb9LchDsq8b6ATzBtF7AICq2VRHuSvQK/DEM3D6lf2N6tcnP5aKHqtoMKyaJXi1  
k/O/KWXTTHFpRUM5gp1R5GeL1V6uapgt6hlLK2/bHB9lC079njD5Sp5jdBvuIqNf  
+LdeBm7nVZVam7t91ycqU3kOF8Doy6x3Pt3T9tV7qkggcq+nogTUmoH0T/QaFpI/  
JQPTDVY0rmCeuJgUYS3EYYg8wLG9bDTybD+L32XRp6XMXZcTAVrasyRXvpQmHuaG  
KCYRZky/tysïT0  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3097-01

Red Hat Security Advisory 2023-2883-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include integer overflow and out of bounds write vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: libtiff security update  
Advisory ID:       RHSA-2023:2883-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2883  
Issue date:        2023-05-16  
CVE Names:         CVE-2022-3627 CVE-2022-3970  
====================================================================  
1. Summary:

An update for libtiff is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The libtiff packages contain a library of functions for manipulating Tagged  
Image File Format (TIFF) files.

Security Fix(es):

* libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c  
(CVE-2022-3627)

* libtiff: integer overflow in function TIFFReadRGBATileExt of the file  
(CVE-2022-3970)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 8.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running applications linked against libtiff must be restarted for this  
update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2142742 - CVE-2022-3627 libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c  
2148918 - CVE-2022-3970 libtiff: integer overflow in function TIFFReadRGBATileExt of the file

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
libtiff-4.0.9-27.el8.src.rpm

aarch64:  
libtiff-4.0.9-27.el8.aarch64.rpm  
libtiff-debuginfo-4.0.9-27.el8.aarch64.rpm  
libtiff-debugsource-4.0.9-27.el8.aarch64.rpm  
libtiff-devel-4.0.9-27.el8.aarch64.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.aarch64.rpm

ppc64le:  
libtiff-4.0.9-27.el8.ppc64le.rpm  
libtiff-debuginfo-4.0.9-27.el8.ppc64le.rpm  
libtiff-debugsource-4.0.9-27.el8.ppc64le.rpm  
libtiff-devel-4.0.9-27.el8.ppc64le.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.ppc64le.rpm

s390x:  
libtiff-4.0.9-27.el8.s390x.rpm  
libtiff-debuginfo-4.0.9-27.el8.s390x.rpm  
libtiff-debugsource-4.0.9-27.el8.s390x.rpm  
libtiff-devel-4.0.9-27.el8.s390x.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.s390x.rpm

x86_64:  
libtiff-4.0.9-27.el8.i686.rpm  
libtiff-4.0.9-27.el8.x86_64.rpm  
libtiff-debuginfo-4.0.9-27.el8.i686.rpm  
libtiff-debuginfo-4.0.9-27.el8.x86_64.rpm  
libtiff-debugsource-4.0.9-27.el8.i686.rpm  
libtiff-debugsource-4.0.9-27.el8.x86_64.rpm  
libtiff-devel-4.0.9-27.el8.i686.rpm  
libtiff-devel-4.0.9-27.el8.x86_64.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.i686.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 8):

aarch64:  
libtiff-debuginfo-4.0.9-27.el8.aarch64.rpm  
libtiff-debugsource-4.0.9-27.el8.aarch64.rpm  
libtiff-tools-4.0.9-27.el8.aarch64.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.aarch64.rpm

ppc64le:  
libtiff-debuginfo-4.0.9-27.el8.ppc64le.rpm  
libtiff-debugsource-4.0.9-27.el8.ppc64le.rpm  
libtiff-tools-4.0.9-27.el8.ppc64le.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.ppc64le.rpm

s390x:  
libtiff-debuginfo-4.0.9-27.el8.s390x.rpm  
libtiff-debugsource-4.0.9-27.el8.s390x.rpm  
libtiff-tools-4.0.9-27.el8.s390x.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.s390x.rpm

