Red Hat Security Advisory 2023-2256-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, information leakage, out of bounds write, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: webkit2gtk3 security and bug fix update  
Advisory ID:       RHSA-2023:2256-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2256  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-32886 CVE-2022-32888 CVE-2022-32923  
                   CVE-2022-42799 CVE-2022-42823 CVE-2022-42824  
                   CVE-2022-42826 CVE-2022-42852 CVE-2022-42863  
                   CVE-2022-42867 CVE-2022-46691 CVE-2022-46692  
                   CVE-2022-46698 CVE-2022-46699 CVE-2022-46700  
                   CVE-2023-23517 CVE-2023-23518 CVE-2023-25358  
                   CVE-2023-25360 CVE-2023-25361 CVE-2023-25362  
                   CVE-2023-25363  
====================================================================  
1. Summary:

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the  
GTK platform.

Security Fix(es):

* webkitgtk: use-after-free issue leading to arbitrary code execution  
(CVE-2022-42826)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2023-23517)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2023-23518)

* webkitgtk: buffer overflow issue was addressed with improved memory  
handling (CVE-2022-32886)

* webkitgtk: out-of-bounds write issue was addressed with improved bounds  
checking (CVE-2022-32888)

* webkitgtk: correctness issue in the JIT was addressed with improved  
checks (CVE-2022-32923)

* webkitgtk: issue was addressed with improved UI handling (CVE-2022-42799)

* webkitgtk: type confusion issue leading to arbitrary code execution  
(CVE-2022-42823)

* webkitgtk: sensitive information disclosure issue (CVE-2022-42824)

* webkitgtk: memory disclosure issue was addressed with improved memory  
handling (CVE-2022-42852)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-42863)

* webkitgtk: use-after-free issue leading to arbitrary code execution  
(CVE-2022-42867)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46691)

* webkitgtk: Same Origin Policy bypass issue (CVE-2022-46692)

* webkitgtk: logic issue leading to user information disclosure  
(CVE-2022-46698)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46699)

* webkitgtk: memory corruption issue leading to arbitrary code execution  
(CVE-2022-46700)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()  
(CVE-2023-25358)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer()  
(CVE-2023-25360)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()  
(CVE-2023-25361)

* webkitgtk: heap-use-after-free in  
WebCore::RenderLayer::repaintBlockSelectionGaps() (CVE-2023-25362)

* webkitgtk: heap-use-after-free in  
WebCore::RenderLayer::updateDescendantDependentFlags() (CVE-2023-25363)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2127467 - Upgrade WebKitGTK for RHEL 9.2  
2128643 - CVE-2022-32886 webkitgtk: buffer overflow issue was addressed with improved memory handling  
2140501 - CVE-2022-32888 webkitgtk: out-of-bounds write issue was addressed with improved bounds checking  
2140502 - CVE-2022-32923 webkitgtk: correctness issue in the JIT was addressed with improved checks  
2140503 - CVE-2022-42799 webkitgtk: issue was addressed with improved UI handling  
2140504 - CVE-2022-42824 webkitgtk: sensitive information disclosure issue  
2140505 - CVE-2022-42823 webkitgtk: type confusion issue leading to arbitrary code execution  
2156986 - CVE-2022-42852 webkitgtk: memory disclosure issue was addressed with improved memory handling  
2156987 - CVE-2022-42863 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156989 - CVE-2022-42867 webkitgtk: use-after-free issue leading to arbitrary code execution  
2156990 - CVE-2022-46691 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156991 - CVE-2022-46692 webkitgtk: Same Origin Policy bypass issue  
2156992 - CVE-2022-46698 webkitgtk: logic issue leading to user information disclosure  
2156993 - CVE-2022-46699 webkitgtk: memory corruption issue leading to arbitrary code execution  
2156994 - CVE-2022-46700 webkitgtk: memory corruption issue leading to arbitrary code execution  
2167715 - CVE-2023-23518 webkitgtk: memory corruption issue leading to arbitrary code execution  
2167716 - CVE-2022-42826 webkitgtk: use-after-free issue leading to arbitrary code execution  
2167717 - CVE-2023-23517 webkitgtk: memory corruption issue leading to arbitrary code execution  
2175099 - CVE-2023-25358 webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()  
2175101 - CVE-2023-25360 webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer()  
2175103 - CVE-2023-25361 webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()  
2175105 - CVE-2023-25362 webkitgtk: heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps()  
2175107 - CVE-2023-25363 webkitgtk: heap-use-after-free in WebCore::RenderLayer::updateDescendantDependentFlags()

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
webkit2gtk3-2.38.5-1.el9.src.rpm

aarch64:  
webkit2gtk3-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-devel-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.aarch64.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.aarch64.rpm

ppc64le:  
webkit2gtk3-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-devel-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.ppc64le.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm

s390x:  
webkit2gtk3-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-devel-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.s390x.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.s390x.rpm

x86_64:  
webkit2gtk3-2.38.5-1.el9.i686.rpm  
webkit2gtk3-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.i686.rpm  
webkit2gtk3-debuginfo-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.i686.rpm  
webkit2gtk3-debugsource-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-devel-2.38.5-1.el9.i686.rpm  
webkit2gtk3-devel-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.i686.rpm  
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.i686.rpm  
webkit2gtk3-jsc-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.i686.rpm  
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.i686.rpm  
webkit2gtk3-jsc-devel-2.38.5-1.el9.x86_64.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.i686.rpm  
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-32886  
https://access.redhat.com/security/cve/CVE-2022-32888  
https://access.redhat.com/security/cve/CVE-2022-32923  
https://access.redhat.com/security/cve/CVE-2022-42799  
https://access.redhat.com/security/cve/CVE-2022-42823  
https://access.redhat.com/security/cve/CVE-2022-42824  
https://access.redhat.com/security/cve/CVE-2022-42826  
https://access.redhat.com/security/cve/CVE-2022-42852  
https://access.redhat.com/security/cve/CVE-2022-42863  
https://access.redhat.com/security/cve/CVE-2022-42867  
https://access.redhat.com/security/cve/CVE-2022-46691  
https://access.redhat.com/security/cve/CVE-2022-46692  
https://access.redhat.com/security/cve/CVE-2022-46698  
https://access.redhat.com/security/cve/CVE-2022-46699  
https://access.redhat.com/security/cve/CVE-2022-46700  
https://access.redhat.com/security/cve/CVE-2023-23517  
https://access.redhat.com/security/cve/CVE-2023-23518  
https://access.redhat.com/security/cve/CVE-2023-25358  
https://access.redhat.com/security/cve/CVE-2023-25360  
https://access.redhat.com/security/cve/CVE-2023-25361  
https://access.redhat.com/security/cve/CVE-2023-25362  
https://access.redhat.com/security/cve/CVE-2023-25363  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo08tzjgjWX9erEAQizzA//ZfzdltwdtCXIOyqB+fCYF071RAjvFVho  
gGI/whuz9NHfhE1rFBw/C4pwVbauyRLEb8woNd6YM1fjr8itYOcvO1oFp8VU5sVr  
pC87bfUitNVO2nuZ/tbcM8HAz30HqjEV63o8PEJlRVz44+kY5RVlRIO+1dqWImYc  
Tv39Cd3NYB1BVNKQXB+sHZa11aSdFoJsPmMDyP2CRR+/hc5rwfPtqMYf5Nuwkf5+  
M25FubVdNJKJOvaxrqvqmJ52kA6bzazo9mX1fYUahPUtiiQlp6O1x5WgP/AqsoO/  
ZXy2dWFu7kUlq9ATL0YbhDmNUZVbYVBajobmvFXXpLklvI0iothfcX8mQXsSvy1Y  
ZBYShGu88cpS+qrn7jOTmkjNIWHFNHlhJs1JUdZ6zkN1IkXTyI7jaOmxCC5/elac  
SrNTweI/G3zA2QosLwdJMpsSPi2EHU10S/SiSx8VZaehLgkkY0NRW77c4CdlPs5z  
5/JldynPytqNqSxxT/4kYprTyrR7JnL/6BL0oqOGK2+aAiJdWx9bwjm9SD4lOwOe  
QPZUtkL7GWRccAjagX8YFccoJu9nOdNSAObJyDYXVRS1rftqOdYn6RYU8FHHCCOv  
g0cWjH87k4AWBvavbA9DhpftLvEz1oDGnUfZks4/tJeWKAWI/wQDWK3xTjAx4qYD  
6EzZBUU3xAw=k7TK  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2256-01

Red Hat Security Advisory 2023-2367-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: containernetworking-plugins security and bug fix update  
Advisory ID:       RHSA-2023:2367-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2367  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-30629 CVE-2022-41717  
====================================================================  
1. Summary:

An update for containernetworking-plugins is now available for Red Hat  
Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The Container Network Interface (CNI) project consists of a specification  
and libraries for writing plug-ins for configuring network interfaces in  
Linux containers, along with a number of supported plug-ins. CNI concerns  
itself only with network connectivity of containers and removing allocated  
resources when the container is deleted.

Security Fix(es):

* golang: net/http: An attacker can cause excessive memory growth in a Go  
server accepting HTTP/2 requests (CVE-2022-41717)

* golang: crypto/tls: session tickets lack random ticket_age_add  
(CVE-2022-30629)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add  
2129076 - containernetworking-plugins bug fix and enhancement update [rhel-9.2.0]  
2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
containernetworking-plugins-1.2.0-1.el9.src.rpm

aarch64:  
containernetworking-plugins-1.2.0-1.el9.aarch64.rpm  
containernetworking-plugins-debuginfo-1.2.0-1.el9.aarch64.rpm  
containernetworking-plugins-debugsource-1.2.0-1.el9.aarch64.rpm

ppc64le:  
containernetworking-plugins-1.2.0-1.el9.ppc64le.rpm  
containernetworking-plugins-debuginfo-1.2.0-1.el9.ppc64le.rpm  
containernetworking-plugins-debugsource-1.2.0-1.el9.ppc64le.rpm

s390x:  
containernetworking-plugins-1.2.0-1.el9.s390x.rpm  
containernetworking-plugins-debuginfo-1.2.0-1.el9.s390x.rpm  
containernetworking-plugins-debugsource-1.2.0-1.el9.s390x.rpm

x86_64:  
containernetworking-plugins-1.2.0-1.el9.x86_64.rpm  
containernetworking-plugins-debuginfo-1.2.0-1.el9.x86_64.rpm  
containernetworking-plugins-debugsource-1.2.0-1.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-30629  
https://access.redhat.com/security/cve/CVE-2022-41717  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo1ntzjgjWX9erEAQii8w//RBP5bit9OiF3n2tn1Euwuz6ENQFoANTZ  
JONxDv2sS28yHyikWOs335v0FTNyqHKw7txTRflWHBzb+/chgeAjbBGWNXBUUsJU  
I9xf6iYgMa8Uu9+3NCZaDZvFjiXkeCy2/yPVnjkTpA1XKcMpbu+NP9AnzgLSOw0n  
+CQl1xt+jp6IY0uemlC+utIe9TW6iNafnvWcJ20/agHXhHVniwwb6ia3zY49CO1/  
ZWFLlvz63AKgGqsq2tuneuF8ZEzoxn4nQhqeYGoTLmeJ6OYuZ+zitghh/vGEinUa  
HcnmFDRiENUngXYFz5mSkC6e/si6/iUg3ZhRYQCQ0yJkdzub/Lp5aTXqwXcOmR5o  
6MyF51sxIIIdngoTWpLrZUqSOlUJFHlONwzAuzkNoRUhInunDnD2DYUN8YyHmpP8  
r0YTncPAUxwu0w/eHM5JNaN6owSCdBHffIK5pphpaUzwcyhpeeIgtFl+gSNPCrNw  
RHAgx2rzH6HjNd20PFBceRdFXLe1yM074cHPmnXXhrsV0KHzNiOsRrYR+G/7rsDu  
1rewsne4p8NDSLuMN6dLeaPO7uEwiDTttEgB+LbPLVMsp7sbLE+DNt8S9bVfpthk  
ywwtZ2yH5o4jq+maQHY07yAlAauvdYZvFFcRJMr3YaZh8XTmXBYEsJsSVnxGygeS  
G10VGQBbBlM=lDuv  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2367-01

Red Hat Security Advisory 2023-2370-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: unbound security update  
Advisory ID:       RHSA-2023:2370-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2370  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-3204  
====================================================================  
1. Summary:

An update for unbound is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux CRB (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The unbound packages provide a validating, recursive, and caching DNS or  
DNSSEC resolver.

Security Fix(es):

* unbound: NRDelegation attack leads to uncontrolled resource consumption  
(Non-Responsive Delegation Attack) (CVE-2022-3204)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2128947 - CVE-2022-3204 unbound: NRDelegation attack leads to uncontrolled resource consumption (Non-Responsive Delegation Attack)

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
unbound-1.16.2-3.el9.src.rpm

aarch64:  
python3-unbound-1.16.2-3.el9.aarch64.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.aarch64.rpm  
unbound-1.16.2-3.el9.aarch64.rpm  
unbound-debuginfo-1.16.2-3.el9.aarch64.rpm  
unbound-debugsource-1.16.2-3.el9.aarch64.rpm  
unbound-libs-1.16.2-3.el9.aarch64.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.aarch64.rpm

ppc64le:  
python3-unbound-1.16.2-3.el9.ppc64le.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.ppc64le.rpm  
unbound-1.16.2-3.el9.ppc64le.rpm  
unbound-debuginfo-1.16.2-3.el9.ppc64le.rpm  
unbound-debugsource-1.16.2-3.el9.ppc64le.rpm  
unbound-libs-1.16.2-3.el9.ppc64le.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.ppc64le.rpm

s390x:  
python3-unbound-1.16.2-3.el9.s390x.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.s390x.rpm  
unbound-1.16.2-3.el9.s390x.rpm  
unbound-debuginfo-1.16.2-3.el9.s390x.rpm  
unbound-debugsource-1.16.2-3.el9.s390x.rpm  
unbound-libs-1.16.2-3.el9.s390x.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.s390x.rpm

x86_64:  
python3-unbound-1.16.2-3.el9.x86_64.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.i686.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.x86_64.rpm  
unbound-1.16.2-3.el9.x86_64.rpm  
unbound-debuginfo-1.16.2-3.el9.i686.rpm  
unbound-debuginfo-1.16.2-3.el9.x86_64.rpm  
unbound-debugsource-1.16.2-3.el9.i686.rpm  
unbound-debugsource-1.16.2-3.el9.x86_64.rpm  
unbound-libs-1.16.2-3.el9.i686.rpm  
unbound-libs-1.16.2-3.el9.x86_64.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.i686.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 9):

aarch64:  
python3-unbound-debuginfo-1.16.2-3.el9.aarch64.rpm  
unbound-debuginfo-1.16.2-3.el9.aarch64.rpm  
unbound-debugsource-1.16.2-3.el9.aarch64.rpm  
unbound-devel-1.16.2-3.el9.aarch64.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.aarch64.rpm