x86_64:  
libtiff-debuginfo-4.0.9-27.el8.x86_64.rpm  
libtiff-debugsource-4.0.9-27.el8.x86_64.rpm  
libtiff-tools-4.0.9-27.el8.x86_64.rpm  
libtiff-tools-debuginfo-4.0.9-27.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-3627  
https://access.redhat.com/security/cve/CVE-2022-3970  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZGNu99zjgjWX9erEAQhNng//R5CzIaokN/aq5w+uo6EkRwiv6Cl7ylJo  
JSm8SclvCYwB7FsjbFeHvaWyC6hRrTnzGSnf75+uhb7XGp/WCC7vkGAGs1ES8I/o  
fLOF+47sPoelWzDpESOQT0Q2mc9KbNCiYx6kaSqnXebuU+gKMBUY9hPnznBQEosR  
6J6gEyCZzKFzgHLbZRbSrcbqIx9wpSwvEyw9rklrTkmVkWGOYm/lRRl0GKNZplHI  
363abJLz4hGqMKKk7pr2ay88p7FLsisblwbhkCHlUMv8Qhq8ymcJbWseDiU56EQg  
jewNHYTO22o1NF9Jf9JX88I6zqN8fA55mqqFXznzofCoZ5wgAAwbbXpBKAaAgzOo  
CN8xMaXbP5phKw5P1nLyk7O+cfN59sS+kP+C0znggBnkd84IckURYwFZxuqiG/ml  
NpRPCb75+HpVpC+/R2i/HHynIxOh82ns++zvTOg0s50d80f1PEc4wPXg0Q7gsa5c  
R4LpcoStagZjo7f7vLpzXOcbRSHn73lKh4/KmF78fHzFy0g6Y+C2xadntir9yCrx  
ZICjIGwW9Z8hQIzGfGuk3OLl3mWzjDiF9ohPysDioAWgbA0R/nTv/4gC9ONhPzzo  
IgmVFmrO4QfHVTyMFEsqMFnnkRQn15i8ryx+Xdh9b5mwpoak5gCiqstQitG887Xq  
/lxN1Dzba6s=wFiy  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2883-01

Red Hat Security Advisory 2023-2870-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Issues addressed include an information leakage vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: freeradius:3.0 security update  
Advisory ID:       RHSA-2023:2870-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2870  
Issue date:        2023-05-16  
CVE Names:         CVE-2022-41859 CVE-2022-41860 CVE-2022-41861  
====================================================================  
1. Summary:

An update for the freeradius:3.0 module is now available for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

FreeRADIUS is a high-performance and highly configurable free Remote  
Authentication Dial In User Service (RADIUS) server, designed to allow  
centralized authentication and authorization for a network.

Security Fix(es):

* freeradius: Information leakage in EAP-PWD (CVE-2022-41859)

* freeradius: Crash on unknown option in EAP-SIM (CVE-2022-41860)

* freeradius: Crash on invalid abinary data (CVE-2022-41861)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 8.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2078483 - CVE-2022-41859 freeradius: Information leakage in EAP-PWD  
2078485 - CVE-2022-41860 freeradius: Crash on unknown option in EAP-SIM  
2078487 - CVE-2022-41861 freeradius: Crash on invalid abinary data

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.src.rpm

aarch64:  
freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-debugsource-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-devel-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-doc-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-krb5-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-krb5-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-ldap-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-ldap-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-mysql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-mysql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-perl-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-perl-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-postgresql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-postgresql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-rest-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-rest-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-sqlite-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-sqlite-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-unixODBC-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-unixODBC-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-utils-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
freeradius-utils-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
python3-freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm  
python3-freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

ppc64le:  
freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-debugsource-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-devel-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-doc-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-krb5-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-krb5-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-ldap-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-ldap-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-mysql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-mysql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-perl-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-perl-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-postgresql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-postgresql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-rest-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-rest-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-sqlite-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-sqlite-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-unixODBC-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-unixODBC-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-utils-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
freeradius-utils-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
python3-freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm  
python3-freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

s390x:  
freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-debugsource-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-devel-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-doc-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-krb5-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-krb5-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-ldap-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-ldap-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-mysql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-mysql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-perl-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-perl-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-postgresql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-postgresql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-rest-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-rest-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-sqlite-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-sqlite-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-unixODBC-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-unixODBC-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-utils-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
freeradius-utils-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
python3-freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm  
python3-freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