ppc64le:  
python3-unbound-debuginfo-1.16.2-3.el9.ppc64le.rpm  
unbound-debuginfo-1.16.2-3.el9.ppc64le.rpm  
unbound-debugsource-1.16.2-3.el9.ppc64le.rpm  
unbound-devel-1.16.2-3.el9.ppc64le.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.ppc64le.rpm

s390x:  
python3-unbound-debuginfo-1.16.2-3.el9.s390x.rpm  
unbound-debuginfo-1.16.2-3.el9.s390x.rpm  
unbound-debugsource-1.16.2-3.el9.s390x.rpm  
unbound-devel-1.16.2-3.el9.s390x.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.s390x.rpm

x86_64:  
python3-unbound-debuginfo-1.16.2-3.el9.i686.rpm  
python3-unbound-debuginfo-1.16.2-3.el9.x86_64.rpm  
unbound-debuginfo-1.16.2-3.el9.i686.rpm  
unbound-debuginfo-1.16.2-3.el9.x86_64.rpm  
unbound-debugsource-1.16.2-3.el9.i686.rpm  
unbound-debugsource-1.16.2-3.el9.x86_64.rpm  
unbound-devel-1.16.2-3.el9.i686.rpm  
unbound-devel-1.16.2-3.el9.x86_64.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.i686.rpm  
unbound-libs-debuginfo-1.16.2-3.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-3204  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo1jdzjgjWX9erEAQiRrw/8Cvrk4GYwrrN9CtNDFUsmLEYxql+rGQ3k  
JxA6mx5iR4HKQKh/K3y0KPdgYA1STfiklbrCHdCZ3KXESR20fpWom9c57PpBC7dy  
JISRsi9AvvuRhhnKwQJj98ISfH6wewiANVUQJ7xr+mDCFUs3v/g+dgHGk9bcv80H  
ZdubIu6THogHlRX9sytcOKldXPMkTc6NVFhQG16TE4sJF//RHZaNbiRlJE0CKuwQ  
MZeFyHe2+Yh/s2mmv7qrcKRrWC1996quG/HjDv4qntLurllvKliB9UWIzPk7TBxk  
z+QyqMO6QV/A8hHjxDgjJ8nHanHAf0btXj6xzdDaM0TcaCIiYq0ExpLDAZot0+l+  
F37zkGlwlpMTwAdUXhAnikfP+kCty7/DHeHQ0HEsD3q9cmiNuiyMYtnppZ86ph3q  
hn2I60s269i3ZaY0ng4ijk46Je4Utvc3E2iQKXZIhNxaIYC6a4ZUqS7756ajTGt/  
90i0bHu0Ad9bEyrjkVJqZr/RXpoIXxIHMZdpt3K20Sf9s520c4zkZKaIN0iajlgX  
RfYBaMDVuo5aC5uLvSSqywIwGmu7wL6QTfDOIAQ6w6rVe0PRPPOrhfMUx9G2d5bO  
Ix8vmtXxvXoL5OIP/Vr02EeOsTSznlNmjJuKKpG9CieZ9j0nQ8/LvtsOlve+u+2b  
Olhp7onn0c0=boRT  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2370-01

Red Hat Security Advisory 2023-2165-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include double free, privilege escalation, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: edk2 security, bug fix, and enhancement update  
Advisory ID:       RHSA-2023:2165-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2165  
Issue date:        2023-05-09  
CVE Names:         CVE-2021-38578 CVE-2022-4304 CVE-2022-4450  
                   CVE-2023-0215 CVE-2023-0286  
====================================================================  
1. Summary:

An update for edk2 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - noarch  
Red Hat Enterprise Linux CRB (v. 9) - aarch64, noarch, x86_64

3. Description:

EDK (Embedded Development Kit) is a project to enable UEFI support for  
Virtual Machines. This package contains a sample 64-bit UEFI firmware for  
QEMU and KVM.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

* edk2: integer underflow in SmmEntryPoint function leads to potential SMM  
privilege escalation (CVE-2021-38578)

* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)

* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)

* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1960321 - CVE-2021-38578 edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation  
1983086 - Assertion failure when creating 1024 VCPU VM: [...]UefiCpuPkg/CpuMpPei/CpuBist.c(186): !EFI_ERROR (Status)  
2125336 - Please add edk2-aarch64 and edk2-tools to CRB in RHEL 9  
2132951 - edk2: Sort traditional virtualization builds before Confidential Computing builds  
2157656 - [edk2] [aarch64] Unable to initialize EFI firmware when using edk2-aarch64-20221207gitfff6d81270b5-1.el9 in some hardwares  
2162307 - Broken GRUB output on a serial console  
2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName  
2164487 - CVE-2022-4304 openssl: timing attack in RSA Decryption implementation  
2164492 - CVE-2023-0215 openssl: use-after-free following BIO_new_NDEF  
2164494 - CVE-2022-4450 openssl: double free after calling PEM_read_bio_ex  
2168046 - [edk2] BIOS Release Date string is unexpected length  
2174605 - [EDK2] disable dynamic mmio window

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm

noarch:  
edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm  
edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.noarch.rpm

Red Hat Enterprise Linux CRB (v. 9):

aarch64:  
edk2-debugsource-20221207gitfff6d81270b5-9.el9_2.aarch64.rpm  
edk2-tools-20221207gitfff6d81270b5-9.el9_2.aarch64.rpm  
edk2-tools-debuginfo-20221207gitfff6d81270b5-9.el9_2.aarch64.rpm

noarch:  
edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm  
edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.noarch.rpm  
edk2-tools-doc-20221207gitfff6d81270b5-9.el9_2.noarch.rpm

x86_64:  
edk2-debugsource-20221207gitfff6d81270b5-9.el9_2.x86_64.rpm  
edk2-tools-20221207gitfff6d81270b5-9.el9_2.x86_64.rpm  
edk2-tools-debuginfo-20221207gitfff6d81270b5-9.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-38578  
https://access.redhat.com/security/cve/CVE-2022-4304  
https://access.redhat.com/security/cve/CVE-2022-4450  
https://access.redhat.com/security/cve/CVE-2023-0215  
https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo0RNzjgjWX9erEAQg9NA/8DpTlXLXGvC02Zy7lUzgIfqQ3jT1yOsyS  
o8gP4PqZ2o2MthNJRM3WUq/oxobk4TMvDBTYaOTMF0N5gE7sFAM1gr8Jys4DknWn  
8NrruJ0ZvOF/5tzUC5KUqzu322o1oMGW/W4gmH8/DcPZLwrQjdWpuSVvIKaadnzw  
Ot9T6MHdalN0PaBnxVpu53G9gRLfQwRbXLu8FHBSlYxmiMjfPi2ki4Rg4FqKQrZ0  
BkfbZK17JmWxsYsI33e9d6DcRpPN8AxQrBN+rXv0WtzJClbQHi7qR9r5HAiTUIW6  
kChuaJXE79uglhAxtZllRWvPV2SfA5LDq75TUiHAC5rUoWBUqMi+hzpPhjNsGDz/  
QP7cTjpcs16cJlC7BGnN0NUEQr5fdYVOetJjJBv5wgCJGClmiDucrK9F/gNJIF+6  
SIiNQd+dje1dbbD//GxAot/WEiCrsxn2A5sGaWEyapeB8QJ6Js3is6EmpNc10LOt  
uSoko0yLttx7UJVzjkUTcH7PxpxaplBStcIAJi8Wj77nsAnrpiQORtNAGB0J+4rU  
pCb1XQlVSlgMlVfU+9jELIpvI8u7kkO1ss3sOaIvxTRycdXGgDXpX+IWQgNO732A  
4/R1FmdQNCKLm3XR03ukaYCFHMKLn3s2OqgZiAxWlO1+4VuGxyFd9bvwXCXoKuoa  
ZqW1JXNcdH8=Ml6L  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2165-01

Red Hat Security Advisory 2023-2366-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: emacs security and bug fix update  
Advisory ID:       RHSA-2023:2366-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2366  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-45939  
====================================================================  
1. Summary:

An update for emacs is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

GNU Emacs is a powerful, customizable, self-documenting text editor. It  
provides special code editing features, a scripting language (elisp), and  
the capability to read e-mail and news.

Security Fix(es):

* emacs: ctags local command execution vulnerability (CVE-2022-45939)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1979804 - emacs: portable dumper incompatible with 64K pages on aarch64  
2006856 - RPM inspection failure about hardening binaries  
2149380 - CVE-2022-45939 emacs: ctags local command execution vulnerability

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
emacs-27.2-8.el9.src.rpm

aarch64:  
emacs-27.2-8.el9.aarch64.rpm  
emacs-common-27.2-8.el9.aarch64.rpm  
emacs-common-debuginfo-27.2-8.el9.aarch64.rpm  
emacs-debuginfo-27.2-8.el9.aarch64.rpm  
emacs-debugsource-27.2-8.el9.aarch64.rpm  
emacs-lucid-27.2-8.el9.aarch64.rpm  
emacs-lucid-debuginfo-27.2-8.el9.aarch64.rpm  
emacs-nox-27.2-8.el9.aarch64.rpm  
emacs-nox-debuginfo-27.2-8.el9.aarch64.rpm

noarch:  
emacs-filesystem-27.2-8.el9.noarch.rpm

ppc64le:  
emacs-27.2-8.el9.ppc64le.rpm  
emacs-common-27.2-8.el9.ppc64le.rpm  
emacs-common-debuginfo-27.2-8.el9.ppc64le.rpm  
emacs-debuginfo-27.2-8.el9.ppc64le.rpm  
emacs-debugsource-27.2-8.el9.ppc64le.rpm  
emacs-lucid-27.2-8.el9.ppc64le.rpm  
emacs-lucid-debuginfo-27.2-8.el9.ppc64le.rpm  
emacs-nox-27.2-8.el9.ppc64le.rpm  
emacs-nox-debuginfo-27.2-8.el9.ppc64le.rpm

s390x:  
emacs-27.2-8.el9.s390x.rpm  
emacs-common-27.2-8.el9.s390x.rpm  
emacs-common-debuginfo-27.2-8.el9.s390x.rpm  
emacs-debuginfo-27.2-8.el9.s390x.rpm  
emacs-debugsource-27.2-8.el9.s390x.rpm  
emacs-lucid-27.2-8.el9.s390x.rpm  
emacs-lucid-debuginfo-27.2-8.el9.s390x.rpm  
emacs-nox-27.2-8.el9.s390x.rpm  
emacs-nox-debuginfo-27.2-8.el9.s390x.rpm

x86_64:  
emacs-27.2-8.el9.x86_64.rpm  
emacs-common-27.2-8.el9.x86_64.rpm  
emacs-common-debuginfo-27.2-8.el9.x86_64.rpm  
emacs-debuginfo-27.2-8.el9.x86_64.rpm  
emacs-debugsource-27.2-8.el9.x86_64.rpm  
emacs-lucid-27.2-8.el9.x86_64.rpm  
emacs-lucid-debuginfo-27.2-8.el9.x86_64.rpm  
emacs-nox-27.2-8.el9.x86_64.rpm  
emacs-nox-debuginfo-27.2-8.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-45939  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo05dzjgjWX9erEAQhkGRAAgZmPnfUrJiQ4GzGO6S4lCkXW3GzoKkjK  
y9oCf/p4x7myiOVCU/rbdTLZlfObBqxqRSbh3tMmucG3vUVf5aymNyqlIki8fgWb  
BXqaaM9K0jbtHOBwLpIWXi89Yaw2AfkxMiM9ZrdffCcOf3kdTDOwI46R3oYgbqf4  
yMZe5N9CSM7ZlhZkrzdfjL/9m1wGdHOl9ZNJp4ji0K+Zeb/hlUeHqKLbnX+Ag0mu  
QCnDDy7qm+ysNUYUjdFFs9SY43Ekaw1kayya6eQE0lUbUr32P6mmvw11so4QFV+g  
6iNtK85sQtI6z5czUYMNYZDBHvkKSR7NYlQZa4GCMr5KLcmXIAyNWw8dQLhOmnkO  
zZGoE+SkL0bkU4lqNNUso4AXaGUkVFASEuL+BlJd9dT/ouQoF2lXu11mpoyvkENT  
yVUXAIZbB8/Z5IymIWiyNrJ2iQjlxPtAFO08bFM2CIBkGH0g1IlTPQMhHezLKuzA  
WHWjKUo5bSowP5DMPtsrddSEob6oyVZ4hvofaMtKQQFxMMvIUoW4Coi/AzarUBJj  
fkzb7uMGfH67rm3zinxjqxnWJjk882ALxG1Zu5sFxvOTywRMGEcaVMXFbYjY0w/F  
JctAn7NovBq7ksK3XBnlOd8ydebuFwgkZ7YLTMBhwLZ26E7ziV5CHnJ2laRVOkVd  
7aMOi3Tm0Ts=+PB4  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2366-01

Red Hat Security Advisory 2023-2258-01 - Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: python-mako security update  
Advisory ID:       RHSA-2023:2258-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2258  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-40023  
====================================================================  
1. Summary:

An update for python-mako is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - noarch

3. Description:

Mako is a template library written in Python. It provides a familiar,  
non-XML syntax which compiles into Python modules for maximum performance.

Security Fix(es):

* python-mako: REDoS in Lexer class (CVE-2022-40023)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2128977 - CVE-2022-40023 python-mako: REDoS in Lexer class

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
python-mako-1.1.4-6.el9.src.rpm

noarch:  
python3-mako-1.1.4-6.el9.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-40023  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo1a9zjgjWX9erEAQjg2xAAnpA5yArOpLtmFEjZnmF184CoWcRXEFNM  
9PItWnF6enfIKu03bDla5NcqNp9Viel3uZIdw5jJK9FPP6kiqweBhlPySJ1qOusG  
RJImbd016jqnqsIjz3skIhnksQQrRbABDiBFs8gybE1EOQREaY3tPPa4EWe64+GI  
SAasYbEnGKWAI4c/poFk8afIbEMhMn4gtmT6Amy3x2HI5NRdASj7MOUxSWSVpMm+  
DQ/eShCak4v/WexdpWLYSRIx4evABAKCfXzqnhPfPIXQ2I5tobKEOZ/PPgQLSGjD  
fnw39pQf4SS5R2IhFKTaBGzhQzHd/6rBsk/ugKn76PvFLPRmL27Etd97nrEDBTTu  
d7W+hc5OkjeporwtQvx+gdNpC/5ARFw1sVYU2CGA4qnz+/QOqaVsIHHk7JmVZ23W  
giHPPwmGpEbr7pWNyVnzRnBiWaNyaLjQruA2lah1xcTbYx8U/cXbKe4F49Me3pf+  
j8sfr1TZRyb23crftQzHTlFeO0rxtawWFVHAKKTOEq0zWnQyjfoLVh1OuD/0UsJM  
BLLRjEf0XXfUyS79ssJ1xTvECUDMDD3Cr99QkbgsHpTDB7AFcthqJhmd2fi7H/rK  
mzMRtBtL5CTAoQ2CqlIV130rNMFf09mnfj/7P+zXc1zc9w4UgDUjWXBi+11zQbY+  
3D7CnC21l9c=sZZX  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2258-01