x86_64:  
freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-debugsource-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-devel-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-doc-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-krb5-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-krb5-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-ldap-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-ldap-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-mysql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-mysql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-perl-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-perl-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-postgresql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-postgresql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-rest-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-rest-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-sqlite-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-sqlite-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-unixODBC-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-unixODBC-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-utils-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
freeradius-utils-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
python3-freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm  
python3-freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-41859  
https://access.redhat.com/security/cve/CVE-2022-41860  
https://access.redhat.com/security/cve/CVE-2022-41861  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZGNw09zjgjWX9erEAQgtzRAAjlyD8uI8FfESOtIeR1n/NpQY9LXdp2J8  
gu8Zb2WITaVFMHMuXcWHn+PdDywpsmJyTtv8kVd3/c51KiAWnIW2efb1kmsOpY+h  
3igUWG00vfnixCvV1ghk5IHvY3e0QUtzinC5HVtcZqhBIP/ek5ZxXR328q69/gmf  
hWgT3HHWh0QMRBTwYhj09wWdVXz87zb3Pc/ZkoWEMWMNDdY00iV2OZW09HRzP+zq  
Qn8YBMHGX+yuX3SnOrjCYg1RXsn+Lev0iYz6gAHhuMTwmknCRAKhhvtmaeaOu43G  
jlMiS6mZWRbyzcAbKHjbw+PJXGF1M5WfMRjSSUsbQzcfiNKA3HDiHF/bXnZDFhPu  
Mo6nhgX1ofAUYUnbGMZnrE3uLm1Bw8tGS30lXjn+LxWO03c+94mS3xV1KslukCgA  
p0k1e+sPAEbOcNEuo+SE+HUnt+1zebfaSkdZPalJKunUeD29vjbUHQ7yE0eC/VXd  
YtppGvnZSFAcy0noOElvDHl0p2RcrJYZQeVjZMbWb6VqBMLfYGmzpLJGzU+IcHeC  
i153a+ArRi+4FmkBMne/wRg1SzfjlOSUZR2cbFCOkh70ugSU98VPJ0H5CHjiNxb3  
QSI16Q8647Ckn5pC5ctoFF/vY2o0ivJVS/K75f4/qv5JiLnk0KAGeG2RgAVuYeNk  
KOFlmlXluBY=1hXc  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2870-01

Red Hat Security Advisory 2023-2834-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, information leakage, out of bounds write, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: webkit2gtk3 security and bug fix update  
Advisory ID:       RHSA-2023:2834-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2834  
Issue date:        2023-05-16  
CVE Names:         CVE-2022-32886 CVE-2022-32888 CVE-2022-32923  
                   CVE-2022-42799 CVE-2022-42823 CVE-2022-42824  
                   CVE-2022-42826 CVE-2022-42852 CVE-2022-42863  
                   CVE-2022-42867 CVE-2022-46691 CVE-2022-46692  
                   CVE-2022-46698 CVE-2022-46699 CVE-2022-46700  
                   CVE-2023-23517 CVE-2023-23518 CVE-2023-25358  
                   CVE-2023-25360 CVE-2023-25361 CVE-2023-25362  
                   CVE-2023-25363  
====================================================================  
1. Summary:

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the  
GTK platform.

Security Fix(es):

* webkitgtk: use-after-free issue leading to arbitrary code execution  
(CVE-2022-42826)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2023-23517)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2023-23518)

* webkitgtk: buffer overflow issue was addressed with improved memory  
handling (CVE-2022-32886)

* webkitgtk: out-of-bounds write issue was addressed with improved bounds  
checking (CVE-2022-32888)

* webkitgtk: correctness issue in the JIT was addressed with improved  
checks (CVE-2022-32923)

* webkitgtk: issue was addressed with improved UI handling (CVE-2022-42799)

* webkitgtk: type confusion issue leading to arbitrary code execution  
(CVE-2022-42823)

* webkitgtk: sensitive information disclosure issue (CVE-2022-42824)