Red Hat Security Advisory 2023-2621-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: mysql security update  
Advisory ID:       RHSA-2023:2621-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2621  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-21594 CVE-2022-21599 CVE-2022-21604  
                   CVE-2022-21608 CVE-2022-21611 CVE-2022-21617  
                   CVE-2022-21625 CVE-2022-21632 CVE-2022-21633  
                   CVE-2022-21637 CVE-2022-21640 CVE-2022-39400  
                   CVE-2022-39408 CVE-2022-39410 CVE-2023-21836  
                   CVE-2023-21863 CVE-2023-21864 CVE-2023-21865  
                   CVE-2023-21867 CVE-2023-21868 CVE-2023-21869  
                   CVE-2023-21870 CVE-2023-21871 CVE-2023-21873  
                   CVE-2023-21874 CVE-2023-21875 CVE-2023-21876  
                   CVE-2023-21877 CVE-2023-21878 CVE-2023-21879  
                   CVE-2023-21880 CVE-2023-21881 CVE-2023-21882  
                   CVE-2023-21883 CVE-2023-21887 CVE-2023-21912  
                   CVE-2023-21917  
====================================================================  
1. Summary:

An update for mysql is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux CRB (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

MySQL is a multi-user, multi-threaded SQL database server. It consists of  
the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version:  
mysql (8.0.32). (BZ#2177731, BZ#2177732)

Security Fix(es):

* mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr  
2023) (CVE-2023-21912)

* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-21594)

* mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-21599)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21604)

* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-21608)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21611)

* mysql: Server: Connection Handling unspecified vulnerability (CPU Oct  
2022) (CVE-2022-21617)

* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-21625)

* mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct  
2022) (CVE-2022-21632)

* mysql: Server: Replication unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-21633)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21637)

* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-21640)

* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-39400)

* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-39408)

* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
(CVE-2022-39410)

* mysql: Server: DML unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21836)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21863)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21864)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21865)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21867)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21868)

* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21869)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21870)

* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21871)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21873)

* mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan  
2023) (CVE-2023-21875)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21876)

* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21877)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21878)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21879)

* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21880)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21881)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21883)

* mysql: Server: GIS unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21887)

* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023)  
(CVE-2023-21917)

* mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21874)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
(CVE-2023-21882)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be  
restarted automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

2142861 - CVE-2022-21594 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
2142863 - CVE-2022-21599 mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022)  
2142865 - CVE-2022-21604 mysql: InnoDB unspecified vulnerability (CPU Oct 2022)  
2142868 - CVE-2022-21608 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
2142869 - CVE-2022-21611 mysql: InnoDB unspecified vulnerability (CPU Oct 2022)  
2142870 - CVE-2022-21617 mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022)  
2142871 - CVE-2022-21625 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
2142872 - CVE-2022-21632 mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022)  
2142873 - CVE-2022-21633 mysql: Server: Replication unspecified vulnerability (CPU Oct 2022)  
2142875 - CVE-2022-21637 mysql: InnoDB unspecified vulnerability (CPU Oct 2022)  
2142877 - CVE-2022-21640 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
2142879 - CVE-2022-39400 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
2142880 - CVE-2022-39408 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
2142881 - CVE-2022-39410 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)  
2162268 - CVE-2023-21836 mysql: Server: DML unspecified vulnerability (CPU Jan 2023)  
2162270 - CVE-2023-21863 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162271 - CVE-2023-21864 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162272 - CVE-2023-21865 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162274 - CVE-2023-21867 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162275 - CVE-2023-21868 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162276 - CVE-2023-21869 mysql: InnoDB unspecified vulnerability (CPU Jan 2023)  
2162277 - CVE-2023-21870 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162278 - CVE-2023-21871 mysql: InnoDB unspecified vulnerability (CPU Jan 2023)  
2162280 - CVE-2023-21873 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162281 - CVE-2023-21874 mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023)  
2162282 - CVE-2023-21875 mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023)  
2162283 - CVE-2023-21876 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162284 - CVE-2023-21877 mysql: InnoDB unspecified vulnerability (CPU Jan 2023)  
2162285 - CVE-2023-21878 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162286 - CVE-2023-21879 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162287 - CVE-2023-21880 mysql: InnoDB unspecified vulnerability (CPU Jan 2023)  
2162288 - CVE-2023-21881 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162289 - CVE-2023-21882 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162290 - CVE-2023-21883 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)  
2162291 - CVE-2023-21887 mysql: Server: GIS unspecified vulnerability (CPU Jan 2023)  
2188110 - CVE-2023-21912 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2023)  
2188112 - CVE-2023-21917 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023)

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
mysql-8.0.32-1.el9_2.src.rpm

aarch64:  
mysql-8.0.32-1.el9_2.aarch64.rpm  
mysql-common-8.0.32-1.el9_2.aarch64.rpm  
mysql-debuginfo-8.0.32-1.el9_2.aarch64.rpm  
mysql-debugsource-8.0.32-1.el9_2.aarch64.rpm  
mysql-devel-debuginfo-8.0.32-1.el9_2.aarch64.rpm  
mysql-errmsg-8.0.32-1.el9_2.aarch64.rpm  
mysql-libs-debuginfo-8.0.32-1.el9_2.aarch64.rpm  
mysql-server-8.0.32-1.el9_2.aarch64.rpm  
mysql-server-debuginfo-8.0.32-1.el9_2.aarch64.rpm  
mysql-test-debuginfo-8.0.32-1.el9_2.aarch64.rpm

ppc64le:  
mysql-8.0.32-1.el9_2.ppc64le.rpm  
mysql-common-8.0.32-1.el9_2.ppc64le.rpm  
mysql-debuginfo-8.0.32-1.el9_2.ppc64le.rpm  
mysql-debugsource-8.0.32-1.el9_2.ppc64le.rpm  
mysql-devel-debuginfo-8.0.32-1.el9_2.ppc64le.rpm  
mysql-errmsg-8.0.32-1.el9_2.ppc64le.rpm  
mysql-libs-debuginfo-8.0.32-1.el9_2.ppc64le.rpm  
mysql-server-8.0.32-1.el9_2.ppc64le.rpm  
mysql-server-debuginfo-8.0.32-1.el9_2.ppc64le.rpm  
mysql-test-debuginfo-8.0.32-1.el9_2.ppc64le.rpm

s390x:  
mysql-8.0.32-1.el9_2.s390x.rpm  
mysql-common-8.0.32-1.el9_2.s390x.rpm  
mysql-debuginfo-8.0.32-1.el9_2.s390x.rpm  
mysql-debugsource-8.0.32-1.el9_2.s390x.rpm  
mysql-devel-debuginfo-8.0.32-1.el9_2.s390x.rpm  
mysql-errmsg-8.0.32-1.el9_2.s390x.rpm  
mysql-libs-debuginfo-8.0.32-1.el9_2.s390x.rpm  
mysql-server-8.0.32-1.el9_2.s390x.rpm  
mysql-server-debuginfo-8.0.32-1.el9_2.s390x.rpm  
mysql-test-debuginfo-8.0.32-1.el9_2.s390x.rpm

x86_64:  
mysql-8.0.32-1.el9_2.x86_64.rpm  
mysql-common-8.0.32-1.el9_2.x86_64.rpm  
mysql-debuginfo-8.0.32-1.el9_2.x86_64.rpm  
mysql-debugsource-8.0.32-1.el9_2.x86_64.rpm  
mysql-devel-debuginfo-8.0.32-1.el9_2.x86_64.rpm  
mysql-errmsg-8.0.32-1.el9_2.x86_64.rpm  
mysql-libs-debuginfo-8.0.32-1.el9_2.x86_64.rpm  
mysql-server-8.0.32-1.el9_2.x86_64.rpm  
mysql-server-debuginfo-8.0.32-1.el9_2.x86_64.rpm  
mysql-test-debuginfo-8.0.32-1.el9_2.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 9):

aarch64:  
mysql-debuginfo-8.0.32-1.el9_2.aarch64.rpm  
mysql-debugsource-8.0.32-1.el9_2.aarch64.rpm  
mysql-devel-8.0.32-1.el9_2.aarch64.rpm  
mysql-devel-debuginfo-8.0.32-1.el9_2.aarch64.rpm  
mysql-libs-8.0.32-1.el9_2.aarch64.rpm  
mysql-libs-debuginfo-8.0.32-1.el9_2.aarch64.rpm  
mysql-server-debuginfo-8.0.32-1.el9_2.aarch64.rpm  
mysql-test-8.0.32-1.el9_2.aarch64.rpm  
mysql-test-debuginfo-8.0.32-1.el9_2.aarch64.rpm

ppc64le:  
mysql-debuginfo-8.0.32-1.el9_2.ppc64le.rpm  
mysql-debugsource-8.0.32-1.el9_2.ppc64le.rpm  
mysql-devel-8.0.32-1.el9_2.ppc64le.rpm  
mysql-devel-debuginfo-8.0.32-1.el9_2.ppc64le.rpm  
mysql-libs-8.0.32-1.el9_2.ppc64le.rpm  
mysql-libs-debuginfo-8.0.32-1.el9_2.ppc64le.rpm  
mysql-server-debuginfo-8.0.32-1.el9_2.ppc64le.rpm  
mysql-test-8.0.32-1.el9_2.ppc64le.rpm  
mysql-test-debuginfo-8.0.32-1.el9_2.ppc64le.rpm

s390x:  
mysql-debuginfo-8.0.32-1.el9_2.s390x.rpm  
mysql-debugsource-8.0.32-1.el9_2.s390x.rpm  
mysql-devel-8.0.32-1.el9_2.s390x.rpm  
mysql-devel-debuginfo-8.0.32-1.el9_2.s390x.rpm  
mysql-libs-8.0.32-1.el9_2.s390x.rpm  
mysql-libs-debuginfo-8.0.32-1.el9_2.s390x.rpm  
mysql-server-debuginfo-8.0.32-1.el9_2.s390x.rpm  
mysql-test-8.0.32-1.el9_2.s390x.rpm  
mysql-test-debuginfo-8.0.32-1.el9_2.s390x.rpm

x86_64:  
mysql-debuginfo-8.0.32-1.el9_2.x86_64.rpm  
mysql-debugsource-8.0.32-1.el9_2.x86_64.rpm  
mysql-devel-8.0.32-1.el9_2.x86_64.rpm  
mysql-devel-debuginfo-8.0.32-1.el9_2.x86_64.rpm  
mysql-libs-8.0.32-1.el9_2.x86_64.rpm  
mysql-libs-debuginfo-8.0.32-1.el9_2.x86_64.rpm  
mysql-server-debuginfo-8.0.32-1.el9_2.x86_64.rpm  
mysql-test-8.0.32-1.el9_2.x86_64.rpm  
mysql-test-debuginfo-8.0.32-1.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-21594  
https://access.redhat.com/security/cve/CVE-2022-21599  
https://access.redhat.com/security/cve/CVE-2022-21604  
https://access.redhat.com/security/cve/CVE-2022-21608  
https://access.redhat.com/security/cve/CVE-2022-21611  
https://access.redhat.com/security/cve/CVE-2022-21617  
https://access.redhat.com/security/cve/CVE-2022-21625  
https://access.redhat.com/security/cve/CVE-2022-21632  
https://access.redhat.com/security/cve/CVE-2022-21633  
https://access.redhat.com/security/cve/CVE-2022-21637  
https://access.redhat.com/security/cve/CVE-2022-21640  
https://access.redhat.com/security/cve/CVE-2022-39400  
https://access.redhat.com/security/cve/CVE-2022-39408  
https://access.redhat.com/security/cve/CVE-2022-39410  
https://access.redhat.com/security/cve/CVE-2023-21836  
https://access.redhat.com/security/cve/CVE-2023-21863  
https://access.redhat.com/security/cve/CVE-2023-21864  
https://access.redhat.com/security/cve/CVE-2023-21865  
https://access.redhat.com/security/cve/CVE-2023-21867  
https://access.redhat.com/security/cve/CVE-2023-21868  
https://access.redhat.com/security/cve/CVE-2023-21869  
https://access.redhat.com/security/cve/CVE-2023-21870  
https://access.redhat.com/security/cve/CVE-2023-21871  
https://access.redhat.com/security/cve/CVE-2023-21873  
https://access.redhat.com/security/cve/CVE-2023-21874  
https://access.redhat.com/security/cve/CVE-2023-21875  
https://access.redhat.com/security/cve/CVE-2023-21876  
https://access.redhat.com/security/cve/CVE-2023-21877  
https://access.redhat.com/security/cve/CVE-2023-21878  
https://access.redhat.com/security/cve/CVE-2023-21879  
https://access.redhat.com/security/cve/CVE-2023-21880  
https://access.redhat.com/security/cve/CVE-2023-21881  
https://access.redhat.com/security/cve/CVE-2023-21882  
https://access.redhat.com/security/cve/CVE-2023-21883  
https://access.redhat.com/security/cve/CVE-2023-21887  
https://access.redhat.com/security/cve/CVE-2023-21912  
https://access.redhat.com/security/cve/CVE-2023-21917  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo2A9zjgjWX9erEAQivjA//VQxDSWYh7V9mx6KvxoAp4HvMiXXqONbt  
AzMad98uA79hBfmq9eLmohUaLxffi63pAjTkyYYrpwVHAqoTMmb9iWOKgfY6iWgV  
uKjn0aPPhhZkSRLqYFFsNAjSz31FrYVPV3BUip02bgRZNNqx2/RoPi59JIs1yP46  
+GyaCP1tw6yXcyJSXV+fEJPkXjByVkPW2o0ROJLHfvVP1x9+L5PHBagdkZqP28OJ  
zWjD3ktd+k6ablR+Mgsdxzhyjk7fimqPFCgqlCl/JzTylBXkxhNBp33IdJoAzvwd  
RMWvMiotfTP2CTuUMqyGE4UkCEfoxY+yNVJp0waoSpOhuAophkf32OI5Zsh+wg5c  
kH55+u6To2uCdvXuwr3mZWfK1Md4EisThnf2b/U+Dz6ED9joZhG2NxeiUe4kI8dC  
ZLHcYUdSJL/wI3qAfPYfGuOEXA2APaYfZgw7tQxWkvAO/r/DQ1cScS0uzkh6LVPe  
z8S4e/Eix30VPqefUAeR1gawfdd8wyAEa/oDRl+w9ZkFPv/mvIUbFYiC8E+jpIUq  
yjfys6hf9t+4BivhRIAFWicWsiaNhVymeSH22xzKD9oJKPZr8wnCMthamqkSFCC8  
n8ew1LOOsVKZ5hvN7zHjlyVcsPUAspfUk727/FW9Kts2oJaK3O0t4J5F4JGwz8LQ  
cfWIMaYqf6g=6uK9  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2621-01

Red Hat Security Advisory 2023-2260-01 - GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: gstreamer1-plugins-good security update  
Advisory ID:       RHSA-2023:2260-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2260  
Issue date:        2023-05-09  
CVE Names:         CVE-2022-1920 CVE-2022-1921 CVE-2022-1922  
                   CVE-2022-1923 CVE-2022-1924 CVE-2022-1925  
                   CVE-2022-2122  
====================================================================  
1. Summary:

An update for gstreamer1-plugins-good is now available for Red Hat  
Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

GStreamer is a streaming media framework based on graphs of filters which  
operate on media data. The gstreamer1-plugins-good packages contain a  
collection of well-supported plug-ins of good quality and under the LGPL  
license.