* webkitgtk: memory disclosure issue was addressed with improved memory  
handling (CVE-2022-42852)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-42863)

* webkitgtk: use-after-free issue leading to arbitrary code execution  
(CVE-2022-42867)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46691)

* webkitgtk: Same Origin Policy bypass issue (CVE-2022-46692)

* webkitgtk: logic issue leading to user information disclosure  
(CVE-2022-46698)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46699)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46700)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()  
(CVE-2023-25358)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer()  
(CVE-2023-25360)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()  
(CVE-2023-25361)

* webkitgtk: heap-use-after-free in  
WebCore::RenderLayer::repaintBlockSelectionGaps() (CVE-2023-25362)

* webkitgtk: heap-use-after-free in  
WebCore::RenderLayer::updateDescendantDependentFlags() (CVE-2023-25363)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 8.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2127468 - Upgrade WebKitGTK for RHEL 8.8  
2128643 - CVE-2022-32886 webkitgtk: buffer overflow issue was addressed with improved memory handling  
2140501 - CVE-2022-32888 webkitgtk: out-of-bounds write issue was addressed with improved bounds checking  
2140502 - CVE-2022-32923 webkitgtk: correctness issue in the JIT was addressed with improved checks  
2140503 - CVE-2022-42799 webkitgtk: issue was addressed with improved UI handling  
2140504 - CVE-2022-42824 webkitgtk: sensitive information disclosure issue  
2140505 - CVE-2022-42823 webkitgtk: type confusion issue leading to arbitrary code execution  
2150970 - Can't create Google account  
2156986 - CVE-2022-42852 webkitgtk: memory disclosure issue was addressed with improved memory handling  
2156987 - CVE-2022-42863 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156989 - CVE-2022-42867 webkitgtk: use-after-free issue leading to arbitrary code execution  
2156990 - CVE-2022-46691 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156991 - CVE-2022-46692 webkitgtk: Same Origin Policy bypass issue  
2156992 - CVE-2022-46698 webkitgtk: logic issue leading to user information disclosure  
2156993 - CVE-2022-46699 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156994 - CVE-2022-46700 webkitgtk: memory corruption issue leading to arbitrary code execution  
2167715 - CVE-2023-23518 webkitgtk: memory corruption issue leading to arbitrary code execution  
2167716 - CVE-2022-42826 webkitgtk: use-after-free issue leading to arbitrary code execution  
2167717 - CVE-2023-23517 webkitgtk: memory corruption issue leading to arbitrary code execution  
2175099 - CVE-2023-25358 webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()  
2175101 - CVE-2023-25360 webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer()  
2175103 - CVE-2023-25361 webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()  
2175105 - CVE-2023-25362 webkitgtk: heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps()  
2175107 - CVE-2023-25363 webkitgtk: heap-use-after-free in WebCore::RenderLayer::updateDescendantDependentFlags()

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
webkit2gtk3-2.38.5-1.el8.src.rpm

aarch64:  
webkit2gtk3-2.38.5-1.el8.aarch64.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el8.aarch64.rpm  
webkit2gtk3-debugsource-2.38.5-1.el8.aarch64.rpm  
webkit2gtk3-devel-2.38.5-1.el8.aarch64.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.aarch64.rpm  
webkit2gtk3-jsc-2.38.5-1.el8.aarch64.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.aarch64.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el8.aarch64.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.aarch64.rpm

ppc64le:  
webkit2gtk3-2.38.5-1.el8.ppc64le.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el8.ppc64le.rpm  
webkit2gtk3-debugsource-2.38.5-1.el8.ppc64le.rpm  
webkit2gtk3-devel-2.38.5-1.el8.ppc64le.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.ppc64le.rpm  
webkit2gtk3-jsc-2.38.5-1.el8.ppc64le.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.ppc64le.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el8.ppc64le.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.ppc64le.rpm

s390x:  
webkit2gtk3-2.38.5-1.el8.s390x.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el8.s390x.rpm  
webkit2gtk3-debugsource-2.38.5-1.el8.s390x.rpm  
webkit2gtk3-devel-2.38.5-1.el8.s390x.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.s390x.rpm  
webkit2gtk3-jsc-2.38.5-1.el8.s390x.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.s390x.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el8.s390x.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.s390x.rpm