Security Fix(es):

* gstreamer-plugins-good: Potential heap overwrite in  
gst_matroska_demux_add_wvpk_header() (CVE-2022-1920)

* gstreamer-plugins-good: Heap-based buffer overflow in the avi demuxer  
when handling certain AVI files (CVE-2022-1921)

* gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using  
zlib decompression (CVE-2022-1922)

* gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using  
bz2 decompression (CVE-2022-1923)

* gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using  
lzo decompression (CVE-2022-1924)

* gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using  
HEADERSTRIP decompression (CVE-2022-1925)

* gstreamer-plugins-good: Potential heap overwrite in mp4 demuxing using  
zlib decompression (CVE-2022-2122)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2130935 - CVE-2022-1920 gstreamer-plugins-good: Potential heap overwrite in gst_matroska_demux_add_wvpk_header()  
2130949 - CVE-2022-1921 gstreamer-plugins-good: Heap-based buffer overflow in the avi demuxer when handling certain AVI files  
2130955 - CVE-2022-1922 gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using zlib decompression  
2130959 - CVE-2022-1923 gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using bz2 decompression  
2131003 - CVE-2022-1924 gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using lzo decompression  
2131007 - CVE-2022-1925 gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using HEADERSTRIP decompression  
2131018 - CVE-2022-2122 gstreamer-plugins-good: Potential heap overwrite in mp4 demuxing using zlib decompression

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
gstreamer1-plugins-good-1.18.4-6.el9.src.rpm

aarch64:  
gstreamer1-plugins-good-1.18.4-6.el9.aarch64.rpm  
gstreamer1-plugins-good-debuginfo-1.18.4-6.el9.aarch64.rpm  
gstreamer1-plugins-good-debugsource-1.18.4-6.el9.aarch64.rpm  
gstreamer1-plugins-good-gtk-1.18.4-6.el9.aarch64.rpm  
gstreamer1-plugins-good-gtk-debuginfo-1.18.4-6.el9.aarch64.rpm  
gstreamer1-plugins-good-qt-debuginfo-1.18.4-6.el9.aarch64.rpm

ppc64le:  
gstreamer1-plugins-good-1.18.4-6.el9.ppc64le.rpm  
gstreamer1-plugins-good-debuginfo-1.18.4-6.el9.ppc64le.rpm  
gstreamer1-plugins-good-debugsource-1.18.4-6.el9.ppc64le.rpm  
gstreamer1-plugins-good-gtk-1.18.4-6.el9.ppc64le.rpm  
gstreamer1-plugins-good-gtk-debuginfo-1.18.4-6.el9.ppc64le.rpm  
gstreamer1-plugins-good-qt-debuginfo-1.18.4-6.el9.ppc64le.rpm

s390x:  
gstreamer1-plugins-good-1.18.4-6.el9.s390x.rpm  
gstreamer1-plugins-good-debuginfo-1.18.4-6.el9.s390x.rpm  
gstreamer1-plugins-good-debugsource-1.18.4-6.el9.s390x.rpm  
gstreamer1-plugins-good-gtk-1.18.4-6.el9.s390x.rpm  
gstreamer1-plugins-good-gtk-debuginfo-1.18.4-6.el9.s390x.rpm  
gstreamer1-plugins-good-qt-debuginfo-1.18.4-6.el9.s390x.rpm

x86_64:  
gstreamer1-plugins-good-1.18.4-6.el9.i686.rpm  
gstreamer1-plugins-good-1.18.4-6.el9.x86_64.rpm  
gstreamer1-plugins-good-debuginfo-1.18.4-6.el9.i686.rpm  
gstreamer1-plugins-good-debuginfo-1.18.4-6.el9.x86_64.rpm  
gstreamer1-plugins-good-debugsource-1.18.4-6.el9.i686.rpm  
gstreamer1-plugins-good-debugsource-1.18.4-6.el9.x86_64.rpm  
gstreamer1-plugins-good-gtk-1.18.4-6.el9.i686.rpm  
gstreamer1-plugins-good-gtk-1.18.4-6.el9.x86_64.rpm  
gstreamer1-plugins-good-gtk-debuginfo-1.18.4-6.el9.i686.rpm  
gstreamer1-plugins-good-gtk-debuginfo-1.18.4-6.el9.x86_64.rpm  
gstreamer1-plugins-good-qt-debuginfo-1.18.4-6.el9.i686.rpm  
gstreamer1-plugins-good-qt-debuginfo-1.18.4-6.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1920  
https://access.redhat.com/security/cve/CVE-2022-1921  
https://access.redhat.com/security/cve/CVE-2022-1922  
https://access.redhat.com/security/cve/CVE-2022-1923  
https://access.redhat.com/security/cve/CVE-2022-1924  
https://access.redhat.com/security/cve/CVE-2022-1925  
https://access.redhat.com/security/cve/CVE-2022-2122  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFo06dzjgjWX9erEAQhrwQ//Ux/jfIsdlOlcSYh49YQrv5mmRH639gQE  
TVDDFz5x/9zRwuos1650/zyEs5SF3F9pBFgc8FeU9V2styVUuIYTgKtI3vYexa48  
LfoWcFZhVHNq60onLmoH/1TJsIdPA5Lvdmk2kqMn0+dA77CD9EAviilfWkTDp27F  
I1fTX0L0S8d7JZAscwMsrCefItv/5LG+tH2bN6ZokA21aV1RkLqaKylJdZj5+m2y  
dSyelBeEidfQTxaj9CNZftOrQjDziyW6JFVfQna2sOuz7ejOMUkfy25ZH145M9Y6  
0P7S71w+8FVk76AlrKE3qGyh0V13dfHTQpZW6cca4yzrKmoH2G4EDFHo0g9PrSwD  
eKFRmnJ6VNkyc4lgQT7G5ME1PsNYlRsX5WAUKWzT8RaIcxIWDr96UhoeKC2gYiaW  
wr/aOcBij0NZkdWN+9NbnXZqrwIRPTe8dOJpQpO9Nojsev4o7LZhWdS1z5C0xwsu  
wdPIlMofZ8/x01z39b/CVPsmESk0kefw7w5rwj+9XO2QcXwZkrshpZM8tMjhrMlF  
WyEOPPli2WpQfjco/jiMhV8cjKHSCHQSYPt67QZXtUFqD68P8AI1RhX9K7VhPVRo  
gOTkEsGxwqp2uLiTvYc7kElDjbKD/6nd52MANo4TR4aO2sZsTylCNeQ7I2bROhE4  
krFzi7LnE2s=IWWY  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2260-01

Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c.

How to trigger  
Compile the program with AddressSanitizer  
Run command $ ./sngrep -N -R -I $PoC  
Details  
ASAN report  
$./sngrep -N -R -I $PoC

    Dialog count: 0=================================================================
    ==974123==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fda5fffe9a0 at pc 0x00000049b787 bp 0x7fda5fff98d0 sp 0x7fda5fff9098
    READ of size 57344 at 0x7fda5fffe9a0 thread T1
        #0 0x49b786 in __asan_memcpy (/home/root/randomFuzz/sngrep/sngrep/sngrep_N_R_I/sngrep+0x49b786)
        #1 0x4dc7f1 in packet_set_payload /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/packet.c:147:9
        #2 0x4d1697 in parse_packet /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:430:9
        #3 0x7fda61bad466  (/lib/x86_64-linux-gnu/libpcap.so.0.8+0x23466)
        #4 0x7fda61b9bf67 in pcap_loop (/lib/x86_64-linux-gnu/libpcap.so.0.8+0x11f67)
        #5 0x4cf5c9 in capture_thread /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:1042:5
        #6 0x7fda61b6d608 in start_thread /build/glibc-SzIz7B/glibc-2.31/nptl/pthread_create.c:477:8
        #7 0x7fda61918132 in __clone /build/glibc-SzIz7B/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
    
    Address 0x7fda5fffe9a0 is located in stack of thread T1 at offset 20512 in frame
        #0 0x4d067f in parse_packet /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:321
    
      This frame has 3 object(s):
        [32, 20512) 'data' (line 333)
        [20768, 20772) 'size_capture' (line 337) <== Memory access at offset 20512 partially underflows this variable
        [20784, 20788) 'size_payload' (line 339) <== Memory access at offset 20512 partially underflows this variable
    HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
          (longjmp and C++ exceptions *are* supported)
    Thread T1 created by T0 here:
        #0 0x486a8c in pthread_create (/home/root/randomFuzz/sngrep/sngrep/sngrep_N_R_I/sngrep+0x486a8c)
        #1 0x4d712c in capture_launch_thread /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:1027:13
        #2 0x4efb9e in main /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/main.c:433:9
        #3 0x7fda6181d082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
    
    SUMMARY: AddressSanitizer: stack-buffer-overflow (/home/root/randomFuzz/sngrep/sngrep/sngrep_N_R_I/sngrep+0x49b786) in __asan_memcpy
    Shadow bytes around the buggy address:
      0x0ffbcbff7ce0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0ffbcbff7cf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0ffbcbff7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0ffbcbff7d10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0ffbcbff7d20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    =>0x0ffbcbff7d30: 00 00 00 00[f2]f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2
      0x0ffbcbff7d40: f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2
      0x0ffbcbff7d50: f2 f2 f2 f2 04 f2 04 f3 00 00 00 00 00 00 00 00
      0x0ffbcbff7d60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0ffbcbff7d70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0ffbcbff7d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Shadow byte legend (one shadow byte represents 8 application bytes):
      Addressable:           00
      Partially addressable: 01 02 03 04 05 06 07 
      Heap left redzone:       fa
      Freed heap region:       fd
      Stack left redzone:      f1
      Stack mid redzone:       f2
      Stack right redzone:     f3
      Stack after return:      f5
      Stack use after scope:   f8
      Global redzone:          f9
      Global init order:       f6
      Poisoned by user:        f7
      Container overflow:      fc
      Array cookie:            ac
      Intra object redzone:    bb
      ASan internal:           fe
      Left alloca redzone:     ca
      Right alloca redzone:    cb
    ==974123==ABORTING

CVE-2023-31981: [bug] sngrep stack buffer overflow · Issue #430 · irontec/sngrep

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c.

How to trigger  
Compile the program with AddressSanitizer  
Run command $ ./sngrep -N -R -I $PoC  
Details  
ASAN report  
$./sngrep -N -R -I $PoC

    Dialog count: 0=================================================================
    ==974271==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000080a0 at pc 0x0000004d385c bp 0x7f69535f92f0 sp 0x7f69535f92e8
    READ of size 2 at 0x6020000080a0 thread T1
        #0 0x4d385b in capture_packet_reasm_ip /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:678:49
        #1 0x4d0d09 in parse_packet /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:367:17
        #2 0x7f695522a466  (/lib/x86_64-linux-gnu/libpcap.so.0.8+0x23466)
        #3 0x7f6955218f67 in pcap_loop (/lib/x86_64-linux-gnu/libpcap.so.0.8+0x11f67)
        #4 0x4cf5c9 in capture_thread /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:1042:5
        #5 0x7f69551ea608 in start_thread /build/glibc-SzIz7B/glibc-2.31/nptl/pthread_create.c:477:8
        #6 0x7f6954f95132 in __clone /build/glibc-SzIz7B/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
    
    0x6020000080a0 is located 15 bytes to the right of 1-byte region [0x602000008090,0x602000008091)
    allocated by thread T1 here:
        #0 0x49c3cd in __interceptor_malloc (/home/root/randomFuzz/sngrep/sngrep/sngrep_N_R_I/sngrep+0x49c3cd)
        #1 0x4dbb59 in packet_add_frame /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/packet.c:123:19
        #2 0x4d31ee in capture_packet_reasm_ip /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:639:9
        #3 0x4d0d09 in parse_packet /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:367:17
        #4 0x7f695522a466  (/lib/x86_64-linux-gnu/libpcap.so.0.8+0x23466)
    
    Thread T1 created by T0 here:
        #0 0x486a8c in pthread_create (/home/root/randomFuzz/sngrep/sngrep/sngrep_N_R_I/sngrep+0x486a8c)
        #1 0x4d712c in capture_launch_thread /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:1027:13
        #2 0x4efb9e in main /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/main.c:433:9
        #3 0x7f6954e9a082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
    
    SUMMARY: AddressSanitizer: heap-buffer-overflow /home/root/FuzzDateset/sngrep/sngrep-1.6.0/src/capture.c:678:49 in capture_packet_reasm_ip
    Shadow bytes around the buggy address:
      0x0c047fff8fc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff8fd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff8fe0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff8ff0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff9000: fa fa 00 00 fa fa fd fa fa fa fd fa fa fa 00 00
    =>0x0c047fff9010: fa fa 01 fa[fa]fa fd fd fa fa 00 00 fa fa 01 fa
      0x0c047fff9020: fa fa 00 00 fa fa 01 fa fa fa 00 00 fa fa 01 fa
      0x0c047fff9030: fa fa 00 00 fa fa 01 fa fa fa 00 00 fa fa 01 fa
      0x0c047fff9040: fa fa 00 00 fa fa 01 fa fa fa 00 00 fa fa 01 fa
      0x0c047fff9050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff9060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
    Shadow byte legend (one shadow byte represents 8 application bytes):
      Addressable:           00
      Partially addressable: 01 02 03 04 05 06 07 
      Heap left redzone:       fa
      Freed heap region:       fd
      Stack left redzone:      f1
      Stack mid redzone:       f2
      Stack right redzone:     f3
      Stack after return:      f5
      Stack use after scope:   f8
      Global redzone:          f9
      Global init order:       f6
      Poisoned by user:        f7
      Container overflow:      fc
      Array cookie:            ac
      Intra object redzone:    bb
      ASan internal:           fe
      Left alloca redzone:     ca
      Right alloca redzone:    cb
    ==974271==ABORTING

Tag

#linux