x86_64:  
webkit2gtk3-2.38.5-1.el8.i686.rpm  
webkit2gtk3-2.38.5-1.el8.x86_64.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el8.i686.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el8.x86_64.rpm  
webkit2gtk3-debugsource-2.38.5-1.el8.i686.rpm  
webkit2gtk3-debugsource-2.38.5-1.el8.x86_64.rpm  
webkit2gtk3-devel-2.38.5-1.el8.i686.rpm  
webkit2gtk3-devel-2.38.5-1.el8.x86_64.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.i686.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.x86_64.rpm  
webkit2gtk3-jsc-2.38.5-1.el8.i686.rpm  
webkit2gtk3-jsc-2.38.5-1.el8.x86_64.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.i686.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.x86_64.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el8.i686.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el8.x86_64.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.i686.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-32886  
https://access.redhat.com/security/cve/CVE-2022-32888  
https://access.redhat.com/security/cve/CVE-2022-32923  
https://access.redhat.com/security/cve/CVE-2022-42799  
https://access.redhat.com/security/cve/CVE-2022-42823  
https://access.redhat.com/security/cve/CVE-2022-42824  
https://access.redhat.com/security/cve/CVE-2022-42826  
https://access.redhat.com/security/cve/CVE-2022-42852  
https://access.redhat.com/security/cve/CVE-2022-42863  
https://access.redhat.com/security/cve/CVE-2022-42867  
https://access.redhat.com/security/cve/CVE-2022-46691  
https://access.redhat.com/security/cve/CVE-2022-46692  
https://access.redhat.com/security/cve/CVE-2022-46698  
https://access.redhat.com/security/cve/CVE-2022-46699  
https://access.redhat.com/security/cve/CVE-2022-46700  
https://access.redhat.com/security/cve/CVE-2023-23517  
https://access.redhat.com/security/cve/CVE-2023-23518  
https://access.redhat.com/security/cve/CVE-2023-25358  
https://access.redhat.com/security/cve/CVE-2023-25360  
https://access.redhat.com/security/cve/CVE-2023-25361  
https://access.redhat.com/security/cve/CVE-2023-25362  
https://access.redhat.com/security/cve/CVE-2023-25363  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZGNwwdzjgjWX9erEAQi3tBAAjImojT9z/AQ07EueAkwPWY9qnR++Q8+p  
CVRVlNDkP/wfqxA1GthBBKCrholfiWqbk4HWgyoZCN/WaSD0T1I2asc/Y4bbBoc8  
U1+0blOxRvZrSKQin22U/XW2wS8xYqBQLRuokwB0VSYhG5H2Q+zVqMp1AncKmTFb  
hS9WLdX4e4JDp+WLgvSmr3uDSnAjp67oXdjxtPhE1Buf/MU8GpHfvmQPAFe50HAm  
kf50Zf8dQK2XgRgefNBKgNM/xXPOQI+dozNwyNV+XZxOlIQX5N+wyuRVsIWOrOPu  
KJkSSugX+FuVAYdNBY0sRxT5kmPao4jUqPPZ8gsHlySCOpRj18IAnuQwEfHoxZKf  
xbTlGkhHjqfsCm7M4s/iDuJPd1tiXAJCbxZpPqP5ky6n0qTAq3O65fwFHgp/uGZp  
8nmvkD3nuZhEk2GcCkAxUkIqpaYvLqHUX+sH7ujQ0tZNONOYTEVNsMQmCZqNkSVv  
CdAnDx4iwR2KtLKamRo5EIVA72lksLTNVz7dFZy497CMcapX5yR7E1c2ht11vQS0  
U0tYmvklWwTxqV9QGHnXblEWki631sOfO+Ku87INm5E75RGpzT8lc9LxHgwn4rV5  
KQ7/AGQWND349MlDqM6WP/B3JHzxSH/S3uMIlUvcNjqYwqSjv8sjU96SiZaEAtRp  
TrPuMTnh/ro=FlQx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#js